April and May’s biggest security stories
Here are the main cybersecurity headlines for April and May:
Heartbleed. Open SSL is a cryptographic software, meaning it’s an intricate code used to transfer information securely and privately. The Heartbleed bug was a hole in the encryption, allowing hackers to steal protected information. It compromised security keys and passwords, and allowed attackers to read and steal data. Most companies affected by Heartbleed have installed the patch to stop the data leak.
Operation Clandestine Fox. A group of hackers found a vulnerability in Internet Explorer, versions 6 to 11, which allowed them to control their victims’ computers. They were able to install applications, create new user profiles and steal information. In order for them to gain access, the attacker would trick users into visiting a malicious website through an email or Instant Messaging URL.
AOL. AOL estimated the customer data of two per cent of its users’ email accounts were exposed through a security breach. Reports say AOL users received spam mail from altered AOL email addresses that were not coming from the company’s servers. They said passwords, security questions, postal codes and contacts were compromised, but the security breach did not expose financial information.
Microsoft ends support for XP. After 13 years, Microsoft ended support for Windows XP. Net Marketshare reports 26.29% of computer users still use Windows XP today. Unlike the predictions, there has not been a tidal wave of attacks on XP users, and recent media reports say there is a higher likelihood for attackers to target Windows 7 than Windows XP. However, Microsoft is not patching or fixing any security holes for XP, which is leaving XP users unprotected against attacks.
Fake app “virus shield” on phones. A fraudulent anti-virus application made its way to the #1 spot on Android’s Google Play paid apps list in one week. 30,000 customers bought the app, only to learn it just added an icon that would switch on and off. Google refunded every user who purchased the app, and the developer’s account has been suspended.
Learn more by reading our Cyber Security guide or download our fully illustrated cyber security ebook.