The Best Offense is a Good Defense
Glass houses are always the worst choice to live in; unless, of
course, you want to share your most private secrets with your neighbors. Most people prefer a house with stronger,
thicker, and less ‘see all’ walls where they can protect themselves and their
personal information. Neighbors can
throw stones all they want, but they’re not going to crack the walls of an
ancient, brick-mortar Victorian.
It’s an issue as old as time: people will always want to protect
their personal data from prying eyes.
Whether that means a thicker flap over the entrance to a straw hut, or a
high-end security system that monitors every entrance and exit to a mansion on
a hill. But as Hollywood has shown us time and again, where there is extra
security, there is usually somebody trying to take what’s hiding inside.
The digital age has only exacerbated this issue for most users and
companies around the world. The stronger
the information security in place, the more vigorous hackers attack in order to
find out what is hiding behind the high stone walls on the top of the
hill. Every so often, these hackers find
a spot where the mortar is weak, and they drill and drill, under cover of
night, until a hole is formed. Then, just out of sight, they sneak in and
quietly make away with everything you value most. So how do you stop somebody coming through
the walls around your data? Find the holes, and seal them back up.
Old Dog, No New
Tricks
Just last week, Microsoft published an advisory report describing a vulnerability
in Schannel, exposing users and their browsers to FREAK (Factoring attack on
RSA-Export Keys) attacks. This method of attack gives hackers the ability to
decrypt HTTPS web traffic between certain browsers and a vast number of websites. The hacker in question can simply observe the
web traffic, and inject malicious code to require a weaker encryption key
wherever he or she might like. By this
point the hacker is able to intercept transferred data (such as banking
credentials or the like) and read or modify it at will. This could spell a potential weakness in your
particular information security, exposing your precious data to prying eyes.
While this SSL/TSL Vulnerability has been around for decades, the issue was only made public earlier this month. Within a week of this revelation, both
Microsoft and Apple have released a series of patches and security updates for their
flagship systems and browsers to address this issue. With digital and
information security snaking their way into many of our news feeds today, the
companies have no choice but to act proactively and aggressively to new
vulnerabilities in their systems.
What does this mean?
Little known security holes are a Hacker’s bread and butter. Before
the days of the Internet, what momma didn’t know might not hurt her, but today
it could cost her the house.
As a Hacker Attacker, it is up to you to be aware of any
vulnerability in your system, and how to better secure yourself and your
data. FreakAttack allows you to track
current updates to the FREAK vulnerabilities and patches that have been rolled
out. With constant monitoring and
observation of your digital security, you can prevent many attacks on your data,
and that of others who may operate within your network, before they even
begin.
If you are looking to protect a network from external attack, you
need to know where your weakest link is.
Seal the holes at the source, and make sure your browsers and systems
are always up to date. Creating and
maintaining a strong password solution is a necessary step,
but closing and locking a door doesn’t help if there is a hole blown into the
wall next to it.
We would love to hear from you: got any news on system vulnerabilities or patches that should be downloaded? Let your fellow Hacker Attackers know, and sound off in the comments!
No comments:
Post a Comment