ClickSSL Weekly InfoSec Snipper May 16, 2016

This entry is part 23 of 73 in the series Weekly Infosec Snipper

WhatsApp launched Desktop Version

A leading messaging application WhatsApp has launched desktop version for both windows and mac platform. Earlier, WhatsApp has launched a web client that can run through your browser that allows a user to run WhatsApp on the desktop. The new desktop version is applicable for windows 8+ and Mac OS 10.9+ version. As per the company’s discourse, the web client and the desktop version are similar in function. WhatsApp desktop version will support synchronization of conversations and messages, keyboard shortcuts and desktop notification.

Nulled.io suffered from Data breach

Nulled.io – an underground hacking forum was breached last week. It is believed that anonymous has hacked the forum and downloaded 1.3GB tar archive data file. When the data file is extracted, it resulted into a 9.45 GB db.sql file. According to Risk Based Security statement, the database included details of user accounts, private messages, VIP forum posts and financial transactions. Precisely, the data included around 536,064 user accounts, 800,593 user’s messages, 5,582 purchase records, and 12,600 invoices.

US Congress banned Yahoo Mail temporarily

System Admin for the House of Representatives have banned the use of Yahoo mail service on temporary base. The reason to do so is the inability of Yahoo mail service in detecting mass phishing attacks which are distributing ransomware. As per Gizmodo report, ransomware has infected at least one computer and IT department has isolated it before it is outspread. Phishers who claimed to be known senders had sent phishing mail by using free email service of Yahoo and Gmail services. Such emails included malicious JavaScript files inside ZIP file attachment.

One in four businesses is using old IE browser

Duo security firm has revealed that one in four businesses is using old Internet Explorer version that could expose business to number of vulnerabilities. Even half of devices in offices are running on Microsoft XP operating system. On other side, four out of five chrome users updated their browsers. The report showed that 66% Firefox users use updated browser while safari and IE/Edge users stood at 49% and 58% ratio. The company has also analyzed browser plugins and found that 40% of flash were up to date while 28% Java plug-ins found update.

Cheap SSL

Malicious ads hit Google’s blogspot

Malicious ads are now targeting Google’s BlogSpot. According to Malwarebytes report, there was a set of ads delivered via the PLYmedia platform. Malicious ads were redirected users to pages hosted by Angler exploit kit and adult websites. Even Virus bulletin has also observed malicious traffic on blogspot that shows a warning error along with telephone number and requested users to call for Microsoft technicians regarding issue.

FTC carried out research on security practice of Mobile devices

The Federal Trade Commission (FTC) has carried out an investigation about current security practices in mobile devices. The FTC sent a letter to the companies (Apple, Blackberry, HTC American, LG Electronics USA, Microsoft, Motorola mobility and Samsung Electronics USA) to get permission to know about security level of mobile devices. Companies were asked questions about security operations of their mobile devices, especially patch level for mobile OS. The motto of this research was to understand the mobile security landscape from manufacturer’s viewpoint.

Google’s third party vendor suffered from Data Breach

A third party vendor of Google that provides benefits management service suffered from data breach. Google also sent notification to employees about data breach. An employee of third party vendor sent an email with private information of Google employee to wrong person unknowingly. The email contained undisclosed number of Google’s staff names and SSN. However, Google has investigated the issue and ensured that no misuse or abuse was done. Google has arranged three years identity protection and credit monitoring service to affected employees at free of cost.

Twitter Ended contract with Dataminr for Real time Data Analysis

Twitter has blocked US intelligence agency to track real time content analysis that is posted online. Twitter was taking service from Dataminr company that does real time analysis of twitter feeds and alerts about threat attack. US intelligence however, got access to the Dataminr service in which Twitter has 5% stake. However, Twitter has policy regarding banned on third party surveillance therefore, Twitter does not want to continue with Dataminr that provides data to spy agencies.

Series Navigation<< ClickSSL Weekly InfoSec Snipper May 9, 2016ClickSSL Weekly InfoSec Snipper May 23, 2016 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.