New Cyber Attacks
KRACK (Key Reinstallation Attack) is used to exploit the vulnerabilities detected in the Wi-Fi’s
WPA2 password authentication protocol that all modern protected Wi-Fi networks use and can
steal sensitive information like credit card numbers, passwords, chat messages, emails, and
This attack allows the attacker to decrypt Wi-Fi users’ data without cracking or knowing the actual password of the Wi-Fi. Hence, It is highly recommended to communicate over HTTPS secure channels.
Cyber Security Statistics
A study, surveyed more than 500 US-based IT decision-makers, discovered that many businesses don’t require employees to use long passwords with upper, lower-case characters and numbers.
The study shows that %87 of IT decision-makers believe they have sufficient password protection policies in place. But, most of them are failing to ensure strong passwords, exposing their companies to security risks with an average cost of 7$ million, according to IBM Security.
New Cyber Threats
An important vulnerability was discovered recently targeting Apache Tomcat servers which allows attackers to perform a Remote Code Execution Attack to upload a malicious crafted JSP file to the targeted server running a exploited version of Apache Tomcat. The code in the malicious JSP file will be executed by the server when the file is accessed via an HTTP client (e.g. web browser).
Cyber Security Tip
Nowadays, many online services such as email and banking protect personal accounts through
Two-Factor Authentication (2FA), this authentication adds an extra security checkpoint when
certain risk factors are present, such as logging in from a new location or device. Determine which accounts are at risk and add an extra login step to avoid a Single Point of Failure Attack.