2017 was a big year for malware, hacks, and data breaches. Voting machines proved to be easily hackable, Uber was caught paying off cybercriminals, and of course, Equifax experienced a breach that affected 140 million Americans. On the latest episode of Decoding Security, security analysts Jessica Ortega, Ramuel Gall, and producer/security analyst Topher Tebow count down the top ten cybersecurity issues of the past year.
A recently released Insider Threat Report collected data from over 500 cybersecurity professionals to examine industrial efforts against insider threats. According to the report, although there has been a rise of insider threats over the last 12 months, organizations are not fully prepared for it yet. The report also examined which user categories showed the largest threat, the most vulnerable applications and data, common launch points for attacks, budget trends and more.
With the shortest month of the year now in the books, it’s time to look at the top trending cybersecurity stories for March. Below are our picks for the top three security stories you should be reading this month:
The Latest FREAKy Web Security Bug
A new web security bug was discovered recently, leaving some Apple and Google device owners vulnerable to attack when visiting “secure” websites. It’s called FREAK (which stands for Factoring Attack on RSA-EXPORT Key), and works by weakening encrypted connections on SSL and TLS, which in turn allows an attacker to intercept and decipher the “secure” data.
Apparently the security flaw has been around for more than 10 years, but a fix is quickly on the way. Not to fear, SiteLock TrueShield customers are protected from this vulnerability. Learn more about FREAK here on PCMag.
Uber Finally Admits Data Breach
Almost a year later, on-demand taxi service Uber has announced that over 50,000 of its drivers’ personal information was stolen in May 2014. The cause? Apparently an unauthorized third party got access into Uber’s database. The hack was patched back in September, and Uber has provided one year of free credit monitoring to affected drivers. Learn more about the cybersecurity breach here on The Drum.
The Rise and Fall of Superfish
Did you know that Superfish was once a promising and rapidly growing Silicon Valley startup? They ended up striking a deal with PC manufacturer Lenovo, to have its software installed on their consumer PCs. Little did the public know, the Superfish software was logging online movement of its users, and hijacked online security systems, as revealed by a security researcher early this year.
The results were catastrophic, and Lenovo went into damage control mode. The company eventually released a Superfish uninstaller software, but by then a lot of damage had been done. Unfortunately, you don’t always know what you are getting when it comes to free software (“freeware” as it’s been coined recently). You can check out more info on the story here.
Stay Out of the News
No one wants to be featured in a headline about the latest data breach. Explore the comprehensive, cloud-based security solutions offered by SiteLock.