Here is our latest news roundup of articles about network and SSL security. ( to see the whole series.)
SSL & Encryption News
- saves the day by detecting and alerting Google of unauthorized certificates.
- This month Google, Microsoft, and Mozilla officially announced that they willÌý. Google and Microsoft have not specified a date when RC4 support would end. However, Mozilla stated they would end support January 26, 2016, the same date as the release date of Firefox 44.
Data Breaches
- , granting the attacker access to Mozilla’s bug-tracker Bugzilla and sensitive information.
- More news about the Office of Personnel Management breach: Approximately .
Vulnerabilities
- Although organizations have known about the Heartbleed bug since April of last year, John Matherly, founder of the IoT search engine Shodan, discovered that . Over a quarterÌýof the vulnerable devices are in the U.S.
- , which found that the department is still vulnerable to attacks and lacks proper cybersecurity training for its employees. DHS has acknowledged the issue and has announced they will remedy these problems by November 30, 2015.
Malware
- Apple removed .
- to increase chances of infecting users with malware on compromised sites.
- Malware , potentially affecting over a million users.
- Malwarebytes researchers discovered a . Malverstising campaigns are usually shut down within days of discovery.
- sites through vulnerable plugins. Compromised sites redirect users to unsecure landing page.
- , affecting hundreds of thousands of phones.
Research & Studies
- Employees were found to be the cause for .
- of data breaches by knowingly downloading suspicious or unsecure apps.
- A recent study by KPMG found that over Ìýhave been breachedÌýin the past two years.
- Ìýnames the five "most hackable" cars. Did yours make the list?
- The average cost an enterprise spends to recover from a data breach is over $550,000 according to .
- recorded a 43% increase (compared to 2014) in new malware samples detected daily over a three-month period.
- ÌýMcAfee Threat Labs Reports shows that .