Top infosec trends in the social media spotlight this week…
UK bank NatWest was left red-faced earlier this week, after Australian security researcher Troy Hunt highlighted a potential vulnerability in its main customer-facing website.
Hunt tried to explain to NatWest that serving its homepage over a non-secure connection “wasn’t such a good idea”, to which the bank replied:
In a subsequent blog post, Hunt demonstrated the potential dangers of NatWest’s HTTP-only landing page, which could be intercepted or modified to redirected customers to a malicious phishing site.
While the post makes for humorous reading, it seems NatWest has ultimately taken heed of Hunt’s suggestions:
In the cryptocurrency world, meanwhile, NiceHash has been working on a solution to ensure all users are reimbursed after a hack that resulted in $60 million worth of bitcoin being stolen last week:
The bitcoin mining platform took to Reddit to say it was in the final stages of rebuilding NiceHash into “the most robust and secure marketplace for hashing power”.
The redeployment of the service, however, did little to allay the concerns of those who lost their bitcoins:
Elsewhere, residents in the UK’s historic city of York were able to watch the local council’s discussion on whether to renew the ride-hailing firm’s license:
Following a lengthy debate, York City Council decided that Uber would lose its right to operate in the city, following taxi drivers’ complaints that the region was being “overwhelmed” with drivers, along with concerns surrounding the company recent data breach.
Finally, despite a massive campaign aimed at saving net neutrality in the US, the Federal Communications Commission (FCC) yesterday approved a measure that, according to its detractors, will ultimately allow ISPs to block, throttle, and prioritize content.
There has been no shortage of articles and op-ed pieces emerging from North America in the wake of the regulator’s decision. And while proponents of net neutrality are now look to overturn the measure with a Congressional Resolution of Disapproval, a Twitter account linked to Anonymous hacktivist network issued a not-so-veiled threat towards the FCC itself: