Here is our latest news roundup of articles about network and SSL security. Click here to see the whole series.

SSL & Encryption News

• Security researchers discovered an encryption flaw similar to the FREAK vulnerability. The flaw, dubbed Logjam, allows attackers to downgrade the 512-bit cryptography making a man-in-the-middle attack possible.
• Mozilla announced that upcoming versions of Firefox will not be trusting HTTP connections. (The announcement was made April 30).

Data Security

• Because of the rise in identity theft through hacking, the IRS has established a new unit dedicated to tracking down cybercriminals.
• A legislation has been proposed in recent months that would allow companies the choice of whether or not to alert customers of a data breach.

Vulnerabilities

• CrowdStrike researchers announced the newly discovered VENOM vulnerability, but some say it is not the threat it was made out to be.
• BACKRONYM vulnerability in MySQL downgrades SSL connections enabling attackers to snoop communications.

Malware

• The self-destructing virus Rombertik sounds worse than it is according to researchers.
• Mumblehard, the new Linux malware, features backdoor and spamming components.
• A new strain of the Dyre banking Trojan circumvents security measures causing more than $1 million in financial loses.

Data Breaches

• Cybercriminals hacked Adult FriendFinder, one of the largest dating sites, gaining access to 3.9 million accounts.
• Healthcare insurance provider CareFirst BlueCross BlueShield has fallen victim to another data breach, affecting 1.1 million members.
• Partners HealthCare announced that they may have suffered a data breach caused by employees responding to phishing emails.
• Ryanair an Irish low-cost airline suffered a major financial breach resulting in a loss of more than $5 million.
• Penn State University notified 18,500 individuals that their sensitive information may have been accessed by two threat actors.

Internet of Things

• Security researchers recently remotely hacked a robotic remote surgeon.
• Hospira’s Lifecare PCA3 Drug Infusion pumps are full of vulnerabilities.

Research & Studies

• New research from Juniper estimates the global cost of data breaches to be in the trillions by 2019.
• The cause of healthcare data breaches is shifting from device theft to criminal attacks according to a new study by the Ponemon Institute.
• Mobile malware threats are increasing according to Kaspersky Labs Q1 2015 report.
• This month Akamai released their Q1 2015 State of the Internet Security Report.

Events

If you missed Microsoft Ignite 2015, you can catch up here.