ClickSSL Weekly InfoSec Snipper March 14, 2016

This entry is part 14 of 73 in the series Weekly Infosec Snipper

Email Malware Rate is on rise, Symantec Intelligence says

On the base of Global Intelligence Network (GIN), that collects the data on malware, spam, phishing, web attacks and mobile & social media has come up with February Intelligence report. The report is saying that email malware rate is high with a ratio of one email in 125 emails. Spartan (24%) and Angler exploit kits (21.4%) were remained for responsible of web attacks. While Nuclear exploit kit was on third position with 6.6% ratio. Around 1749 web attacks were blocked per day in February month.

CryptoWall, Locky and TeslaCrypt are still dominating Ransomware

Fortinet came up with report by analyzing infected machines, know IPs and ransomware command, and control server. The report said that CryptoWall, Locky, and TeslaCrypt remained on top in ransomware categories. The report considered the exchanged traffic between the server and its infected machines. CryptoWall ransomware was seen on around 83.45% of all connections. CryptoWall is an old ransomware that avoids security detection and constantly updates itself. While Locky campaign was observed on 16.47% of, total 18.6 million connections.

Ear-based Authentication system is on the Way

Days are not so far when ear based login systems will knock your door. Scientists have made a biometrics-based authentication system that works on person’s ear and allow him to access sensitive information. Ear based authentication system is harder to bypass compare to fingerprints, eye scanners and other methods. Scientists have invented method that sends sound to person’s ear and measures it on base of echoes they receive. Thus, they covert such echoes response into digital signal and will work as a unique ID for a person. A company named NEC is working on this technology and assuring about 99% accuracy. The technology is an ideal for smartphone users as they have speakers and microphone for launch of signals.

Cheap SSL

Tor Users can be tracked via Fingerprinting technique

Jose Carlos Norte – an independent security researcher has invented technique to track Tor users on base of their fingerprints. The method of “user fingerprinting” track users in an unusual operation and get details of user behavior. Fingerprinting is a dangerous process for users as the method tracks data of users while surfing over the Tor Browser and then compares the data collected on a regular browser. However, the data in fingerprinting is not so reliable but it surely gives an initial point. Security researcher also published techniques on his blog, out of which two methods rely on scroll speed of a mouse and the speed at a user moves mouse cursor.

CVE-2016-0819 and CVE-2016-0805 affected earlier Android Version

TrendMicro revealed that a large amount of android devices could be exposed to security vulnerabilities. Attackers can get root access when users install third party apps on their device. Security researchers found two flaws on android device named CVE-2016-0819 and CVE-2016-0805. The root access allows attackers to perform activities like financial fraud and surveillance. The Qualcomm Snapdragon processor is at risk and affected billion devices. CVE-2016-0805 affects earlier android 4.4.4 version means Nexus 5, Nexus 6, Nexus 6P, and Samsung Galaxy Note Edge are susceptible as per Trend Micro report.

Google and Dell released DCEPT and VSAQ Security Tools

Dell and Google have introduced two security tools named DCEPT (Domain Controller Enticing Password Tripwire) and VSAQ (Vendor Security Assessment Questionnaire). DCEPT is a kind of honeypot server that detects cyber culprits that exploit local windows domain and Active directory setup. While VSAQ tool reflects on multiple aspects of vendor’s security and privacy strength. Both tools work under open source license and are available at GitHub repositories.

Series Navigation<< ClickSSL Weekly InfoSec Snipper March 7, 2016ClickSSL Weekly InfoSec Snipper March 21, 2016 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.