TGIF! There was certainly a lot happening in the cybersecurity space this past week. Here are our picks for the top stories. Have a great weekend readers! Also, if you would like to get a understanding of how to build and scale an Application Security program within your organization, check out CA Veracoder Fergal Glynn's latest blog post on threatpost.
Enterprise Security Practices: "Latest wave of healthcare data breaches symptomatic of sloppy security practices" by Neil Roiter (@nroiter). In this Security Bistro blog post Neil Roiter takes a look at the current state of security in the healthcare industry. Neil offers statistics from Symantec's recently released Internet Security Threat Report that focus on the major security concerns plaguing the industry today - particularly data breaches. He also offers a more in-depth look at some of the severe data breaches the healthcare industry has suffered in the past decade or so. The post ends with a sliver of hope: the Health Information Trust Alliance (HITRUST) has created the HITRUST Cybersecurity Incident Response and Coordination Center, a multi-organizational effort aimed at preventing attacks through collaboration.
Apple Security: "Flashback malware exposes big gaps in Apple security response" by Ed Bott (@edbott). In this article Ed Bott offers his take on Apple's security practices following the two large scale malware attacks against the company over the past year or so. This issue has received a lot of attention lately, especially after Eugene Kaspersky's criticisms of Apple's security responses. Ed breaks down Apple's security shortcomings into four basic issues: poor response time in releasing security updates, the lack of an option for automated updates, Apple's practice of only releasing updates for the most recent versions of its operating system, and inadequate disclosure practices.
PHP Vulnerability: "Serious Remote PHP Bug Accidentally Disclosed" by Dennis Fisher (@DennisF). This past Wednesday saw the unfortunate disclosure of a PHP vulnerability that was discovered and reported by researchers in January of this year. The remote-code execution vulnerability allows attackers to to access information and execute arbitrary code using certain query strings. PHP Group Developers are currently still working on patching the flaw, just as they were when it was accidentally disclosed.
Skype Security Hole: "Skype knew about IP address security flaw since November 2010" by Lisa Vaas (@LisaVaas). Voice and video chat app Skype has received lots of criticism this week after it was found that the application has knowingly contained a significant security flaw for the past year and a half. The flaw allows hackers to access private user data including location, internet provider, and IP address. This information is sensitive because it can be used to facilitate industrial espionage and potentially cyber attacks against corporations. Skype reports that they are looking into a solution.
SOCA Attack: "UK’s SOCA website taken offline in DDoS attack" by Zack Whittaker (@zackwhittaker). The website for the United Kingdom's Serious Organised Crime Agency has been down since Wednesday evening following a distributed denial-of-service (DDoS) atack. It is suspected that the attack was done in response to SOCA's announcement in late April that they had regained the credentials of 2.5 million stolen credit cards and had begun arresting the individuals found responsible. SOCA willingly shut down their site in order to protect taxpayers from bearing the financial burden of running the site during the attack. It is still unknown as to who is responsible for the attack.