ClickSSL Weekly InfoSec Snipper April 3, 2017

This entry is part 68 of 73 in the series Weekly Infosec Snipper

Telegram Is Now Having End-To-End Encryption On Voice Calls

Telegram – a messaging app is now moving finally to end-to-end encryption. From now, its voice conversions are also covered with encryption. The company introduced new verification process through emojis. During verification process, the caller and the receiver have to compare four emojis over the phone to make secure connection. Now, Telegram is also in race of call capabilities along with WhatsApp, Facebook, and Viber. In case of lacking of P2P connection, Telegram allows nearest server to accelerate the connection.

Dutch Parliament Website Faced Ransomware Attack

Dutch Parliament faced ransomware attack and hackers were managed to encode some files before the authority recognized it. Dutch parliament is not revealing anything about the attack but they tweeted about the attack. Meanwhile, an internal email was sent to parliament members about ransomware in the system. The incident was rectified before IT specialist begun replacing process of encoded files. Dutch websites ago were made victim of attacks.

Cyber Criminals Are Getting Audacious, Says IBM Report

According to IBM’s 2017 X-Force Threat Intelligence Index report, there were 4 million records were leaked in 2016. Besides, around 10,000 software vulnerabilities were found and it is highest number in the last 20 years. The spam rate was increased up to 400% in 2016 out of these emails, 44% messages contained malicious attachments. There were hundreds of gigabytes of email archives, documents, and source codes were targeted.

Cheap SSL

Around 3.7 M Voter Data Stolen From Hong Kong Electoral Office

Two computers that contained 3.7 M voter data have been stolen from a locked room at the AsiaWorld-Expo on Lantau. The data included ID card numbers, addresses, contact numbers. Moreover, the data included 1200 electors on the Election Committee. The police is investigating in the matter and they believed that there is no data leaked so far. It is believed that these stolen data will be available on dark web soon.

Verizon Was Found Collecting Users’ Data

Verizon planned to pre-install ‘Spyware’ on customer’s android device to collect personal data. Verizon partnered with Evie Launcher for new app called “AppFlash”- that is a search bar and it is preinstalled on Verizon mobile devices. This app helps users to find apps and web content on device. However, the app was found to collect data like searches,handset data, apps data, etc. Users were not able to uninstall this app until they root their phone.

Around 8.3 Million Website Got Affected With IIS 6.0 Vulnerability

The IIS 6.0 was found affected with CVE-2017-7269 vulnerability and it has made 8M websites infected across the world. The vulnerability was in WebDAV service in Windows Server 2003 R2’s IIS 6.0. It allowed attackers to perform denial of service or run arbitrary code. It happened due to improper validation of an IF header in a PROPFIND request. However, this vulnerability will not affect newer version of IIS.

Series Navigation<< ClickSSL Weekly InfoSec Snipper March 27, 2017ClickSSL Monthly InfoSec Snipper April 24, 2017 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.