A recently released Insider Threat Report collected data from over 500 cybersecurity professionals to examine industrial efforts against insider threats. According to the report, although there has been a rise of insider threats over the last 12 months, organizations are not fully prepared for it yet. The report also examined which user categories showed the largest threat, the most vulnerable applications and data, common launch points for attacks, budget trends and more.
Category: Cybersecurity News Page 7 of 10
Several days after a major breach of the personal information of federal employees, the Senate rejected a cyber security measure on Thursday. The rejected bill would encourage private 5companies to voluntarily share information about hack attacks with the federal government to prevent future data breaches. The vote was 56-40, four votes short of the 60 needed to move ahead on the legislation. Many Democrats voted against the bill, mainly because it was tacked to a sweeping defense bill, which many Democrats oppose and President Obama has threatened to veto.
What Is Logjam?
Transport Layer Security, or TLS, is the protocol commonly used in HTTPS connections. Logjam is the code name for a cryptographic weakness in the Diffie-Helman key exchange algorithm used by TLS. The Diffie-Helman Exchange (DHE) allows two parties – a browser and server in our case – to exchange prime numbers in a secure manner which are then used to create a shared secret used to encrypt a session.
A team of computer scientists and security researchers found that precomputing the prime number groups that DHE uses allows faster computation of the discrete logs used to find the shared secret. With academic-level resources, the researchers precomputed a 512-bit group used by 82% of vulnerable servers. The researchers posit that nation-state level resources could precompute 1024-bit Diffie-Helman groups, affecting even larger swaths of the internet.
Earlier this week a security researcher reported a cross site scripting vulnerability, also known as an XSS vulnerability, in the WordPress icon package, Genericons. Genericons is an icon package that was used with the default-installed WordPress theme, Twenty Fifteen. Genericons included an HTML file, named example.html, which actually had the cross site scripting flaw.
About The Genericons XSS Vulnerablity
The XSS vulnerability was DOM, or document object model, based meaning it could potentially control how the browser handles a requested page. The victim would have to be coaxed into clicking a malicious link, reducing severity, though the exploit remains widely deployed all the same.
OTA (The Online Trust Alliance) was awarded SC Magazine’s Editor’s Choice award earlier this week, thanks to the input from SC Magazine’s editors and over 40,000 readers. SC Magazine chose to award the OTA based on its efforts to improve SSL best practices, botnet frameworks, integrity in email and data breach readiness.
OTA was also cited for its work in public policy and success in convening multi-stakeholder efforts.
Earlier this week, a remote code execution vulnerability against Magento, the eBay-owned free and paid eCommerce platform, was released. Security researchers chained together multiple smaller vulnerabilities to ultimately run arbitrary code on the server Magento is hosted on.
A cross-site scripting (XSS) vulnerability was recently revealed in the WordPress caching plugin, WP Super Cache.
What Does The WP Super Cache Plugin Do?
WP Super Cache converts dynamic WordPress pages into static HTML. This creates pages that are quicker to serve to visitors than a database-generated page. Great for high traffic sites, WP Super Cache’s popularity has garnered over a million downloads.
The Online Trust Alliance (OTA) recently released its 2015 Data Protection and Breach Readiness Guide for its seventh consecutive year. This guide helps provide businesses with prescriptive advice to help optimize data privacy and security practices to prevent, detect, contain and remediate the risk and impact of data loss incidents and breaches.
FREAK (Factoring Attack on RSA-EXPORT Key) is one of the latest web security threats to go public, which works by weakening users’ encrypted connections on SSL and TLS, allowing a hacker to intercept and decipher data.
The threat affects mostly mobile device browsers, such as Apple’s Safari and Android device browsers, but it also affects older versions of OpenSSL including 1.0.2, 1.0.1, 1.0.0 and 0.9.8. Version 1.0.2 of OpenSSL has been classified under a “high” severity of vulnerability.
This past Wednesday, Yoast, makers of one of the most popular WordPress plugins, WordPress SEO by Yoast, disclosed a blind SQL injection vulnerability against authenticated users given a successful cross site request forgery (CSRF) attack.
What is blind SQL injection and CSRF, how can the WordPress SEO vulnerability affect your site, and what should you do about it?