Monthly Archives: April 2015

Security

Red Hat Security Advisory 2015-0858-01

Red Hat Security Advisory 2015-0858-01 – Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

Security

Red Hat Security Advisory 2015-0857-01

Red Hat Security Advisory 2015-0857-01 – Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

Avira

The positive side of security threats

For years, experts have been telling the public to take these things seriously, but oftentimes, their advice and suggestions are ignored. That’s not because people necessarily disagree with the importance of security and privacy, but it’s just that developing new habits can be hard, especially when they’re preventative.

The good news is that those security habits appear to be improving, and we partially have Edward Snowden to thank for that. As reported by Computerworld at the end of last year, an international survey of Internet users revealed that more than 39% have done things to protect their online privacy and security because of what he revealed about the NSA. When you dig deeper into the numbers, that means that somewhere around 700 million people actively made changes to their security habits that they might not have made otherwise. By any standard, that’s a whole lot of people.

This survey primarily focused on reactions to the news about the NSA’s practices, but you don’t have to stop there. When you add the growing list of high-profile data breaches by hackers to the spying activity by governments, then things really start to snowball. More than ever before, people are starting to understand security threats in a very real way, and the resulting changes by 700 million people are only the beginning.

When talking about security issues, it can sometimes be easy to just focus on them in a negative way, but these numbers show us that there can actually be somewhat of a positive side to the story, too. Without the publicity of surveillance and hacking efforts, many Internet users would probably continue to stick with their bad security habits, but now that they see what’s possible, they can better protect themselves from the next big security story that starts to circulate.

The post The positive side of security threats appeared first on Avira Blog.

Panda Security

Amazon-Gift: the latest virus in WhatsApp

whatsapp virus

We are always saying that WhatsApp is the favorite platform for cybercriminals to play around. And if we add the name of a giant like Amazon, the scam is bound to be a success.

The Trojan known as Amazon-Gift tell users through a WhatsApp message that both companies have joined and they are offering a gift-card. And if the user wants to obtain the check he must click on a link.

According to Tecnoexplora, this hoax is expanding through Asia and it won’t be long until it reaches the rest of the world.

But cybercriminals have gone a little further, urging users to click quickly if they want to be one of the lucky customers to win the prize as there are only 18.000 gift cards available.

The prize is none other than a Trojan that will infect your mobile phone and add it to a network from which other cyber-attacks will be launched.

So, now you know if someone sends you an Amazon-Gift forget it and don’t click on the link!

The post Amazon-Gift: the latest virus in WhatsApp appeared first on MediaCenter Panda Security.

AVG

Why Netflix is spending millions on encryption

The popular streaming service Netflix recently announced in their quarterly letter to shareholders that they plan to secure their entire service with HTTPS.

While some parts of Netflix already use encryption, such as the registration and payment services, the intention is now to encrypt the entire service for users on all platforms. This includes the data sent and received as part of the streaming service.

Significant costs

In October last year, Netflix said that they were investigating encrypting their entire service but claimed that it could cost them “$100’s of millions a year” to implement.

Netflix hasn’t explained exactly why they’ve done decided to roll out HTTPS, although sources speculate that the Snowden revelations have some part to play.

2014 was a watershed year for security with a number of high profile companies and individuals suffering cyber-attacks. The trend continued in 2015 and Netflix has followed the likes of Google to adopt HTTPS across more of their services.

Improving user privacy

As Netflix explained in their letter, the wider adoption of HTTPS “helps protect member privacy, particularly when the network is insecure, such as public wifi, and it helps protect members from eavesdropping by their ISP or employer, who may want to record our members’ viewing for other reasons.”

AVG

‘Future Crimes’ – A New Book That Takes on the Future of Cybercrime

“If you control the code, you control the world. This is the future that awaits us.”
– Marc Goodman

As anyone who reads this space knows, I’m a big fan of the Internet of Things, and yet equally worried about security in this brave new world.

A new book “Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It” emphasises these points and makes some suggestions.

What struck me is that many of what crimes Goodman labels as “future crimes” are already happening all around us. From the recent ISIS hack of French TV station to the epic hacks of the past year on major brands from Sony to Target, Home Depot and Chase. We’re definitely already at the intersection of connected technology and cybercrime.

“We’ve gone ahead and wired this world but failed to secure it,” Goodman said in a tweet. “We can but it’s going to be hard.”

Goodman writes about identity theft, stolen data, smartphone hacks, and speculates worryingly about the future. He sees this getting worse, of course, with the advent of smart houses, smart cars, and an increasingly wired world.

The recent wave of cybercrimes illustrates his warnings, and is one of the reasons it’s become a hit. The book was rated as Amazon’s Best Book of the Month in March and is a bestseller on the New York Times “Crime and Punishment” list.

When he writes about the future of technology, from smart pacemakers to 3-D technology, and the shadowy figures out to exploit the weaknesses of these devices, it can read like science fiction. But, as we’re fully aware at AVG, a connected future is rapidly approaching and it’s reality, not fiction.

Goodman does offer some positives, which is what made the book interesting to me: Without action this would be a litany of gloom and doom. He suggests the sharing of information between public and private sectors, something President Obama has been strongly advocating. Goodman also envisions  a “Manhattan Project” type organization combining the best and brightest from the private and governmental sector.

Goodman also says it is crucial to increase the technical knowledge of ordinary people, who use technology on an everyday basis. I think this is a very good idea. From our Clinton Global Initiative Smart User Mission to our Magda and Mo ebook series for children, at AVG we view it as part of our mission to we teach internet safety to the new generation of users coming online.  As Goodman points out, being tech savvy is only going to increase in importance.