Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

This Week in Security: Quicktime, Blackhole, Microsoft, GozNym, Power-grid, Western Digital, EU Data Protection

DZone's Guide to

This Week in Security: Quicktime, Blackhole, Microsoft, GozNym, Power-grid, Western Digital, EU Data Protection

Really Apple you don't want me to use Quicktime on Windows? The EU is serious about protecting users, and they have upped the ante for violations.

· Performance Zone
Free Resource

Image title

Apple Quicktime for Windows

Trend Micro have identified two vulnerabilities with Quicktime for Windows which Apple have discontinued support for. For this reason Trend Micro are recommending that users remove it from their systems.

Read more here

Blackhole Exploit Kit

Author of the Blackhole Exploit Kit Dmitry Fedotov jailed by a Moscow court for 7 years and his associates have been given between 5.5 and 8 years.

Read more here

Microsoft vs Justice Department

Microsoft files a suit against the Justice Department to allow it to inform customers when a warrant has been aquired to access their email. They believe that people have a right to know but in the last 18 months nearly 2600 warrants have been issued without their knowledge.

Read more here

GozNym Trojan

A hybrid trojan called GozNym, which is believed to have been developed by the same people as Nymaim and have merged their codebase with that of Gozi ISFB a banking Trojan. The Nymaim code is used as a method of distributing the Gozi ISFB code to aid in commiting fraud.

Read more here

FBI and DHS Warn of Cyber Threats to Power Companies

The FBI and the US Department of Homeland Security are warning of cyber attacks to the power-grid. They have however said they believe the threat to be low because the successful attackers from foreign nation states have simply been gathering information and at most have been insuring that they have persistent access to these systems for introduction of malware as and when they might need to. That’s like saying a killer has broken in to you bedroom but they haven’t attacked you yet because you haven’t tried to attack them.

Read more here and here

Western Digital

A DNS issue with Western Digitals My Cloud support servers may have left users data open to malicious attackers.

Read more here

EU Data Protection

It seems the EU has finally changed the data protection regulations for the protection of its citizens. Previously companies could only be fined upto €500000 which they considered a small price to pay and so continued to use our data regardless. However with the new regulations they would find themselves having to puy upto 4% of their worldwide turnover, which would have to hurt. So hopefully we’ll be getting less of these very irritating cold callers in europe.

Read more here

Cybersecurity Needs More Attention from the Directors

Cybersecurity generally gets very little attention by high level managers, it is often just swept under the carpet because it is a costly feature that doesn’t bring in the money. If you get it wrong though it certainly costs a lot more, so perhaps directors should start thinking about its implications as well.

Read more here

Short URLs

Short URLs aren’t just a problem because you don’t know where they point but are also a problem because of the limited number of combinations. Due to the reduced number of possible URLs it could be possible to use a sort of brute force attack to find urls that point to valid cloud folders that have been shared.

Read more here

Topics:
quicktime ,microsoft ,power ,data protection

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}