ClickSSL Weekly InfoSec Snipper May 23, 2016

This entry is part 24 of 73 in the series Weekly Infosec Snipper

Japanese Government is forming ICPA to protect SCADA

According to Japan news report, Japanese government is planning to form a new government agency that will protect critical infrastructure against cyber-attacks. The new name of agency would be Industrial Cyber security Promotion Agency (ICPA) and it will start working in 2017 year and be ready by 2020 year. The ICPA personnel will have to protect SCADA (Supervisory Control And Data Acquisition) – modern industries including electricity, water, oil & gas, chemical and nuclear. The agency will jointly exercise with local universities and overseas agencies like US Department of Homeland Security on conducted research studies.

Nearly 33 Turkish Hospitals reported about Data breach

Turkish hospitals are now on target of anonymous hackers; they have leaked healthcare records from 33 hospitals and posted it online. The record file size is around 2-GB archive that included personal records of doctors and patients, server configuration data. However, health minister acknowledged that the database of hospitals resides in Diyarbakır, Siirt and Tekirdağ cities were affected. Currently the investigation is going on and no information was lost due to back-up mechanism.

New Random Number Generation in Encryption is discovered

Researchers of Texas universities have discovered a new algorithm that combines two sources of entropy for outcome of high random number. The new algorithm will consume less computational resource and boost encryption. The report named Explicit Two-Source Extractors and Resilient Functions regarding random number generation is aroused. The algorithm allows developers to get a high quality number by merging two low quality sources as most attackers target weak random number sequence and source.

Google has decided to Drop SSLv3 and RC4 Cipher

Google has announced to drop SSLv3 and RC4 cipher after June 16, 2016. SSLv3 and RC4 were obsolete systems and weak against attacks. The decision will affect SMTP server and Gmail’s web server. Users that are still using old cipher will have to follow suggested actions to avoid technical issues. Google has huge client base that have moved to new technology.

Cheap SSL

Near 68% of hacked website found with a backdoor

In Q1 2016 report, Sucuri researchers found hidden backdoor on 68% of websites out of total investigated websites. It means that two out of three compromised websites have secret backdoor that allow hackers to enter into a website. Sucuri analyzed around 11,485 sites out of which 4,900 sites were found infected with backdoor. The other threat categories included malware drive-by downloads, which was discovered on 60% of infected websites and SEO spam that was found on 32% of websites.

Websites use Audio Fingerprinting to track users

Researchers at Princeton University revealed that most browsers offer incognito feature for private browsing but, many websites use Audio Fingerprinting technique to track users’ every movement. Marketing and technology companies use the new technology and deliver targeted ads. Google is tracking users on around 80% of websites with different techniques. AudioContext API collects audio signals of each machine and uses it to find combination of browser and device. Third party trackers send low-frequency sounds to computer, assess the data processing, and create unique fingerprinting depends upon hardware and software capacity of the user computer.

Google Revealed about Allo & Duo messaging app

Google at I/O event revealed about Artificial intelligence based messaging apps called Allo along with AI bot Google Assistant. Besides, Google has also announced Duo – a video calling app that will also use end-to-end encryption. By this summer, Google will launch Allo and Duo. To use this app, users have to link their phone number and Gmail account. Besides chatting feature, the app will allow users to buy stuffs, smart replies, and plan events. AI bot with assistance of Google search engine will help users to reserve hotels and restaurants, find sports scores, etc. Allo application also offers end-to-end encryption, to use that feature user has to enable in incognito mode.

Google Announced about Instant App to avoid App Installation

Google is bringing Instant App feature that will get you rid of downloading apps. Google at I/O announced about Instant App that will allow users to tap on browser link that would land users on Android app without asking to install the app. For example, earlier time, if a user wished to book a ticket via app, he had to download the complete app. From now, Instant App feature will open only relevant part of an app within few seconds avoiding complete installation. To use this feature developers do not need to develop separate app but just have to upgrade their existing apps.

Series Navigation<< ClickSSL Weekly InfoSec Snipper May 16, 2016ClickSSL Weekly InfoSec Snipper May 30, 2016 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.