During 2017, there were some remarkable vulnerabilities and
exploits. One that was very interesting was KRACK (Key Reinstallation Attack).
This allowed attackers to exploit vulnerabilities in the Wi-Fi Protected Access
2 (WPA2) protocol to allow an attacker to eavesdrop on the network traffic
between the device and Wi-Fi access point. Frankly, I was surprised to find out
that there were security flaws in the WPA2 protocol. I was even more surprised
to find out that over 41% of Android devices were vulnerable to variants of
KRACK, with Linux systems also being heavily impacted. Some best practices to
mitigate possible attacks on Wi-Fi networks and devices were recommended,
including regularly updating your Wi-Fi router’s credentials, enabling your
firewall, using a Virtual Private Network (VPN), and updating firmware often.
You can read more on this at https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/vulnerabilities-in-wpa2-reportedly-expose-wi-fi-enabled-devices-to-eavesdropping
Being an avid user of iPhones (I won’t trade my iPhone for
the best Android device in the world), I did some research on vulnerabilities
and exploits that exist in the Apple world. I didn’t have to look too hard. It
seems that every iPhone and Mac computer is affected by the Meltdown and
Spectre chip vulnerabilities, which can be exploited by hackers using malicious
apps running on a device. This is why it is so important that users download
apps and software only from trusted sources. The fact is that smartphones has
become a way of life us today. It’s hard to imagine that only two decades ago,
people were able to survive with only analog phones! Our smartphones now hold
very valuable and sensitive data, like our banking information, credit card
information, and lots of other private data. With the millions of Apple devices
being used around the world, the risk factor is global, as users throughout the
world can be impacted negatively. Read more at http://www.newsweek.com/apple-iphone-chip-vulnerability-most-disturbing-security-issue-decades-771638.
In today’s world of technological convenience and mobility,
the threats and vulnerabilities seem to be ever-increasing. Like many people. I
handle my bank transactions through my mobile phone. And attackers seem to be
aware of the rise in popularity in online banking, often targeting individual
users’ bank accounts with an increased number of mobile malware and mobile bank
Trojans. It was pretty disturbing to learn that a research by the Kaspersky
Lab's Global Research and Analysis team found over 1.6 million malicious mobile
installation packages circulating, including 323,000 new malicious mobile
programs and 2,500 mobile banker Trojans. Read more about it here http://www.darkreading.com/vulnerabilities---threats/mobile-malware-makes-mobile-banking-treacherous/d/d-id/1322957
One of my favorite security readings is the yearly Verizon Data
Breach Investigations Report (DBIR), and I’m not just saying that because I
work for Verizon. This annual report explores the existing cybersecurity
landscape, and uses the experience of many organizations to provide a detailed
overview on the state of cybercrime today. Part of this task is to analyze thousands
of incidents, including data breaches. Organizations would do well to use this
report to prioritize and discover new ways to protect against threats. The fact
is that if a company hasn’t suffered a cybersecurity breach yet, it’s because
they are extremely-prepared, or lucky. My bet is the latter!
No comments:
Post a Comment