Weekly Security Roundup #24: Software Flaws & Netizens’ Digital Rights
Cyber security is always a hot topic for the people who work in the industry, but it’s becoming increasingly important for the public agenda as well.
This has happened because cyber attacks have not only multiplied by the numbers, but they also grew in intensity and diffusion. It’s not something new, but the pace is accelerating, which is why we should be prepared, both as individuals, and as companies, to cope with security breaches that, at this point, seem very likely to happen.
That is exactly why we’re trying to provide as much actionable advice as possible, that can help you increase your protection and get some peace of mind. This week we recommended 9 free encryption tools to protect your data, and we also put together a corporate security checklist that CEOs can use to see what else they could do to shield their assets from cyber criminals.
For someone who is not involved in the cyber security industry, it might be difficult to navigate the news and read what really matters, so that’s why we compile a weekly list of 10 must-read articles that can help you improve your protection online. Here are this week’s picks:
Security articles of the week
Symantec made the discover, and now this new breed of malware is targeting energy companies from countries in the Middle East, the U.S., India, the U.K., and others. The Trojan spreads via emails with malicious documents attached, which, once downloaded, exploit a 3 years old Microsoft Office vulnerability!
2. Looking back on Stuxnet’s evolution, it turns out that it didn’t influence security policies as much as it should have
Stuxnet was one of those industry-changing events for cyber security and companies worldwide. It influenced change in cyber defense systems across industries and enforced new methodologies for cyber defense. But, as it turns out, it wasn’t as convincing an event as it should have been.
This correlates to the lack of visible change in people’s behavior after the Snowden revelations. But the question is: what does it take for us to change our ways when it comes to cyber security and go from knowing what is right to doing what is right for our protection?
A whopping 30% of companies admit that they would pay ransom to cyber criminals if they should become victims of malware. Coupled with the lack of reporting cyber attacks, we have yet to see a clear image of the size and severity of cyber attacks across organizations. You may find some useful advice on the matter from learning how security pros deal with cybercrime extortion.
A staggering 5% of people who visit Google sites have at least one ad injector installed. Within that group, half have at least two injectors installed and nearly one-third have at least four installed. And in this context, you should also know that the SWF iFrame injector is evolving.
The growing number of hackers, their ever more sophisticated tactics, interconnected apps, and the huge number of devices and systems embedded into all of your organization are just some of the challenges that you should address if you want to really protect your company. A new security approach is needed and that’s something we should all be part of.
A Java virus was used to redirect search traffic to GitHut’s code repository, causing a massive flood that the website is still dealing with.
While national cyber security strategies are becoming an increasingly important asset to have for any country, a look into the internal environment is needed as well. UK online banking fraud grey by 50% in 2014, and they’re not the only country dealing with such issues.
Software has become embedded into everything we do. And that makes us ALL vulnerable. Why? Because while most applications are patched by vendors on day one, other, third-party software takes much longer, giving way to Zero Day vulnerabilities.
Privacy is a main component of cyber security. Acting with caution, knowing the environment, being aware of threats – they’re all necessary behaviors that every netizen should assimilate. But the harsh reality is that the opposite thing is happening.
The Net neutrality discussion is close to accomplishing its goals of making this concept a reality in the US, and Europe has a much more decisive stance on it, but there is much more left to do when this all ends. Netizens are only vaguely aware of their rights are Internet users, and this will become an increasingly important necessity in the near future. We are now shaping what the web will look like in the future years.
Since we can’t possibly cover all the important news that you could find useful, we’d love to hear your suggestions as to what else we should have included in this list!