CyNations’ Top Security News of the Week4 min read

Google Announces Hacked Sites Rose by a Third in 2016

Google reported that in 2016 there was an increase of hacked websites by 32% in comparison to 2015.  This news stresses growing concerns over cybersecurity following recent large scale attacks affecting US Government, Yahoo and many other organisations.

“We don’t expect this trend to slow down. As hackers get more aggressive and more sites become outdated, hackers will continue to capitalize by infecting more sites,” Google said.

Google Uses Safe Browsing technology to provide security warnings to users when it discovers that a website has been hacked. This helps notifying those who manage the site a chance to fix the vulnerabilities, however 61% of owners whose website was hacked are not notified as their sites are not verified by the search engine.

“Hacking behaviour is constantly evolving, and research allows us to stay up to date on and combat the latest trends,” Google said.

Google highlights four main areas in their blog that web administrators should take on board to improve their security posture. These areas include password security, software updates, hosting provider and Google Services. These recommendations maybe considered common sense to most, but it is worth revising.

A strong password is a vital step in being secure in a connected world, with strong password policies being implemented on most of the day-to-day systems and services that we use. Google takes password security one step further by having the option to enable 2-factor authentication, which can help to reinforce security.

Outdated software can put websites at risk by providing vulnerabilities that allow attackers to gain control of a website. Google mention that it is common for websites using outdated software to be hacked. To prevent this, it is important to regularly check for outdated software and to remove software that is not needed.

When using a hosting provider to manage your web services rather than managing your own servers, it is crucial to ask whether they offer on demand support to deal with hacking related issues, says Google. Having frequent backups is also another vital security measure to consider, especially with the increase of ransomware incidents we have seen in recent years.

Google recommend that web administrators should take advantage of services that they offer which will notify them if their website has been compromised. Google can communicate to website administrators about issues on their site and notify them if malicious content has been detected.

(Source: Security Intelligence)

Most Mobile Device Are Out of Date and Need Patching

Research from Skycure has revealed that 71% of mobile devices still run on security patches that are more than two months old. Skycure’s fourth-quarter report found that more than a third of device had patches more than three months old, and about 6% of device run patches that are six months or older.

Skycure pointed out that a large number of Android vulnerabilities were discovered in 2016, which was four times the amount discovered in 2015. Almost half of those vulnerabilities allowed excessive privileges, while others allowed information to be leaked, corrupted memory or arbitrary code execution.

“Malware, network attacks and advanced exploitation campaigns many times depend on unpatched vulnerabilities to be successful,” said Yair Amit, co-founder and CTO of Skycure. “It’s essential that users and companies know the moment that a device is able to remove these risks to reduce the window of vulnerability.”

The most common types of mobile malware are adware, hidden apps, potentially unwanted apps, riskware, spyware and trojans. The number of these malware types grew by more than 500% from Q1 to Q4 of 2016, according to the report. Hidden apps ended the year with the fastet growth rate in 2016.

Skycure also tracked trends in network incidents over 2016. To highlight the rise in risk of network attacks for mobile devices, Skycure analysed network incidents in the major technology centers of the US over the course of 2016. They found that Boston had the greatest increase in incidents throughout 2016, reach nearly 11 times more in Q4 than Q1.

(Source: Market Wired)

Security Flaw Found in Cisco Switches

Cisco have issued a warning stating that the software used in hundreds of its products are vulnerable to a critical rated security flaw. The flaw can easily be remotely exploited with a simple command. The vulnerability can allow an attacker to remotely gain access and take over an affected device.

Cisco reported in an advisory, that more than 300 switches are affected by the vulnerability.

According to Cisco, the bug is found in the cluster management protocol code in Cisco’s IOS and IOS XE software. This software is installed on routers and switches that are sold by Cisco. They have stated that there are no workarounds to prevent the vulnerability, but said that disabling telnet would eliminate some risks associated with this flaw.

Cisco said a software update will fix the issue, but they have not yet revealed when it will be released.

The security flaw was discovered by the firm’s own security researchers in WikiLeak’s recent disclosure of classified information that occurred last week. The data released dubbed Vault7, relates to the CIA’s cyber-offensive unit.

“Fortunately, WikiLeaks’ Vault7 has permitted Cisco’s security team to identity the vulnerability without releasing the exploit code. Cisco was the most proactive of the US manufactures and its security team initiated contact with WikiLeaks last week,” a WikiLeaks spokesperson said, ZDNet reported.

(Source: IB Times)