Thursday, July 31, 2014

Put cyber security in your luggage

The last day of July is always a manic day. While some people are working hard to get all the work done before going on vacation, those who return from their deserved rest days are busy packing everything to go back home. Whatever your case, we invite you to take a 5 minutes break and read this summary of today’s most important news on cybersecurity.

The first one is especially relevant for those who are about to go to a hotel whether it is for business or pleasure. You must be very careful when using hotel’s public computers available to guests. They may be infected with malware installed by cybercriminals to obtain your credit card data or the credentials to access the corporate network of your company. It is important to watch out if the hotel has deployed some security measures such as surveillance cameras, a limitation on the information that a user can enter on the system, touch screens, virtual desktops for each of its customers...

Another threat which could spoil a vacation or a millionaire business deal is the malware designed to be spread by USB sticks. In fact, researchers Karsten Nohl and Jakob Lell have developed a proof-of-concept malicious software called "BadUSB", which takes advantage of a vulnerability in the way that these devices are designed. Therefore these problems can’t be fixed. This software is not installed in the device’s flash memory but in its firmware, and lets an attacker take over a PC, invisibly alter the files installed from the USB pendrive, or even redirect the user’s Internet traffic.

In any case, cyberattacks do not respect holiday periods so any organization’s infosec team should remain vigilant during this time. They may have to face a denial of service attack when least expected. In addition, criminals know how to impersonate Google web crawlers and launch such attacks. In fact, it is estimated that 34% of the 50 million fake Googlebots sessions analyzed by Incapsula had malicious purposes and 24% of them were used to perpetrate DDoS attacks.

The Tor network’s team - the most popular online network to maintain your online anonymity -are not going to enjoy a relaxing holiday either. They had to admit that, from 30 January to 4 July this year, anonymity on their network has been broken by the attacks of some malicious actors who have taken advantage of a flaw in the Tor protocol. Do not forget that Tor is in the crosshairs of the intelligence and security forces of countless countries because it is used by many of the suspects pursuing by them.

Meanwhile Russia, which does not want to be targeted by foreign espionage, has requested Apple and SAP to test their software source code for spyware that could be giving access to other countries’ intelligence services.

Finally, looking towards the beginning of the course following the holidays, we should warn you that the popular platform for educational resources sharing Moodle has released 13 new security alerts to fix multiple vulnerabilities.

We insist! Do not forget to put all this news in your suitcase before leaving home and follow us every day. Being well informed is the best way to protect yourself from cyber threats. Please, find the links to our social networks at the right sidebar.


Post a Comment