ClickSSL Weekly InfoSec Snipper July 18, 2016

Maxthon Browser collects Sensitive Information

Exatel and Fidelis Cyber security firms said in report that Maxthon browser collects sensitive information and sends it to the server. The feature named User Experience Improvement Program (UEIP) that collects analytic information about users’ usage of the browser. The browser gathers more information that it is required. The information includes OS version, screen resolution, CPU type, CPU speed, memory, ad blocker status, etc. the data sends over via ueipdat.zip file to the main server. But the CEO of Maxthon Community has expressed his opinion on Exatel findings.

US FDIC covered about breaches occurred in the Past

US FDIC (Federal Deposit Insurance Corporation) has been under cyber-attacks from china but the officials covered the fact for years. US House Committee on Science, Space and Technology has published a report and disclosed the fact regarding attacks on FDIC. FDIC suffered cyber-attacks in 2010, 2011, 2013. These breaches happened because of poor data handling. Around 12 (twelve) computers of FDIC officials were accessed for crucial information.

Majority of ICS Equipment found vulnerable, Kaspersky says

Kaspersky revealed fact about Internet available ICS (Industrial Control Systems) vulnerabilities. In 2015, Kaspersky found around 189 vulnerabilities and out of them 49% were of critical stage and 42% were of medium range. The ICS equipment types like HMI, SCADA, industrial network device, PLCs, were found vulnerable. There were 55 manufacturers like Siemens; Schneider Electric and Hospira whose devices were vulnerable. Vulnerable devices are located in Germany, Spain, France, and Canada. The affected devices are from major industries like aerospace, electricity, transportation, oil and gas, chemical, etc.

Cheap SSL

Ubuntu Online Forum hacked, but restored successfully

The Ubuntu Online Forum suffered from data breach and affected around 2 million users. The data of users includes IP address, usernames, email addresses was compromised. However, the hack was not influenced Ubuntu operating system. The forum service has been restored after necessary actions. There was add-on in which SQL injection vulnerability was unpatched that exposed the data. There were no active passwords accessed during the breach.

The US Government will not collect data from outside the USA Territory

Recently, the US government ordered that the USA government could not access the data of the data centers located outside the territory of the USA. The decision will limit the US government ability to gather foreign communication data. Even, Microsoft has won the case under State Communication Act. Microsoft welcomed the decision and told that people should have assurance about usage of their personal information.

DARPA announced about Hacking Challenge worth $2Million

DARPA (Defense Advanced Research Projects Agency) has come up with hacking challenge that will award $2M amount to potential winners. DARPA has chosen seven teams who will protect themselves and find issues without any human interaction. DARPA actually wants to build smart Artificial Intelligence System that will auto detect and patch issues in security system. The challenge will be taking place at DEF CON hacking conference. The winning team will have to build artificial system that can detect and finds own patches as well update them.

 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.