Graham Cluely – Glock Takes Stock

0
280



Highlighting the dangers of the use of third party frameworks. Update now…:
A nasty vulnerability has been discovered in the WhatsApp desktop client used by millions of people around the world. That vulnerability allows an attacker to send a malicious link that, when clicked on, could give the attacker access to all the files on a WhatsApp user’s computer.
The vulnerability was discovered by security researcher Gal Weizman. It works by exploiting a f…


Ah, bless!…
We definitely definitely absolutely won’t ever ever be releasing any more updates for Windows 7, said Microsoft earlier this month.
Now there’s an update on its way to fix a cosmetic bug in how Windows 7 displays users’ desktop wallpaper…


Some good news to end your week…
[…] This week, INTERPOL announced that a campaign it co-ordinated in Southeast Asia had dramatically reduced the number of infected devices across the region.
Operation Goldfish Alpha was a six-month effort to secure hacked devices across Southeast Asia, launched after the discovery in the region of 20,000 MicroTik routers that had been exploited via an operating system vulnerability to mine for cryptocurrency without the consent or kn


Before you expose RDP, think to yourself “Do I feel lucky?”…:
[…] Worryingly, Sophos reports that the Snatch gang are different from other criminals spreading ransomware insomuch as they are not primarily focused on just extorting money – but also stealing data with the intention of later holding it for ransom or leaking it online.
Their recommendation beyond patching and running up-to-date anti-virus software if you want to reduce the chances of being hit?
“Sophos r


Fallback Image

A rare “good news” story about ransomware…:
Ransomware hit Louisiana’s state government hard yesterday, shutting down multiple websites and email systems after it fell victim for the second time in just a few months to a ransomware attack.
In a series of tweets, Louisiana state governor John Bel Edwards revealed that his office had activated a cybersecurity response team in response to an attack that had affected “some, but not all state servers.”
The Louisiana Offic


Doubleplus ungood. If we are going to encourage people to use strong, single-use passwords then we need tools like LastPass (and Apple’s keychain) to be bulletproof. Glad to see that they pushed out an update, but I’d be interested to see if this contravened any organisations’ update policies…:
[…] Popular password manager LastPass says that it has fixed a vulnerability in its Chrome and Opera browser extensions that could have potentially seen an attacker steal the user


Maybe time to invest in an early warning system like CybelAngel…?
TechCrunch reports that a security researcher stumbled across an exposed server on the internet containing databases with a total of more than 419 million records related to Facebook users.
According to TechCrunch’s reporting, each database record contains a user’s unique Facebook account ID (from which it’s possible to determine a user name) and phone numbers attached to the account. The treasure trove o


Fallback Image

Sometimes, all it takes is one person to get hacked…:
In the wake of the CEO of Twitter having his account hijacked the site has disabled the option to tweet via SMS.


I’ll bet most printers never get an update throughout their entire lifetime, and many are left with default login credentials. Time to change that…:
[…] Printers, just like any other IoT-enabled device, need to be secured, and updated with the latest firmware and patches to prevent a successful hacker attack.
That’s the message which comes through loud and clear following the announcement by security researchers at NCC Group that they had uncovered multiple security h


This looks like the malware author just couldn’t be bothered with setting up the usual ransomware infrastructure, they’ve gone straight to simple destruction…:
The tech press is full of stories about “a new ransomware strain” called GermanWiper, that has hit German businesses hard in the last week.
But the reality is that GermanWiper is much worse than ransomware.
[…]



Source link