ClickSSL Weekly InfoSec Snipper August 22, 2016

The Global Rate of Phishing is Snowballing

Cyren Cyberthreat report said that the global rate of phishing URLs jumped to 14% that comes to 4.44 million in first quarter of 2016. It is believed that if the trend continues then the days are not so far when it will cross 18 million levels in around upcoming 18 months. Attackers, security researchers and ISPs are taking half of current phishing sites down. There are one-fifth phishing pages lasts for two hours hardly while 40% phishing pages last for more than two days. The report said that chrome and Firefox browsers are rapid to detect phishing sites.

Social Blade has been hacked

Social Blade-an online platform that provides social media statistics has been hacked by attackers. However, the forum was running vBulletin v4.2.3 old software version. The records gained from main website contain 273,086 user records while the form database was of 13,009 user accounts. The dumped data includes email, IP address, username, user identifier and password. However, the main website passwords were secured with SHA512 algorithm while the forum passwords were secured with weak MD5 algorithm.

Chrome and Firefox Browsers suffered from URL spoofing Issue

Security researcher Rafay Baloch discovered that the URLs of chrome and Firefox browsers could be spoofed with a simple trick. Chrome and Firefox have patched this bug and Google rewarded the researcher for finding this bug. The bug relies on adjustment of browsers with written URLs with mixed Arabic and Roman characters. Phishers can take IP address, add Arabic characters in middle of the URL and add the website domain name at the end.

Cheap SSL

80% of Android Devices are vulnerable to CVE-2016-5696 Vulnerability

The University of California researchers have discovered vulnerability (CVE-2016-5696) the attackers send spoofed packets to both communication ends by getting their IP address and ports. Linux vulnerability has affected almost 80% android devices. This vulnerability allows attackers to hijack traffic, inject malware and can perform large attacks. Attackers target unencrypted traffic and tell users that the login session is expired and the user must provide login details.

80% of DNSSEC Servers can be exposed to DDoS Attacks

Neustar security firm revealed that nearly 80% of DNSSEC servers are wrongly configured that can be exposed to attackers for DDoS attacks. DNSSEC is used to verify DNS queries and is deployed to protect against DNS hijacking and DNS cache poisoning attack. The firm analyzed 1,349 domains that use DNSSEC and out of them 1,084, domains were vulnerable against DDoS attack. DNSSEC based DDoS attacks have amplification factor that starts from 28.9 to 217.2 that is quite huge compare to average amplification factor.

The University of Massachusetts received $5M Grant for Cyber Security

Massachusetts has announced $5 million grant allotted for cyber security that will boost cyber research and the computer technology of the University of Massachusetts. Commonwealth at the UMass Center in Springfield announced. Following this grant, the university earlier has been also given $15 million for 10 years grant by MassMutual insurance company for big data research along with cyber security operations.


We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.