Happy Friday, all!
It’s time for our weekly news roundup, and these are the stories that made it to our list this week.
1. Ross Brewer of Help Net Security Blog authored “Cybercriminals increasingly target financial services industry”. The post details a new report released by PWC this week that revealed that the financial services industry was the most common target of cybercriminals, and accounted for 38 percent of incidents, more than double that of other industries. Brewer goes on to say that, “Traditional perimeter security solutions such as anti-virus or encryption, while still playing a part in overall security strategies, are no longer effective in proactively detecting and threats and defending the IT estate.” This new data coincides with Verizon’s 2012 Data Breach Investigative Report, which also listed the financial sector as the most commonly attacked.
2. Dennis Fisher of ThreatPost recently reported via his post “Google Releases Chrome 18, Fixes Nine Security Flaws,” that the latest update to Chrome also fixes three high-severity vulnerabilities. There’s also an updated Adobe Flash application that allows the app to update itself automatically in the background when new versions are available to ensure that users are always up to date. Google reportedly paid out $12,000 to researchers who discovered vulnerabilities and worked with Google to remediate them.
3. The European Parliament approved legislation this week that officially makes hacking IT systems a criminal offence. As reported on the EU site, “Cyber attacks on IT systems would become a criminal offence punishable by at least two years in prison throughout the EU… Possessing or distributing hacking software and tools would also be an offence and companies would be liable for cyber attacks committed for their benefit.” Full Details are in the article on the EU News site here.
4. Finally, Brian Krebs reports that a “Powerful exploit that takes advantage of a newly disclosed security hole in Java has been rolled into automated exploit kits and is rapidly increasing the success rate of these tools in attacking vulnerable internet users.” Basically, the vulnerability is a bug that allows the attacker to bypass the sandbox, allowing hackers to load things such as the ZeuS Trojan and other malware. Java is employed globally on more than three billion systems and based on the habits of 28 million internet users, it is estimated that 60 to 80 percent of computers are currently vulnerable. So, everyone should most definitely double check their Java and make sure they are updated to the most current version.