Security Briefing 10.14.17
Researchers from cybersecurity firm Proofpoint have recently discovered a large-scale malvertising campaign that exposed millions of Internet users in the United States, Canada, the UK, and Australia to malware infections. This started with Pornhub and has since branched out. They are ‘browser updates’ Chrome, Firefox, and Microsoft Edge/Internet Explorer.
Guy creates company in 2010, Rigzone, for professionals in the oil and gas industry. In 2010 he sold it for $51 million bucks. In 2014, he fired up some backdoors he had and started scraping information from Rigzone, created another company, OilPro, and tried to sell ‘members’ back to Rigzone. The FBI arrested him in 2016 for fraud. He was sentenced to a year and a day in prison for accessing information without authorization last Friday.
It’s the beginning of the month, and that means Google has published its monthly security bulletin for Android devices, detailing all the vulnerabilities it has addressed in this month’s update. Though it’s not a long list of vulnerabilities, almost everything on it is rated High or Critical. (If you want to know what the formal severity ratings like Critical, High and Moderate actually mean take a look at Android’s Security Updates and Resources page.) Basically, update your Android devices.
In a few weeks, in Google Chrome, the “Not secure” label is going to spring up in two additional, common scenarios: when users enter any data at all on an HTTP page, and on all HTTP pages visited in Incognito mode. This is part of Google’s latest crusade against sites that don’t use encryption.
Websites mostly belonging to small- to midsized firms got hit with more than 60 attacks per day on average, new analysis finds. That number, which extrapolates to some 23,000 attacks annually, represented an increase of 186% over the 22 attacks per day that websites averaged during the same period last year. Automated bots were responsible for more than 85% of these attacks.
More than half of organizations using cloud services like Amazon Simple Storage Service (S3) have inadvertently exposed at least one of these services to the public, up from 40% earlier this year. People have the ‘cloud’ and don’t understand how to use or secure it. Researchers determined 38% of organizations have experienced the potential compromise of an administrative user account in their public cloud computing environment. More than 80% of businesses are not managing host vulnerabilities in the cloud, and 37% of databases accept inbound connection requests from the Internet. Seven percent of those receive requests from suspicious IP addresses, a sign they have been compromised.
Disqus, the company which provides a web-based comment plugin for websites and blogs, has admitted that it was breached 5 years ago in July 2012 and hackers stole details of more than 17.5 million users.
Though there’s no solid evidence yet available, an article published by WSJ claims that the Russian state-sponsored hackers stole highly classified NSA documents from a contractor in 2015 with the help of a security program made by Russia-based security firm Kaspersky Lab.