ClickSSL Weekly InfoSec Snipper October 24, 2016

This entry is part 46 of 73 in the series Weekly Infosec Snipper

Mozilla Firefox-52 will launch TLS 1.3 Next Year

Mozilla is in mood to launch TLS 1.3 version on its upcoming version 52. The latest Firefox version will likely to launch on the next year. The new version will be the first version that will have TLS 1.3. Moreover, it will remove all unsecure cryptographic parameter and removes round trip of handshake latency. Currently, Mozilla has recently announced its version 49.0.2. However, Mozilla has added TLS 1.3 support in developer edition in Firefox version 49, which was launched in June 2016.

Dyn DNS service suffered from DDoS Attack

Dyn DNS service – a popular domain name system also suffered from DDoS attack. Users across the globe including Twitter, Spotify, Shopify, and SoundCloud have witnessed a downtime due to this attack. Dyn service does mapping of domain name to IP addresses means it resolves human readable web addresses against IP addresses. The attack started at 11.10 UTC and affected customers residing in the East Coast of the USA. However, the attacker is not identified who is responsible behind this DDoS attack.

The Cost of Crime in the UK is rising

According to GetSafeOnline research, UK economy faces loss of $11 billion in the last year that comes to average to $520 per victim. Moreover, 39% victims have not yet reported about the incident. Nearly 53% respondents received phishing emails and 10% reported about their email and social media hacking. There were 89% respondents were concerned about their online safety while 43% were found using same password for multiple accounts.

Cheap SSL

The US Secret Service suffers from lack of Data security

The Department of Homeland security office of Inspector General carried an audit and found severe security failure in The US Secret Service (USSS). The USSS staff was found careless in distributing and accessing sensitive information. Even the secret service was also having lack of protection to which the Master Central Index (MCI) data was sent. USSS access control policies were not updated since 2003. Around 5000 staff members had access the MCI system and the system had no option of auto logout after having specific inactive time.

UK banks were found with less security for their customers

According to “Consumer Right Group” research, half of UK banks have lack of two-factor authentication for their customers. The group tested security of total 11 banks out of which Lloyds Banking Group – Lloyds, Halifax and Bank of Scotland – plus Santander and TSB were on the last bottom of the ranking. Banks who is giving 2FA to customer does not make impact in terms of its usability. Overall, there were 3.6 million fraud cases registered in the last year.

London City is facing highest Ransomware Attack

In an interview held with Business Insider, a representative from Malwarebytes said that Employees working in London in the UK are receiving highest ransomware. Victims were being asked to pay in bitcoins to recover their data files. Once the victim pays the ransom amount, the attacker decrypts the data file. Even the situation is so awkward that banks are collecting bitcoins in order to pay ransom amount. Banks always keep 50-100 bitcoins ready in case of any ransomware attack. London has received around 10,000 ransomware attacks.

Series Navigation<< ClickSSL Weekly InfoSec Snipper October 17, 2016ClickSSL Weekly InfoSec Snipper October 31, 2016 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.