First and foremost I wanted to start this post by acknowledging the tragedy that has befallen Paris tonight. Our thoughts and prayers go out to all the people of France, and all the victims affected by today’s tragic events. So, next…let’s see what is going on in security news this week.
- First story of the week is about the group of teenage hackers (CWA) that has been making the news lately. This time they seemed to have gained access to a confidential and supposedly secured system used to store the US Arrest Records. The system is called Joint Automated Booking System (JABS), and is used by FBI and Law Enforcement.
- Read More @ http://thehackernews.com/2015/11/hacking-arrest-record.html
- NSA, in an attempt to repair some of it’s tarnished image has shared some details on their vulnerability disclosure strategy. However, their strategy might have backfired as they admitted they keep a percentage of discovered vulnerabilities and don’t disclose them at all. Also, they often use them before disclosing them as well. This is hardly unexpected though.
- Read More @ http://www.reuters.com/article/2015/11/07/us-cybersecurity-nsa-flaws-insight-idUSKCN0SV2XQ20151107
- Chargers were unveiled against three man involved in a number of stock fraud schemes, as well as hacks of several financial institutions that included JPMorgan. These schemes resulted in almost 100 million dollars for the 3 men charged. 2 of the 3 men were already arrested, one remains at large.
- Read More @ https://nakedsecurity.sophos.com/2015/11/11/three-indicted-for-massive-hack-and-fraud-scheme-that-targeted-jpmorgan
- Next, an article from MalwareBytes that shares a few points on why these days Anti Virus software is not enough to keep you safe from Malware. Anyone working in the industry is fully aware of the limitations of AV, but interesting read non-the-less.
- Read More @ https://blog.malwarebytes.org/security-threat/2015/11/three-reasons-why-anti-virus-alone-is-no-longer-enough/
- CyberArk has published some interesting data on network susceptibility to privileged account hacks and abuse. They have found that 88% of networks researched were susceptible to Privileged Account abuse.
- Read More @ https://threatpost.com/88-percent-of-networks-susceptible-to-privileged-account-hacks/115314/
- Next, something a bit different. An article that shows the demand and salaries for IT Security professionals make this a great field to be in. With the rise in breaches and nation state hacking this is not too surprising, and the demand is only going to keep growing.
- Read More @ http://www.itworld.com/article/2999370/careers/jobs-and-salaries-in-cybersecurity-are-booming.html
- Microsoft as of 2016 will be giving their foreign customers the option of storing their data in Germany, in order to try and make the data safe from spying by U.S intelligence agencies.
- Read More @ https://nakedsecurity.sophos.com/2015/11/12/microsoft-to-host-data-in-germany-to-evade-us-spying/