Security Flash News from the 8th to 12th of May, 2017

-
 0

On Monday (8th of May), controllers of HandBrake were forced to temporarily discourage people from downloading their tool for video-conversion. We were informed that HandBrake tool was tainted with a Proton Trojan which functions similarly to a tracking device, figuring out your every move online. Surprisingly, only the Mac version was affected, leaving users of other operating systems clear of any danger. On 10th of May, a new post was published from the official HandBrake account. It was indicated that a further analysis of how Proton Trojan functioned on infected devices have been revealed. A variety of details were covered in the article, published by Objective-see.com. If you are interested in reading it, click on the shortcut. More at: 2-viruses.com.

We have already discussed that IP cameras connected to computers all around the world could be hacked and hackers actually can use them remotely, record videos, etc. Soon after that (same Monday), Hikvision announced that they have released a patch which should fix this problem. Chinese manufacturer Hikvision is producing IP cameras and the became the main target of hackers. Most of Hikvision cameras could be easily hacked and hackers took advantage of it. However, now it’s just a history as a patch is ready and everyone can use it. More at: threatpost.com.

On Tuesday (9th of May), another breach came to light. A popular online-dating service Guardian Soulmates became a victim of an accidental leakage of information. Surprisingly, hackers did not play a role in this incident. While this might have not started because of crooks’ intentions, but they did decide to take advantage of this human-error. Former and new members of Guardian Soulmates indicated to receive spam letters. How did they recognize the relation between these rogue letters and Guardian Soulmates? It appears that these messages contained information that was only revealed to this specific dating site. More at: 2-viruses.com.

On the same day it was reported that millions and millions computer around the world could be used as slaves in a botnet armies due to a flaw in Intel chips. The flaw itself is very old (7 years old) and was discovered just recently. Around 8,500 devices in USA are already affected because of this issue and the numbers are expected only to rise. More at: technewsworld.com.

On Wednesday (10th of May), we wrote about the controversial side of elections in France. As you might have already heard, a lot of rumors are circulating about whether Russia attempted to influence another election. While in the past Hillary Clinton was their targeted subject, in the case of French election, crooks decided to focus on Emmanuel Macron. Why him? Well, his rival, Marine Le Pen, presented ideas that were extremely convenient to Russia. The candidate explained that it would be beneficial for France to leave European Union. National Security Agency has already made guesses that emails of Emmanuel Macron were stolen by hackers from Russia. More at: 2-viruses.com.

You might have heard of a flaw in Android operating system that lets hackers hijack smartphones and some very important data, such as passwords, bank details and so one. However, Google announced that this flaw will remain unpatched until the release of ‘Android O’ version, which should be released in the 3rd quarter of this year. Until then, we recommend you to be very careful when using your smartphone with Android OS. More at: thehackernews.com.

On Thursday (11th of May), we marked this date as the time when Microsoft decided to say goodbye to SHA-1 and encourage the utilization of SHA-2. Other services like Google have already modified their browser to favor SHA-2 instead of its former variant. Browsing applications that are controlled by Microsoft are now refusing to fully launch websites that are not encrypted by more powerful algorithms. If you are using Microsoft Edge and Internet Explorer, you might have already noticed certain changes. Some websites should be successfully opened because they are encrypted with a weaker algorithm. More at: 2-viruses.com.

On Friday (12th of May), we were informed about a disturbing fact that some of the HP laptops, purchased in the time period from 2015 to 2016, might have been sold with an automatically installed key-logger. Once again, hackers appear to have nothing to do with this incident. Conexant Systems Inc. are the manufacturers that included flawed audio drivers into HP laptops. This accidental key-logger was able to record users sessions and stored them in a folder. Of course, this information was regularly downloaded, but newer recordings continuously replaced the removed data. In our full article, we included a full list of computers that might contain suspicious audio drivers. More at: 2-viruses.com.

 

About the author

 - Main Editor

I have started 2-viruses.com in 2007 after wanting to be more or less independent from single security program maker. Since then, we kept working on this site to make internet better and safer place to use.

 
 
 

Leave a Reply

Your email address will not be published. Required fields are marked *