The security review: Jigsaw and passphrases

Welcome to this week’s security review, which includes Jigsaw & the increasing aggressiveness of ransomware, the importance of passphrases, Google’s continuing efforts to encrypt all of its services and products and the cybersecurity prowess of a 10-year-old boy from Finland.

Jigsaw and how ransomware is becoming more aggressive with new features

The threat of ransomware attacks is all too evident, with ESET’s Josep Albors reporting on how there appears to be a trend towards more aggressive variants. One example of this is Jigsaw, a variant detected by ESET as MSIL/Filecoder.Jigsaw. Mr. Albors said: “The real threat from this ransomware variant is that every hour some of the encrypted files are deleted. This makes time a key factor if you want to recover the files.”

Forget about passwords: You need a passphrase!

passphrases

On World Password Day, WeLiveSecurity put together a guide on how to create passphrases. Passwords are no longer enough to keep you secure – what’s essential are long, complex passphrases that are tough to crack but still easy to remember. Some tips include adding spaces and capitals, as well as punctuation and block capitals.

Interop: Getting a few more years out of your tech

ESET’s Cameron Camp, who was in attendance at Interop, discussed some of the innovation taking place with cabling. He commented that “speed is where fiber optic far outshines copper”, adding: “While you have to work to get copper cabling to do 10 gigabit, fiber optics wouldn’t even be breaking a sweat.”

Google introduces HTTPS for blogspot domain names

HTTPS

Google announced that every blogspot domain name is to be encrypted with HTTPS. The tech giant originally launched this functionality in September 2015, but at the time it was optional for users. However, since then it has decided to fully encrypt all its products and services, and blogspot pages will now be HTTPS by default.

Third party risks ‘ a serious risk’

A study by the Ponemon Institute and Shared Assessments revealed that organizations are increasingly of the opinion that third party risks are on the rise. The respondents put this down to the impact of disruptive technologies, the authors of the paper highlighted. “It has become imperative for organizations to create formal programs for vendor risk management in order to avoid being compromised,” suggested  Dr. Larry Ponemon, chairman and founder of the Ponemon Institute.

10-year-old Finnish boy uncovers Instagram comments vulnerability

Instagram

A precocious youngster from Helsinki in Finland uncovered a security flaw in Instagram and duly reported it to the social network. His reward? A cool $10,000, courtesy of Facebook’s Bug Bounty program. The 10-year-old found that he could delete user comments: “I tested whether the comments section of Instagram can handle harmful code. Turns out it can’t.

Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.