Ransomware developers target Apple customers Some ransomware developers don’t want Apple users to feel left out, the first ransomware for OS X has been found. The ransomware is installed by a corrupted version of Transmission (a BitTorrent client). Apple has taken steps to shut down this attack, more details are here. |
DROWN Flaw Illustrates Dangers of Intentionally Weak Crypto The new flaw in SSL has some relation to 1990 encryption concerns. The concern over export-grade cryptography caused SSLv2 to be intentionally weakened according to SSL expert Ivan Ristic. The article gives some detail about the Drown flaw and some concerns over weakening current encryption. Due to the amount of variables and effort required by an adversary, this risk is ranked as moderate by 4D5A Security for likelihood. Amazon’s bringing encryption back to its Fire tablets |
Five things you need to know about ransomware Another article gives us some ways to prepare for ransomware attacks. A good point to remember is that end user PC’s are not the only devices at risk, Android devices and Linux servers attacks have been discovered also. Prevention is still the best way to prepare for a ransomware attack, frequent offline backups could save the day. Worst case scenario is you may need to pay the hackers to get your data back. |
Skills Shortage, Containerization & Other Cloud Security Concerns The RSA conference has shown the increase in adoption of cloud computing in enterprises. Security for cloud computing is still being figured out, who is responsible for security and how is security done. The article does a nice job of bringing up concerns regarding the shift to cloud computing for enterprises. |
Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid Wired has done a detailed look into the hack of the Ukraine power grid. It covers the timeline in a detailed fashion. It also looks at who was behind the attack and the potential for future similar attacks. |