As the New Year has arrived, ClickSSL wishes a warm and prosperous new year to all of its readers who have made successful our sincere effort of bringing latest weekly cyber security news. In this Week, we have tried to cover most shocking cyber news that was viral in past two weeks. We hope that this current weekly Infosec snipper will help you to get insight of interesting cyber world.
BBC Services suffered from DDoS Attack
A new year seemed not good for BBC services as hackers brought down BBC website and iPlayer video platform via DDoS attack. The attack begun at 7.00 AM GMT and lasted for few hours. However, the BBC services are now restoring at a slow pace. It is obvious that BBC remains always in news due to controversial stories that had made the services victim of DDoS attack in previous years. Attackers manipulated iPlayer database as a result, other associated services also turned vulnerable.
Twitter joins Facebook regarding usage of SHA-1 Algorithm
Twitter has also urged the CA/B forum regarding issue of SHA-1 algorithm. Facebook and CloudFlare raised the issue, which was brought into notice to CA/B forum. According to CloudFlare there are still 37 million devices using old devices and browser, which are incapable of handling SHA-2 certificates. Twitter also joined this initiative because there are 3 to 5% users still us outdated devices and browsers.
Rutgers University Suffered from DDoS Attack
Rutgers University is again under large scale DDoS attack that has made university system down for continuous four days. The system remained inactive between December 24 and December 28, 2015. Earlier, Rutgers University had also faced four similar attacks during end of March 2015 and starting of May 2015. Because of Christmas holiday, students’ information was not affected during this attack. According to NJ.com, Rutgers University has spent $3 million to boost the security of online platform, which was failed against in this recent DDoS attack.
Malicious AVG Web Tuneup Chrome Extension can access browsing history
While installing AVG antivirus, users are facing issue of the AVG Web TuneUp Chrome extension. The extension compellingly was added to chrome browser that allows attackers to capture user’s browsing history, cookies and other details. Google Project Zero researcher Tavis Ormandy discovered the vulnerability. The extension was listed on Chrome Web Storage page and vulnerable to XSS attacks. Few custom JavaScript APIs were added to chrome by the extension that caused security issues.
China Government will now have encrypted data due to Anti-Terrorism Law
China has approved anti-terrorism law, which removes backdoor clause and allows the Chinese government to access encrypted messages of national and international companies. The law forces companies to decode the data if it is related to category of terrorism. With this law, Chinese military can perform anti-terrorism attack outside the country’s border. The Beijing government pressurizes companies to remove backdoor from their products otherwise; they may lose clients and business.
Employees take company sensitive files when leaving the company
Biscom – a file security service carried out research states that one in four employees carry official data while leaving the office. They have no fear of taking back sensitive information while moving to another job. 25% respondents also take other employees’ files with them. While 15% respondents were in favor to take files if they were fired or laid off. There were 85% respondents have no regret of stealing company files and data.
Four Antivirus products are on top in Real Time Threat Detection
AVTEST carried out a report on real time threat detection of top antivirus products by putting 25 android security apps for testing. The report revealed that Bitdefender, ESET, Qihoo 360 and Sophos were successful in identifying real time threats. AVTEST tested these apps on preset of 20K malware specimens at Android Lollipop 5.1.1 devices. The good news is none of these apps scored below 95% in real time threat and reference set tests. Besides, the company also considered other features like battery draining, CPU load, bandwidth usage, false positive alerts, etc.
Hyatt Hotel faced Data Breach on PoS system
Hyatt Hotel has faced data breach caused on PoS system due to malware infection. The data breach affected customers’ financial data but the hotel did not disclose elaborated details about the breach. Hyatt spokesperson said customers to check their statement on regular base for false or unauthorized charges. The hotel authority said that they would strengthen their system security. The breach also affected the hotel chains, which is spread in 52 countries.
Australian Government advised users to turn off 2FA
Australian Government told users to turn off 2FA (two factor authentication) during abroad travel. The advice comes from myGov, which is an Australian government’s online portal; the admin also posted this advice on twitter account. As 2FA is an extra layer of security and users generally, change their sim card during visiting other country. Therefore, persons who want to use myGov portal will not be able to receive the SMS code while visiting out of Australia.
Downloading from Torrent can put companies at Risk
BitSight brought a report, states that around 25% of company employees secretly download torrent files. These files have dangerous malware that can put company security at risk. The report has collected data from 30700 companies and out of 23% of these companies; BitSight saw Peer-to-Peer (P2P) activity. This P2P activity was prohibited by internal company policies to avoid copyright infringement and malware infections. BitSight observed that 39% of games and 43% of applications stored on torrent portals were malicious.
Yahoo will notify users of State Sponsored Attack Warning Alert
Yahoo will support to users about an alert system for state sponsored attack found on the account. Google, Facebook and Twitter are already sending notification to their users about such kind of attack done on users’ account. Yahoo posted few checksum that a user has to perform while receiving such notification. The primary action for users is to enable 2FA (two factor authentication) for their accounts and changing their account password. Users are being asked to perform security audit by checking account recovery option. However, Yahoo told users to stay calm, as such, notice does not mean that the account is compromised but targeted by attackers.
