This Week’s Latest News and Updates on Information Security
Official PHP Website Falls Prey to Hackers
Did you recently visit the official website of the open-source PHP programming language? Let’s hope you did not. News are up that the site has been compromised, and is being used to drop a Trojan horse onto systems used to visit the site. Reportedly, from the 22nd to 24th of October, the site was being used to spread malware. To read the official statement about this incident, visit this link.
Most Victims of Ransomware in Asia Pacific are from India
Ransomware seems to be the new talk of the cyber town, with its incidents increasing by days. If we talk of the Asia Pacific region, a good 11% of the victims are from India. For your information, ransomware is a malicious program that locks down the victim’s computer, making it nonfunctional. The malware then demands a certain amount of money from the victim to release the hijacked computer. A new variant of ransomware, called CryptoLocker, has been doing the rounds. It encrypts the important files in the victim’s machine. Even in this case, the victim has to pay up in order to recover the encrypted files. Read more about Cryptolocker and how to prevent it.
LinkedIn’s new app ‘Intro’ – May Risk Man-in-the-Middle Attack
LinkedIn has shot a new app into the market to cement its foothold among mobile users. While the app has fetched appreciation from some, it has raised quite a few eyebrows of security analysts. Intro is an email plugin for iPad and iPhone. It redirects email traffic to and from an iOS device through the servers of LinkedIn. The traffic then gets analyzed and scrambled for relevant data, and the required LinkedIn details are added to it. This means that LinkedIn servers are sitting as man-in-the-middle for your email. This leaves a security risk that hackers may take advantage of, if they manage to hack the servers and intercept Internet traffic. For more details on this report, read this post.
Interested in the DARPA’s Cyber Grand Challenge?
We all know about the bounty programs of Google, Facebook, etc., which give away good cash for detecting bugs and security flaws. A similar program has been announced by the US Defense Advanced Research Projects Agency; but, this goes deeper than just finding bugs. DARPA’s Cyber Grand Challenge competition involves coming up with a system that detects and rectifies software flaws before they can be found and misused by hackers. The aim behind developing this system is to do away with zero-day threats, which still remain a critical area of concern for security officials. The winner of the competition can go home gleaming with a bag full of money – $2 million. Read more about this competition here.
No Comments, Be The First!