Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: Not too much on the news front today, but a great article about the challenges of IoT in The Wall Street Journal. Malvertising is now effecting popular news sites. Companies are beginning to scramble to include more secure encryption on mobile apps. Lastly, an recap on the biggest hacks of 2015.
Cellular and Wi-Fi networks are good for connecting smartphones, tablets and laptops. But different technology may be needed when things such as parking meters and vending machines need to communicate. These efforts share some common assumptions. One is that short-range wireless standards such as Wi-Fi and Bluetooth won’t work for many IoT applications, such as connecting tractors to sensors used by farmers or industrial equipment arrayed across broad geographic areas.
The news page looked perfectly innocent. Apart from the reams of celebrity gossip stories and throw-away magazine layout, nothing about the website for UK news site The Daily Mail seemed particularly malicious. But, if you visited the site in October, you might have fallen victim to a sophisticated hacking campaign without even realizing it.
Several companies have moved quickly to add encryption to their mobile apps after it was discovered they failed to encrypt payment card information in transit, putting users at risk. The apps were not using SSL/TLS (Secure Sockets Layer/Transport Layer Security), an encryption protocol that scrambles data as it’s sent across the Internet, according to Wandera, a cloud and mobile security vendor.
While we are nearing the end of year 2015, this year saw several high profile hacks and cyber-attacks that struck on telecommunication companies to governments to consumer products. Let’s have a look at the five worst cyber-attacks of 2015.