It seems like there's a data breach at some large company nearly every day. I'd rather my readers be informed, but I don't want to dwell on the events themselves. In our third series to launch in the new year, we'll be summarizing some of the events and let you know about fixes that may apply to you. You may already be aware, but it's important to stay on top of fixes for both your home and work computers to prevent problems. So, last month in security news...
Adobe and Microsoft both released updates to address a number of vulnerabilities in their software. If you're one of the many that uses PDF documents or Internet Explorer regularly, you should make sure all the updates have been applied.
In more technical news, Security Week published a great article about building security in (versus building it on). This is something that, as a developer, I have always strived for. Now that I have a team, it's up to me to make sure they follow best practices so our clients' and their customers' information remains secure.
In another great article from Security Week, writer David Holmes talks about the magnitude of the breaches which occurred in 2015 - and there were manage. The best take away from this article lies toward the end where his links a Web site to help you find out if you've been hacked. www.haveibeenpwned.com
According to the FTC, Tax Fraud is behind a 47% spike in identity theft. This being tax season, be wary of phone calls from supposed IRS employees. Brian Krebs, a security blogger and expert, has a great article to avoid being victimized by tax fraud in 2016.
Lastly, a new remote access trojan (RAT) was discovered that is adept at many things, including evading detection and conducting espionage. It was originally discovered in connection with attacks on the Myanmar election commission's Web site. It utilizes a number of tools which are used extensively by an attacker group dubbed "Group 27". The important takeaway here is to practice caution when receiving a link from anyone - even if the sender appears familiar. Here are some great tips on identifying malicious emails.