Security Flash News from 31st of July to 4th of August, 2017

-
 0

On Monday (31st of July), we acknowledged the decision Google made: to get rid of spyware, lurking in its Play Store. Certain apps have been classified as carriers of Lipizzan spyware: a bug that can record people’s activity while also managing to look completely innocent. After the investigation had been concluded, 20 rogue security software received their sentences to be removed from the major file distributor. Most of them had been generated to appear as software apps, meant to help people protect their Android devices from unpleasant encounters with malware or even ransomware. You should be aware of the way spyware works: it steals information about the users in any way possible. In majority of cases, data from services like Whatsapp, Snapchat, Skype, Gmail could have retrieved by hackers without receiving permission from compromised users. More at: 2-viruses.com.

How long does it take to hack in a voting machine? Not more than 90 minutes – hackers at DEF CON proved that last week. “What surprised me was how quickly the community was able to jump in and discover and exploit the vulnerabilities in these machines. We knew they could be exploited, we just didn’t know easily a broad community with this kind of expertise would be able to accomplish it” – Matt Blaze, University of Pensylvania, election security expert. More at: threatpost.com.

On Tuesday (1st of August), producers of the intriguing show Game of Thrones probably struggled to remain calm when the entire future of the season 7 was put in jeopardy. Hackers managed to crack the security system of HBO database and steal approximately 1.5 terabytes of information from the most popular shows that HBO is currently launching. Game of Thrones is the show that crooks paid the most attention as, naturally, it is potentially the most successful (and hottest) show in town. While hackers did threaten HBO that it is going down and also made some serious plans of releasing stolen episodes, none of these actions were actually implemented. The nature of the actual stolen footage/scripts is not know; therefore, it is impossible to state whether hackers are bluffing or have a very strong ace up their sleeve. More at: 2-viruses.com.

It’s finally a time to make IoT (Internet of things) more secure. Senate in the U.S. introduced a bill what would require developers to provide stronger security systems to the devices connected to the Internet. “My hope is that this legislation will remedy the obvious market failure that has occurred and encourage device manufacturers to compete on the security of their products” – Mark R. Warner. More at: threatpost.com.

Security Flash NewsOn Wednesday (2nd of August), we analyzed the passive-aggressive quarrel between Mozilla Firefox and Google Chrome. While it is healthy to have some friendly competition to expand the room for growth, Google’s forceful spirit takes advantages of its services slightly too much. Mozilla Firefox is an efficient, but frequently over-looked, browsing tool. It has brilliant features and does not plan to go down without a fight. However, Google Chrome is currently ahead with its persistent strategy of poaching users of other browsers. Google supports many services: Gmail, Drive, Google+ and others. If you are using an application which is not Chrome, Google could try to convince you that using Gmail (or another utility) is way more convenient via Chrome. More at: 2-viruses.com.

On the same day it was reported that cyber criminals managed to hijack a popular Google Chrome extension ‘Web Developer’ with over 1 million active users. Hackers used to buy popular browser extensions, modify them without warning users about that and make profits by displaying advertisements this way. However, in this case they manage to steal the extension and modify it. Luckily enough, developers of this tool was quick to detect the flaw and fix it. More at: thehackersnews.com.

On Thursday (3rd of August), trouble in Google Play Store struck again. We were informed about Svpeng Trojan that had the capacities of monitoring users activity with a key-logging features. This means that every key stroke that a person made on an infected Android could have been collected. The Trojan could invade your privacy completely secretively, and its presences is almost impossible to recognize. While you could think that there is something that you could do, it is important to bear in mind that unreliable software should never be downloaded. Especially if an unreliable source (shaped as a legitimate offer) is proposing you to update or get Adobe Flash Player. .apk files, allegedly bringing Adobe Flash Player, were evaluated as the source for the “Invisible Man” malware. More at: 2-viruses.com. 

On Friday (4th of August), we were surprised to learn that Marcus Hutchins, a researcher which is more well-known by its pseudonym of MalwareTech was arrested in Las Vegas for a crime of generating Kronos malware. At the dawn of the arrest, many people were skeptical about this incident and claimed that it is impossible to picture Hutchins playing for the other team. The researcher appears to deny its relation to the Kronos malware as he pleaded not guilty to the accusations against him. Some unrelated and distracting information about MalwareTech has also been released. For instance, that he enjoyed a fancy life of driving expensive cars, staying over in luxurious villas and even showing a dangerous side of him. This a very one-sided description, and a twisted one at that. As far as we know, renting a car or being a guest in a villa are not crimes that should be considered. Also, shooting in a legal shooting range does not make a person dangerous. More at: 2-viruses.com.

 

About the author

 - Main Editor

I have started 2-viruses.com in 2007 after wanting to be more or less independent from single security program maker. Since then, we kept working on this site to make internet better and safer place to use.

 
 
 

Leave a Reply

Your email address will not be published. Required fields are marked *