Tech titans beef up security - This week in cybersecurity
On Election Day alone in 2016, there were nearly 150,000 attempts to penetrate the state’s voter-registration system according to a post-election report issued by the South Carolina State Election Commission. This is in comparison to Illinois where hackers hit the State Board of Elections “5 times per second, 24 hours per day” from late June until Aug. 12, 2017, according to an Aug. 26 report by the state’s computer staff. Read more.
The Trump administration is finalizing plans to revamp the nation’s military cyber command in hopes of intensifying America’s ability to wage cyberwar against ISIS and other foes, reports the Associated Press. Under these new plans, U.S. Cyber Command would be split off from the NSA in order to provide more autonomy and free it from constraints from working with the agency. Read more.
A new report from Lloyd’s of London has warned that a serious cyber attack could cost the global economy more than $120 billion as much as Hurricane Katrina. The report was co-written with risk-modeling firm Cyence, and examined potential economic losses from hypothetical situations such as the hacking of a cloud service providers and attacks on computer operating systems run by businesses worldwide reports Reuters. Read more.
IoT security firm Senrio revealed a hackable flaw named “Devil’s Ivy” that is a vulnerability in a piece of code intern called gSOAP that is widely used in physical security products, reports WIRED. The danger in this vulnerability is that it could allow attackers to fully disable or take over thousands of models of internet-connected devices such as security cameras, sensors or access card readers. Read more.
Another major vulnerability has been discovered by Tavis Ormandy of Google’s Project Zero. Ormandy and Cris Neckar of Divergent Security discovered a vulnerability in the WebEx extension that allows a remote attacker to execute arbitrary code with the privileges of the web browser reports SecurityWeek. Tens of millions of computers have the extension installed and it happened due to recent changes from Cisco. Read more.
Today, Google released new security precautions to protects its users from unverified apps or ones that haven’t been officially approved. How it works is if a web app isn’t verified by Google and is asking you to login in with your Google info you will now see a warning screen with a red exclamation point according to CNN. Read more.
Apple has issued security updates for all its supported operating systems. A total of 47 vulnerabilities on Apple’s mobile OS for iPhone, iPad and iPod Touch were fixed. Among these vulnerabilities was one named Broadpwn, which is set to be discussed at the Black Hat conference next week in Las Vegas. Read more.