In the third quarter of 2014, attention was focused on celebrity account hacking and corporate data breaches. By the end of the quarter, cybersecurity professionals had received yet another agonizing reminder that no system is perfect with the announcement of the Shellshock bug affecting the BASH shell. Cybercriminals also used global tragedies, such as Ebola and airline disasters, to further enhance their phishing, spam, and malware distribution efforts.

The High-profile Data Breach Quarter

From celebrity Apple iCloud accounts to Home Depot and the possibility of a Backoff-type virus attack on their point-of-sale systems (POS), virtually no one went unscathed as a result of this wide-spread and high-profile hacking. Consumers found that cybercriminals once again had access to their credit card numbers, celebrities learned that personal and private information had been shared worldwide via the Internet, and corporate CEOs began to count individual data breach losses in the hundreds of millions of dollars.

Bugs and Malware Left Unchecked

The announcement of the discovery of a major flaw in the BASH shell left computer programming and cybersecurity professionals reeling. Having gone unnoticed for over 20 years, the Shellshock bug leaves hundreds of millions of devices, including servers and computers, vulnerable to major attack. As consumers learned that once again their personal credit and banking information had been stolen from a major corporate retailer, news reports began to circulate that Home Depot had a long history of failing to update security systems and fully fund cybersecurity staff. Coincidentally (or not) a few weeks prior to the Home Depot announcement, the U.S. federal government released a warning about the Backoff malware indicating that it was the focus of several POS data breach investigations. It seems that while all top antivirus providers had updated their antivirus services to protect from Backoff, retailers had not been updating their systems.


Operators disable firewall features to increase network performance, survey finds

The primary goal of a firewall device is to secure your network. This is done using various modules integrated into the system which work together to prevent attacks. Disabling some of these features may put the enterprise to risk. Fortunately, GajShield Next Generation firewalls have multiple modules like Data Leak Prevention, Application Filtering, Content Filtering, Intrusion Prevention all work together without reducing the performance of your network. GajShield users do no feel the need for disabling any of the above features and hence feel secure.

In a recent survey of 504 IT professionals, McAfee found that 60 percent prioritize security as the primary driver of network design – something the company did not find too surprising considering recent high-profile breaches.


Email addresses stolen from CurrentC in security breach

CurrentC is already under fire for working with its retail partners to shut out Apple Pay, and it's now facing another mess: some email addresses of people using the app or who have signed up to learn more from the app have been taken from its systems. CurrentC is notifying potentially affected people over email, informing them that "unauthorized third parties obtained the email addresses of some of you" over the past 36 hours. It hasn't said exactly how many emails are affected, but it says that "no other information" was taken.



A security vulnerability has been identified in IBM Websphere Message Broker, IBM Integration Bus, IBM SPSS Data Access Pack, and IBM SPSS Modeler shipped with IBM Predictive Maintenance and Quality

IBM Websphere Message Broker, IBM Integration Bus, IBM SPSS Data Access Pack, and IBM SPSS Modeler are shipped as components of IBM Predictive Maintenance and Quality. Information about a security vulnerability affecting IBM Websphere Message Broker, IBM Integration Bus, IBM SPSS Data Access Pack and IBM SPSS Modeler have been published in security bulletins.


Page 4 of 5