����TV

Here is our latest news roundup of articles about network and SSL security. ( to see the whole series.)

SSL & Encryption

• Security researchers have discovered a flaw dubbed the that allows an attack to decrypt traffic from secure servers supporting SSLv2, which is obsolete. Soon after researchers announced the vulnerability, released a patch to fix it.

Data Security in General

• The ran from February 29^th to March 4^th. Click the link for highlights of the conference.
• In an effort to discover the vulnerabilities in their websites, the issued a public invitation for hackers to participate in their “Hack the Pentagon” program.

Data Breaches

• revealed in a press release that a laptop containing PII for over 200 thousand patients was stolen.
• , a DDoS mitigation service provider, suffered a data breach and received advice from the hackers on how to better secure their network.
• an outdoor equipment retailer, suffered a data breach affecting 250 thousand of their customers.

Vulnerabilities

• patched almost 40 vulnerabilities in Windows, IE, and Edge, some of which allowed for a remote code execution.
• released more updates for Flash Player that addressed 18 critical vulnerabilities.
• Security researchers found that a security patch that was thought to have fixed a vulnerability in 30 months ago is still vulnerable to exploit.

Malware

• is a new ransomware, and although it is only a few weeks old, it has quickly become one of the most used types of ransomware.
• A targeted users visiting major news, entertainment sites such as The New York Times, the BBC, MSN, AOL and others.
• A previous version of contained a flaw that allowed victims the ability to recover their encrypted files without having to pay a ransom. Unfortunately, the malware writers have fixed that flaw and there is no way to recover files without paying a ransom.
• Hackers targeted online gaming platform, stealing gamers’ credentials and gaming items they in turn sell on the black market.

Cybercrime

• Phishers sent emails that appeared to come from , a department of the Russian Central Bank that is tasked with dealing with cyberattacks, to dozens of Russian banks in a well-executed and planned phishing attack.
• Researchers observed attackers using business email compromise, a type of phishing attack, to gain a foothold and then infect compromised computers with a .
• As Tax Day approaches, the IRS expects cyber criminals to target taxpayers using phishing emails. They estimate that .

IoT

• A hacker revealed at RSA how he is able to because of their lack of encryption.
• This month the , stating that they now regard remote hacking and hijacking a vehicle as a very real threat the public faces.

Research & Studies

• In a , explains the reasons behind the do’s and don’ts of cybersecurity practices.
• released their 2015 Q4 State of the Internet Security Report. The report covers the changes attackers have implemented in executing DDoS attacks.
• is now the preferred attack method cybercriminals use, according to a new study by Trend Micro.
• A new study discusses malware and the difficulty IT experts have in mitigating malware attacks.
• According to another study, found that Healthcare organizations suffer one cyberattack each month on average.
• A survey revealed that 55% of UK consumers are okay with sharing their passwords with others.
• Another on passwords shows how important it is to include case sensitivity in password policies.