Security week-in-review: Attacks big, small, and not at all

Business Travel

Business Travel

It’s hard to keep up with the hundreds of security-specific headlines published every week.

So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. Knowledge is power. Check back every Friday to learn about the latest in security news.

1) This week, Ars Technica reported about “Shodan,” a search engine that anyone can use to look up web cameras across the Internet. The engine looks for IP addresses with open ports, meaning that many unprotected “Internet of things” devices (think security cameras or baby monitors) are particularly at risk. Ars makes the good point that technologies such as this highlight some of the biggest holes in IoT security today: that is, there’s not a lot of it.

2) As part of its new monthly updates cadence, Samsung plans to patch a number of vulnerabilities in its Android Galaxy products, ZDNet reports. The to-be-patched devices include the Galaxy S6 and S5, as well as the Note 5 and 4, among others. A number of these patches come from Google’s patch release in early January.

3) Israel’s Public Utility Authority was recently attacked, according to the country’s Minister of Infrastructure, Energy, and Water. The minister described the attack as “one of the largest cyber attacks we have experienced,” according to a report from CSO Online. The attack may have ransomware in the utility’s systems.

4) HSBC was hit with a distributed denial of service (DDoS) attack Friday, according to a report from the BBC, causing a temporary website outage. The company reported that it had “successfully defended” its systems and apologized for inconveniences.

5) This week, we reported that phones are becoming a part of the “kill chain,” or the steps an attack must take to infect or gain control over a targeted system. This is because the phone is becoming an ever more critical element in authentication (via two-factor authentication).