Monday, March 10, 2014

The train of cyber security

The train of cyber security

"Dear travelers, the train to cyberspace, at platform 1, will depart in a moment." The rattle produced by the steel against the rails will come with us today in our review of cybersecurity news. Please place your belongings in the trunk and take your seat. This convoy is about to depart.

The first stop of our peculiar "Iron Horse" is at Java. Here, travelers can have a look to the "2014 IBM X-Force Threat Intelligence" quarterly report. According to this study, the Oracle’s Java has become the cybercriminals’ favorite target. In fact, half of the exploits detected in December last year were addressed to this software.

"We informed our dear travelers we are approaching the next station: Linux". Last week, a critical vulnerability in this operating system was reported. Due to its open source nature, just over an hour later, a fix to this bug was already released. Should big companies like Microsoft or Apple take learn the lesson?

Facebook is the third stop on the route. Criminal minds usually use this social network to take advantage of the trust we place in our contacts and use it to spread their malicious campaigns. One of them has already affected 2 million people. Hackers spam users’ timelines with a friend's picture and "See (Friend)'s naked video," or "(Friend Name's) Private Video." But in reality, they take the victim to a fake webpage that will require the user to upgrade his Flash plugin. A trick to infect him with malware.

Facebook is also in the spotlight of several groups that requested the U.S. Federal Trade Commission to investigate how the Whatsapp user’s data will actually be used, after its acquisition by Mark Zuckerberg’s company. Their goal is to make sure that the commitment of not collecting user’s data for advertising purposes is complied.

No doubt most citizens are increasingly concerned about their privacy. To mitigate their exposure to advertising networks, governments, cybercriminals, and other groups that collect personal information for different purposes, the user should follow three basic steps: the first is to know specifically who are collecting his data. Secondly, he should evaluate what information he cares and what does not care sharing and the risks involved. And finally, the most difficult step is to find a way to protect the information that he doesn’t want it to be known.

Before our train reaches its destination, it must make one last stop at the phishing station. According to security firm Proofpoint, cybercriminals who use phishing emails to distribute malware or lead users to malicious websites are copying the same techniques used by marketers to measure the impact of their campaigns and adjust their effectiveness.

Our trip is nearly to end. Please, make sure you take all your belongings with you. We hope you had a pleasant journey with us and hope to see you soon in the CIGTR rail services. Thank you very much.


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)


Post a Comment