Weekly Security Roundup #94: Feeling cheated
Trust – a volatile value that tech companies keep losing
Admission: I’ve been a Yahoo user for years (12+). It’s not my main personal email, but I use for subscribing to newsletters and other things I don’t deem as important.
Although I knew they didn’t compare to Gmail in terms of security, I chose to continue using it. It might have been nostalgia and a sort of fondness for older times, I couldn’t put my finger on it.
What I wanted to say is that I empathize with you if you feel cheated and betrayed by a company that’s supposed to ensure the bare minimum: the privacy and security of your data.
I think that many of us take privacy for granted, but I hope we can all educate ourselves to pay more attention to it. And to react when our trust is breached so blatantly.
(Interrupting this subject, maybe you’d like to browse our list of over 80 decryption tools for various ransomware strains that we published this week.)
Security articles of the week
1. The Yahoo breach and the spying relevations
If you thought that attackers stealing credentials for 500 million Yahoo accounts was a big problem, the follow up will make you even angrier. Reuters announced this week that Yahoo has been secretly scanning users’ emails for U.S. intelligence agencies.
It was all over the news, not only in the cyber security field, but also beyond it.
What’s more, European Union privacy watchdogs took notice as well.
If you feel like you just want to close your Yahoo account, Softpedia published a quick guide on that. I know I’ll be applying it this very weekend.
Last October, almost 160.000 TalkTalk users’ credentials were stolen by cyber criminals. Over 15.000 of the victims also had their personal financial details exfiltrated, which exposed them to financial fraud and subsequent cyber attacks. And the breach wasn’t even difficult to engineer, simply because:
Elizabeth Denham, information commissioner at the ICO, said: “TalkTalk’s failure to implement the most basic cybersecurity measures allowed hackers to penetrate TalkTalk’s systems with ease.
So how much do you think Yahoo should be fined for their gigantic data leakage?
At this point, it’s only natural for you to ask this question. An insightful perspective comes from Pete Herzog, co-founder of the Institute for Security and Open Methodologies (ISECOM):
The answer is because security is complicated. The sheer number of variables you have to deal with: the environment, the changing of people, the changing of technologies, the changing of programming languages used to build applications. Things are changing and broadening and there’s always more choices and more things to think about and more interactions, which makes security more and more challenging, which is why there are still breaches.
Malvertising is a still a huge issue, even on platforms you wouldn’t normally consider when thinking of this threat.
This week, Spotify ads were compromised to deliver malware, which performed traffic redirects to malicious web pages that prompted users to download other types of malware.
Spotify quickly handled the issue, but you should do a deep scan of your PC just to make sure it’s clean. And you should also think about getting some proactive protection as well. This example reminds us that cyber threats can infiltrate anywhere, even in the least expected places.
Speaking of unexpected attacks, here’s a new trick cyber criminals pulled from their sleeve: by modifying core WordPress file, they aim to generate traffic for their malicious spam campaigns and keep a low profile.
Just as we inferred in our last security alert, RIG EK took over when Neutrino closed up shop.
At the moment, RIG is the most sophisticated exploit kit on the market and it also seems that it received some improvements as part of its evolution.
An important part of your security against exploit kits is keeping your software up to date at all times, which is also something that Microsoft recommends.
And it does it all to encrypt valuable data and blackmail companies into paying hefty ransoms. Cerber is thought to be responsible for illegal profits of over $1.000.000.000 this year alone.
Last week, investigative journalist Brian Krebs’s website, one of the most prominent figures in cyber security, was taken down by a huge DDoS attack.
The new problem is that the source code for the Mirai malware, which was used to recruit IoT devices into a huge botnet, was published online. As a result, anyone can use it, refine it and employ it in new cyber attacks.
In more positive news, Facebook announced Secret Conversations for Messenger. Here’s how it works, in a nutshell:
…anyone who updates their Messenger app will now find the “secret” option on the top right of the “new message” screen. The feature also allows senders to choose a Snapchat-style expiration time for messages, ranging from five seconds to one day. Only users who have updated the app can send or receive encrypted, time-sensitive messages…
If you want to check out some alternatives, we published a list of the best encrypted messaging apps a while ago.
And this means that you’ll see a lot of people get even more involved than usual in spreading the good word about online safety and building awareness around the topic.
Maybe you can use this as an opportunity to teach yourself more about the basics of Internet security. It will serve you well both in the short term and in the long run.
I know that you’ve heard this many times over, but if everyone applied it, no one would repeat it: it is easier to forestall a cyber attack than to deal with it. It’s less costlier too. And I hope you’re on your way to making it happen.
If you need help, we’d love to hear from you.