Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 28 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Daily News Digest – 6th January 2013

by The Gurus
January 7, 2014
in Opinions & Analysis
Share on FacebookShare on Twitter

Returning to the in the New Year is often an unusual time; your inbox is either stuffed full of alerts that are days out of date, or it is empty waiting for you to take action to start.
 
In my case, I returned to some pretty major stories surrounding the leak of 4.6 million user details from Snapchat. That company took its time to respond to the criticism, and the problems were not helped by further reports that the flaw was reported to them four months previous to the leak occurring.
 
The company announced  plans to release an update and also hired a lobbyist to lobby on issues “related to the company’s operation and practices”. What has been the major problem for Snapchat is an apparent lack of an apology by the company for what happened, and a seeming finger of blame being pointed at the hackers, rather than at flaws in its own software.
 
Elsewhere, the big “hacking” news related to two of the internet’s best known social brands. Skype had its Twitter account taken over the Syrian Electronic Army, who used it to post anti-Government and anti-Microsoft comments, but control was soon returned to the owners who apologised on its Twitter page and confirmed that “no user information was compromised” and that it was “sorry for the inconvenience”. Always pays to be honest and apologise so users regain trust and move on, take note Snapchat.
 
The third and other major “hacking” story was an unfortunate one for Yahoo , as it was simply the victim of using an advertising platform which was compromised. However research by Fox-IT found that, with a typical infection rate of nine per cent, this would result in around 7,000 infections every hour. It was unclear how long the website’s advertising frames that were redirecting users to malware-laden domains were live for, but Chris Mannon from Zscaler’s ThreatLabZ said that it began at 11.17pm on January 1st, and lasted all the way through until Friday the 3rd when it was caught.
 
“We track the last transaction serving up malware from ads.yahoo.com/* at approximately Fri Jan 03 02:16:48,” he said.
 
“In the time that this threat was active, an approximate total of 21,000 transactions occurred. This speaks to the effectiveness of malvertising campaigns. A single site compromise yields only victim’s who frequent that site; while an ad server compromise not only affects that site, but also all sites which use advertisements from the site. Malware writers will continue to find methods to cast the largest possible net to rope in more victims to their dubious activities.”
 
As Mannon said, compromising one platform which serves multiple websites is a much more effective method of ensnaring users and, as proved in previous cases, even the biggest websites can fall to this method.
 
The other news that has captured the industry’s attention has been around two major acquisitions. Firstly, and the best reported, was FireEye’s acquisition of Mandiant to create an all-encompa
ssing malware detection, virtual exploitation and remediation service. For $1 billion, FireEye will see this not only as a method of gaining one of the most talked about companies from 2013, but as a way to get into the burgeoning incident response sector.
 
Not so well reported is the acquisition of Morta Security by Palo Alto Networks, possibly because the former has not been so well known so far. Morta Security is a two-year-old Silicon Valley security start-up run by former employees of the National Security Agency and the United States Air Force, and tackle “advanced persistent threats”.
 
Perhaps 2014 will be the year that more security vendors will seek to be the one stop shop for users, as threats get worse or remain the same. The one thing about security is that it is always unpredictable.

FacebookTweetLinkedIn
Tags: hackingResponse
ShareTweet
Previous Post

McAfee to be renamed Intel Security

Next Post

Free mobile apps reveal personal details

Recent News

software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023
ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information