Cyber Security Today: Jan. 23, 2019 — Thousands of malicious websites shut, global meeting on cyber security

Thousands of malicious websites shut, global meeting on cyber security and Android file manager warning

Welcome to Cyber Security Today. It’s Wednesday January 23rd. I’m Howard Solomon.

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

Here’s some good news: Some 265 security researchers working under the banner of Swiss-based URLhaus say they have taken down 100,000 malware distribution web sites in 10 months. This is a project that identifies malicious URLs — which are the .com or .org website addresses you see — and helps get them closed. The project gets them shut largely by tipping off internet hosting providers. Often these websites are spewing out spam to your email inbox. Here’s the bad news: On average, it takes just over a week to shut down a malware distribution site, which is more than enough time to infect thousands of device every day. And when one gets shut, it pops up somewhere else. URLhaus figures there are up to 5,000 malware distribution sites around the world. Two-thirds of the top malware hosting networks are hosted either in the U.S. or China. There’s still a lot of work to do to squeeze these criminal operations.

In Geneva this week the Global Commission on the Stability of Cyberspace has been holding a two-day hearing with the United Nations. It’s the commission’s fifth international workshop on Internet governance. Progress in getting countries to agree on some sort of cyber rules of the road is slow. Last September the commission suggested six norms of behaviour, including forbidding governments and companies from tampering with computer products and services. It also urges governments to prevent offensive cyber operations. This week I interviewed Eric Jardine, a Virginia Tech expert on cyber security who said it’s good countries talk. But, he added, until governments exercise some self-restraint on doing things like hacking companies and trying to interfere in elections, agreement on what’s forbidden on the Internet will take a while. Click here to see my full article on ITWorldCanada.com.

If you’re a small business and use Cisco Systems’ line of small business smart or managed switches be aware the company has found a critical software vulnerability. There’s no patch, but there is a workaround. Network administrators should watch for an advisory.

Finally, do you use an Android file manager called ES File Explorer? Well, a security researcher says he has found a vulnerability that could allow an attacker to retrieve information from your Android smart phone, including the list of installed apps, images and videos. Then another researcher found a separate vulnerability that could allow an attacker to get into a phone with ES File Explorer. If you use this app, be on the lookout for an update.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast