Welcome to a new year and, in some ways, a new threat landscape. Even the most careless Linux and Mac users can no longer be smug about not needing anti-virus. Windows isn’t left out, with a shiny new privilege escalation flaw. Wifi authenticated with WPA is no longer secure and private browsing, according to this infographic, isn’t as private as you might think. Oh, and industrial control systems also have cause for concern, thanks to a 64-bit HAVEX RAT.
PCI DSS version 3.0 is now mandatory, so queue a slew of articles focussing on the changes. Truth is though that the v3.0 standard has been out there for some time, and all companies worth their salt should be compliant against v3.0 by now. If you’re not, then you should definitely get in touch before it’s too late. Seriously.
ODDS AND SODS
Here’s a tale of what happens if you accidentally put your AWS keys on GitHub. Spoiler alert: what happens is exactly what you’d expect. Speaking of tales, or in this case TAILS, the folks over at The Register recently ran the second of a two-part article on security that covered TAILS, TOR and secure IM. Well worth a read. Elsewhere, OpenSSL gets an update to fix a whole batch of bugs (eight to be precise) but it’s quite low on the media’s radar – does nothing get noticed unless it has a brand?
What accounted for half of internet traffic in 2014? Place your bets and click here to find out. Let’s finish on something a bit lighter: if there was a You’ve Been Framed for hackers, these guys would be #1. Pro tip: always do your homework.