Maritime Cyber Digest

Love It or Hate It, Black Friday is Here!

‘Black Friday’, the day after the US holiday of Thanksgiving, is widely regarded as the first day of the Christmas shopping season. Although for many years this was largely regarded as an American phenomenon, the day has become increasingly prominent in the UK and is symbolised by retailers releasing pre-Christmas offers and thousands of consumers scrambling online to find the best deals.

From a cyber perspective, Black Friday is also regarded as a prime time for cyber criminals. Get Safe Online (, the government-backed internet safety initiative, have warned that cyber criminals are most likely to target potential victims on Black Friday and Cyber Monday (the Monday immediately following Black Friday) due to the increased online activity.

Although we advise our customers to remain vigilant at all times of the year, during the festive season we encourage online users to be extra cautious and consider the following threats…

Let’s Face It, Apple Have Authentication Issues…

With the Christmas shopping season upon us and many people considering buying new technology, the last thing Apple needs is question marks over the security of one of its flagship devices: the iPhone X. A key selling point for the new phone is the innovative Face ID authentication, so inevitably, there has been a scramble for security researchers to prove themselves and demonstrate how to circumvent the phone’s security.

A Vietnamese security firm, Bkay, claims to have done just that and have released a blog and video demonstrating how they have managed to crack the iPhone X’s face recognition. Their researchers say they were able to achieve it using a relatively basic 3D-printed mask; little more than a sculpted silicone nose, some two-dimensional eyes and lips printed on paper.

In another blow to Apple, a 10-year-old boy has also posted a video of himself unlocking his mother’s new iPhone X…

Click here to read more
1, 2, 3, 4, 5, Google Caught a Phish Alive


A recent study by Google has revealed the ways in which email and other accounts are commonly hijacked by cyber criminals. Over a 12-month period, the company analysed log-in and harvested account data found on websites and criminal forums.

The research revealed that more than 78,000 credentials had been stolen via keyloggers, 12 million grabbed via phishing scams, and 1.9 billion from company breaches. Interestingly, the most useful information came from keyloggers and phishing attacks as these included valid passwords in 12-25% of attacks…

Click here to read more

Hidden Cobra Bites Back!

The FBI and US Homeland Security have issued an alert about a new strain of malware infecting American corporate systems and stealing sensitive data. The remote access trojan (RAT), dubbed Fallchill, is the work of a North Korean hacking group called Hidden Cobra, which some at the US Computer Emergency Readiness Team (US CERT) believe was responsible for the WannaCry ransomware outbreak earlier this year…

Businesses are being urged to remove Fallchill as “the highest priority.”  A published a list of IP addresses of public-facing machines infected by the software is available via the alert here or direct from the US-CERT website.

Click here to read more

Maritime Cyber updates are just one of a number of complimentary unique services Halcyon can deliver click here for more information