The Global Rate of Phishing is Snowballing
Cyren Cyberthreat report said that the global rate of phishing URLs jumped to 14% that comes to 4.44 million in first quarter of 2016. It is believed that if the trend continues then the days are not so far when it will cross 18 million levels in around upcoming 18 months. Attackers, security researchers and ISPs are taking half of current phishing sites down. There are one-fifth phishing pages lasts for two hours hardly while 40% phishing pages last for more than two days. The report said that chrome and Firefox browsers are rapid to detect phishing sites.
Social Blade has been hacked
Social Blade-an online platform that provides social media statistics has been hacked by attackers. However, the forum was running vBulletin v4.2.3 old software version. The records gained from main website contain 273,086 user records while the form database was of 13,009 user accounts. The dumped data includes email, IP address, username, user identifier and password. However, the main website passwords were secured with SHA512 algorithm while the forum passwords were secured with weak MD5 algorithm.
Chrome and Firefox Browsers suffered from URL spoofing Issue
Security researcher Rafay Baloch discovered that the URLs of chrome and Firefox browsers could be spoofed with a simple trick. Chrome and Firefox have patched this bug and Google rewarded the researcher for finding this bug. The bug relies on adjustment of browsers with written URLs with mixed Arabic and Roman characters. Phishers can take IP address, add Arabic characters in middle of the URL and add the website domain name at the end.
80% of Android Devices are vulnerable to CVE-2016-5696 Vulnerability
The University of California researchers have discovered vulnerability (CVE-2016-5696) the attackers send spoofed packets to both communication ends by getting their IP address and ports. Linux vulnerability has affected almost 80% android devices. This vulnerability allows attackers to hijack traffic, inject malware and can perform large attacks. Attackers target unencrypted traffic and tell users that the login session is expired and the user must provide login details.
80% of DNSSEC Servers can be exposed to DDoS Attacks
Neustar security firm revealed that nearly 80% of DNSSEC servers are wrongly configured that can be exposed to attackers for DDoS attacks. DNSSEC is used to verify DNS queries and is deployed to protect against DNS hijacking and DNS cache poisoning attack. The firm analyzed 1,349 domains that use DNSSEC and out of them 1,084, domains were vulnerable against DDoS attack. DNSSEC based DDoS attacks have amplification factor that starts from 28.9 to 217.2 that is quite huge compare to average amplification factor.
The University of Massachusetts received $5M Grant for Cyber Security
Massachusetts has announced $5 million grant allotted for cyber security that will boost cyber research and the computer technology of the University of Massachusetts. Commonwealth at the UMass Center in Springfield announced. Following this grant, the university earlier has been also given $15 million for 10 years grant by MassMutual insurance company for big data research along with cyber security operations.
