ÃÛÌÒTV

News 12-30-2015

This Month in SSL: December 2015

Mark Santamaria

Here is our latest news roundup of articles about network and SSL security. ( to see the whole series.)

SSL & Encryption News

  • posted an update on the SHA-1 deprecation. In early 2016 Google will block new SHA-1 certificates in Chrome, and starting January 2017 they will block all SHA-1 certificates.
  • On December 3rd, OpenSSL released four patches for four moderate to low security vulnerabilities.

Data Breaches

  • Cybercriminals breached network. When the company announced the breach they stated 5 million customers were affected, but that number has climbed to 10 million.
  • advised users to change their passwords after the company announced a data breach.
  • A data breach at Keenan & Associates Healthcare exposed sensitive information for 35,000 patients.

Vulnerabilities

  • Researchers found a by McAfee, Kaspersky, and AVG. Using the flaw, a hacker could inject their own code into a system.
  • A security researcher discovered a that an attacker could use to access 13 million users' personal information.
  • Two recently discovered give hackers the ability to view and modify patient information.
  • An attacker could exploit and attain data through a network’s firewall.

Malware

  • Researchers identified a on popular video-sharing site, DailyMotion.
  • FireEye discovered a new malware, dubbed ,Ìýthat targets payment card systems.

Cybercrime

  • Hackers use botnets in a , targeting POS systems of small- to medium-sized businesses.
  • The hacktivist group announced they were responsible for taking down the Trump Tower website.
  • Cybercriminals target users with phishing scam.

IoT

  • Marginally skilled hackers could exploit vulnerabilities in gas detectors manufactured by .

Research & Studies

  • finds that consumers tend to avoid businesses that have experienced a data breach, especially when financial information was compromised.
  • The United States ranked the highest total average costs for data breach at $15 million, according to a study.
  • New reveals that over 85% of PHP-based apps are vulnerable to XSS.
  • A new points to insider threats as biggest security concern businesses face.
  • Cybersecurity insurance may drive security by setting new requirements for coverage, says .
  • Small businesses should beware of DDoS attacks which are increasing in frequency, according to .
  • ³Õ±ð°ù¾±³ú´Ç²Ô’s revealed that 45% of healthcare security breaches are due to lost/stolen devices.
UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-27-2024

6 actionable ways to secure the IIoT at every stage

Tracking the progress toward post-quantum cryptography

The state of PQC since the publication of FIPS 203, 204 and 205