Friday Five: 11/20 Edition
Your weekly roundup of information security news.
Happy Friday! Close out the work week with our picks for the hottest articles from the IT and security presses:
- "Plymouth boy, 15, charged over global cyber-attacks" by BBC News (UK)
A 15 year old boy from Plymouth has been charged with bomb hoaxes toward North American Airlines as well as cyberattacks on some international websites. The affected regions include: Asia, Africa, North America, and Europe. To learn more about this youth cyber-attack, read this article.
- "Siri’s Lockscreen Bypass A Growing Privacy Issue For iOS Users by Jaikumar Vijayan
Everyone needs the password to access a locked iPhone, but not everyone needs the password to interact with Siri. Siri, Apple’s integrated personal assistant, is accessible via a press of the main button which allows data to be easily extracted without bypassing the lock screen. This raises concerns for many iOS users and continues to be a privacy problem. To learn more about Siri’s privacy (or the lack thereof), read this article.
- "Seized: Fake EFF .org linked to hackers hitting NATO, White House PCs" by Kieren McCarthy
EFF, the Electronic Frontier Foundation, now has a domain doppelganger – and this one has bad intentions. EFF’s real website is hosted at the domain >www.eff.org while the fake domain was apparently registered by Shawanda Kirlin from Bali, Indonesia. To learn more about the evil twin of EFF, read this article.
- "Hacking group that hit South Korea may be at it again with new target" by Jeremy Kirk
Back in 2013, South Korean banks and government websites were infiltrated by a hacking group which may be resurfacing in Europe. The malware used in the South Korean attack back in 2013 is said to be extremely similar to the one used in Europe. To learn more about the resurgence of this hacking group, read this article.
- "Java vulnerability caused by unpatched open source library" by Peter Loshin
What happens when there’s an unpatched open source library? Java vulnerabilities appear, of course! This issue has given developers rough times with the Apache Commons open source library. The library is widely used by many popular and commercial products which makes the patching of this issue all the more urgent. To learn more about this Java vulnerability, read this article.