Cloud Security News: Week in Review November 4th, 2016 Edition Cloud Security News: Week in Review is our blog series, grabbing the more interesting cloud security scoops from the web. Sit back,…

Cloud Security News: Week in Review November 4th, 2016 Edition

Alex O'Connor

As Marketing Specialist, Alex works on all things digital and creative, striving to successfully drive CloudLock’s marketing campaigns.

Share

Cloud Security News: Week in Review is our blog series, grabbing the more interesting cloud security scoops from the web. Sit back, relax, and catch up on all you should know about this week.

Halloween wasn’t the only scary event of the week. It was reported on Wednesday that Wix.com has been exposed to an unpatched vulnerability that could leave millions of sites and users susceptible to cyberattacks. In other news, Halloween phantoms got a run for their money as new ransomware Fantom is out wreaking havoc on Windows users. Last but not least, following up on the DDoS attack on Dyn a few weeks back, turns out it could have been easily prevented and that the attack was likely executed by amateur hackers. Read below for more in-depth recaps of the week.

Threatpost: Unpatched Vulnerability on Wix.com Puts Millions of Sites at Risk

By Tom Spring (@zpring)

Millions of websites hosted on Wix.com are currently at risk of a cyberattack, leaving an estimated 86 million users exposed to possible DOM-based XXS attacks. Senior Security Research Engineer at Contrast Security, Matt Austin, gives two examples of how easily these attacks could be carried out. Wix users, take note.

Hack Read: Ransomware Disguised as Windows Update Causing Havoc among Users

By Uzair Amir (@Uzair160)

Another week, another ransomware. Introducing the newest type of malware: “Fantom.” According to sources, Fantom is targeting unsuspecting Windows users by posing as a software update. Once the ransomware has successfully tricked the user and entered their computer system, it works to encrypt users’ data while the disguised Windows update runs unbeknown.  

CSO: DDoS attack on Dyn could have been prevented

By Taylor Armerding (@tarmerding2)

You all remember the DDoS attack on Dyn that occurred a few weeks ago and disrupted numerous websites across the US east coast. It looks like it could have been avoided. The Online Trust Association (OTA) came out with an “IoT Trust Framework” back in early September, which states that “every vulnerability or privacy issue reported for consumer connected home and wearable technology products since November 2015 could have been easily avoided.” Cue *palm to the face* from Dyn.

Share
Browser Not Supported

Your browser version is outdated.

We would recommend you upgrade to a recent version to ensure that you have a good experience on the CloudLock site. Outdated browsers also increase your security risk. So please update your browser and come back later!

Click on the icon below to download the latest version of your browser

Close