The week in security: Quantum’s encryption threat; price yourself out of hackers’ reach
May 9, 2016
Shah Sheikh (1294 articles)
Share

The week in security: Quantum’s encryption threat; price yourself out of hackers’ reach

Claims that we’re all vulnerable to targeting by cybercriminals have become part of conventional wisdom, but one security expert believes there’s a way to keep yourself off the radar.

The Turnbull government’s first Budget reinforced the top-level agenda around cybersecurity – probably a good thing as attacks such as the leak of millions of Webmail credentials (although even that hack was disputed) are likely to continue.

Just when you thought the government was trying to make encryption weaker, comes news that NIST is looking for help on how to ward off the decryption threat posed by quantum computers.

Tech groups were pushing presidential candidates to support encryption and embrace other IT issues, while a survey suggested that one of the biggest issues that needs fixing is the human IT-security hole.

Trend Micro has compiled a report of the most popular homebrewed tools used by terrorists, while there were revelations that the commonly used ImageMagick library has critical flaws that leave Web sites vulnerable. Google turned on HTTPSencryption for its blogspot site while OpenSSL was patching two high-severity flaws.

This, as reports suggested the costs and damages around DDoS attacks were on the rise. Also on the rise were breaches targeted at the hotel sector, with the PCI Security Standards Council requiring better authentication, encryption, and penetration testing.

For the first time, Google and Samsung aligned schedules for the release of their security patches while Apple patched a vulnerable OS X Git version and Cisco patched a flaw that would allow attackers to take over its telepresence systems.

Even as one cybersecurity expert warned that ransomware should have everybody scared, Forcepoint’s first threat report found that cybercriminals were drawing on time-honoured malware techniques to drive their attacks.

Source | CSO