Top Security Stories of 2015
Ashley Madison – The Ashley Madison breach impacted politicians, users and many dignitaries as sexual preference information along with names, credit card information and other personal identifiable information were released to the public.
Italian surveillance software maker, Hacking Team suffered a major breach that released 400 gb worth of secret information online.
Both Dell and Lenovo placed many customers at risk by executing a self signing certificate on all personal computers which allowed hackers to intercept communications on public WIFI hotspots. In addition, hackers were also allowed to create their own digital certificates on local pc’s with could capture bank information and all other encrypted information.
CIA – The CIA director believed leaving back doors open in networks is useful when accessing information quickly. This is a very scary though process.
Android – Android phone fell susceptible to an exploit called “Stage Fright”, which allowed hackers to run malicious code on cell phones by sending a simple text message. While Google released patches to conceal the exploit, the releases were too little too late.
Due to the Hacking Team hack, Adobe Flash was labeled as being non-secure for the enterprise. While patches were released to mitigate threats, the difficulty level to implement threats onto a Flash platform is fairly easy. Shortly after, Facebook’s CSO, Alex Stamos called for the end of use date for flash. Currently, flash is being looked at to halt future development.
Equation Group – The Equation Group has been linked to successfully hacking Iran and Russia. Equation has also being linked to breaches suffered in the United States.
LastPass – Password manager LastPass suffered a breach that leaked corporate and private user’s passwords, email addresses and other sensitive information.
Tor – Tor’s network was hacked which revealed innocent and nefarious individuals looking to surf the Internet while masking their identity. Tor believes the breach was orchestrated by the government to track down known black hats.