News

Blog

Wednesday, February 1st, 2017

Cybersecurity Week in Review

Cybersecurity is something that is constantly changing due to the nature, speed and sophistication of attacks. We have put together a quick list of last week’s cybersecurity events.

LeakedSource

LeakedSource, one of the popular services providing information about data breaches has been closed down. Differently to a trusted and well known in the industry website, haveibeenpawned.com, LeakedSource discloses sensitive information about the breach to anyone willing to pay (which was probably a reason why authorities have been raiding the service). Troy Hunt – the creator of HIBP service never exposes sensitive information to the public (not just password/hashes but other things like the date of birth, mother’s family name, etc…), not even to “verified” owners of those data. Read Troy’s thoughts about the situation.

Antivirus

We always say that the AntiVirus software is more of a threat than it is help, if we speak of information security – we simply have faith in the software that it has security by design implemented. That’s exactly the problem: it does not. Last year’s discovery of vulnerabilities by Tavis Ormandy have put this trust in question and many AntiVirus software vendors have failed the test. Numerous security researchers fear the same when it comes to AntiVirus.

SSL Certificate

Another event that’s making the AV software less trustworthy is the arrest of Kaspersky Lab’s high-ranked employee.

Browser vendors are taking next steps to make the web more secure. It was said and now it’s done. The latest version of Chrome (56) will mark a website that uses Log In feature over non-HTTPS connection as Not Secure. Check out your browser and most importantly, check out your websites – the SSL certificates are now free, automated and open sourced so it’s really easy to implement them.

Security

Security is expensive, but it makes the money spent to improve security through penetration testing, vulnerability scans or managed services a good investment. This is an example of an attack price range: $200k for exploit on Apache web server as reward in Pwn2Own contest, $40k worth Facebook bug or approx $32k worth XSSes in latest Chrome found by Mariusz Młyński.

Even the recent US elections have received numerous mentions in the last weeks when it comes to cybersecurity. Numerous rumours are going around the cyber-enabled influence operations conducted during the 2016 U.S. elections. People are scared that Europe is next. Hank Thomas was giving an interview on RTERadio1 Drivetime on how the issue of hackers has become global. International information sharing will thwawrt malicious attempts. Hank is also one of the speakers at Zero Day Con (www.zerodaycon.com). Click here to listen to the radio interview

Contact Us

The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.

    Copyright Smarttech247 - 2021