The U.S. funding shutdown affects government web sites, a malvertising warning for those who use P2P video and music sites and new social media sites used by terrorists.
Welcome to Cyber Security Today. It’s Friday January 11th. To hear the podcast, click on the arrow below:
The government shutdown in the U.S. is having a cyber security impact on some government websites. These sites regularly need a security certificate renewed, which is a piece of code that verifies the site’s authenticity to your web browser, and encrypts the session in case you transmit personal information. According to SecurityWeek, as a result of expired certificates access domains belonging to the NASA space agency, the Department of Justice, the Court of Appeals, and the Lawrence Berkeley National Laboratory may be limited. At the very least you’ll get a warning their connection isn’t secure. Your browser may block you from using them. In addition the lack of funding means some government sites useful to IT security professionals, like the NIST computer security resource centre are closed. The longer the shutdown continues, the more certificates will expire.
Online ads with malware — also called malvertising — is one of those infections you don’t want to have. However, according to a new report from the security firm Malwarebytes, users of shady video and music sharing sites risk being stung by some of the ads on their pages. In a recent blog the company says people clicking on the ads get infected with malware that steals information like credit card numbers and passwords on their devices, then infects them with ransomware.
It’s easy to create a new communications or social media platform. All you need is a computer. But an opinion piece this week on Wired.com is a reminder that such platforms can be used by anyone, including terrorists. Author Rita Katz of the SITE Intelligence Group, a counter-terrorism analysis organization, notes that ISIS and ISIS supporters are trying out new platforms like RocketChat, Viber and Discord. Some platforms, like Viber and Yahoo Together have removed accounts. They follow sites like Facebook, Twitter, YouTube, Riot, TamTam and Telegram who are strengthening security. But as the author notes, ISIS continues to test the waters. Messenger companies have to watch who uses their platforms, be they terrorists or criminals.
Finally, If you’re an IT professional interested in cloud security there’s a Cloud Security Summit being held a week today, Jan. 17th, in downtown Toronto. I’ll be there covering it and ITWC’s chief information officer Jim Love will be one of the many speakers. Admission is free and registration details can be found here.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.