ClickSSL Weekly InfoSec Snipper March 21, 2016

This entry is part 15 of 73 in the series Weekly Infosec Snipper

Buhtrap Group has targeted Russian Banks

Russian banks are on target of Buhtrap attacker group by applying spear phishing technique. According to Russian security IB group report, such phishing mails contains word file that enable spyware infection. After accessing the PC system, spyware can open a backdoor, log keystrokes, change screen, steal clipboard data and perform malware installation. Around 21 Russian banks are on target of this malicious group. From August 2015 to February 2016, Buhtrap targeted around 13 Russian banks and stole 1.8 billion rubles. Once they get access, they replace original transaction with fake transaction that redirects money to own accounts.

Software bug were on rise in 2015

Security researcher Secunia in 2015 has found 16,081 vulnerabilities in around 2,484 software applications belonged to 263 vendors in its 2016 vulnerability review. If we compare the ratio with 2014 then there is 2% increase in vulnerabilities. Most critical bugs were categorized in less critical (45.6% ratio), moderately critical (25.5%), highly critical (13.3% ratio) and extreme critical (0.5%) bugs. There were 57% of bugs could be exploited from a remote network while 35% of bugs could be exploited from local network. The rest (8%) of exploits needs victim’s computer.

HTTPS and Encryption Usage is added in Google Transparency Report

Google has added a new section of HTTPS and encryption usage in Transparency Report. The new HTTPS section will give detail on the HTTPS support for Google products. The new section will also consider state of HTTPS support on Alexa top 100 sites including the result of periodical reports. Google HTTPS transparency has reported only 21 sites have perfect score like Yahoo, Facebook, Twitter, Tumblr, Reddit, etc. Google Transparency report offers certificate transparency checker to allow users to confirm the SSL certificate validity.

Cheap SSL

The USA and the Israel agreed on Cyber cooperation

According to Army technology, the US Department of Defense and Israeli Ministry of Defense have increased cyber defense cooperation between two nations. To boost cooperation on cyber issues, there was a meeting between US defense secretary and Israel defense minister to discuss the importance of the US-Israel defense relations, situation in the Middle East. The USA will also deploy he US National Guard’s cyber squadrons against ISIS.

Malvertising Campaign targeted famous websites

Security firms have discovered a malvertising campaign that has targeted famous websites with malicious ads. Famous sites like The New York Times, BBC, MSN, and AOL were victim of this campaign. Cyber culprits have used Angler Exploit kit to hijack the ad network and deliver ransomware to site visitors. This malicious campaign was first reported on Malware don’t need coffee, they have seen a spike in malicious traffic in a weekend. Cyber crooks used recently expired domain and bypassed security checks as the traffic over such domain appear legitimate.

Series Navigation<< ClickSSL Weekly InfoSec Snipper March 14, 2016ClickSSL Weekly InfoSec Snipper March 28, 2016 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.