A week in security (August 21 – August 27)

August 28, 2017 admin Android, digital forensics, Facebook, google, Mac, Malwarebytes for Android, Malwarebytes for Mac, real time protection, Security world, user agent, Week in security, weekly blog roundup

Credit to Author: Malwarebytes Labs| Date: Mon, 28 Aug 2017 17:38:08 +0000

In our blog posts, we announced the introduction of, and explained the necessity for, real-time protection for our Mac and Android users. Also explaining what you can expect them to do for you and answering the questions that we expect to be frequently asked.

We looked at 4 key steps you can take within your business to help gain trust with your employees while educating them to make more secure decisions. And in our “Explained” series we talked about user agent strings and digital forensics.

Below are notable news stories and security-related happenings from last week:

Latest updates for Consumers

Facebook makes Safety Check a permanent feature. Facebook is acting on its promise to make Safety Check a permanent feature by rolling out a dedicated Safety Check hub that helps you find any ongoing crisis without first being prompted to declare yourself as safe.
Android spyware linked to Chinese SDK forces Google to boot 500 apps. More than 500 Android mobile apps have been removed from Google Play after it was discovered that an embedded advertising SDK could be leveraged to quietly install spyware on devices. The software development kit (SDK) is called Igexin, which allowed covert download of spying plugins.
Hackers can disable your car’s safety systems. Hackers could disable a modern car’s airbags and other safety systems, putting the driver and the passengers at grave risk, according to a new warning.
Identity fraud in the UK at ‘epidemic’ levels as cases rise 5%. Fraud prevention firm Cifas, which released the figures, said identity fraud was rising at record levels and now accounts for more than half of all fraud reported by its members.

Latest updates for Businesses

Hackers nab $500,000 as Enigma is compromised weeks before its ICO. Enigma, a decentralized platform that’s preparing to raise money via a crypto token sale, had its website and a number of social accounts compromised with the perpetrators netting nearly $500,000 in digital coin by sending out spam.
Chrome adds a warning for when extensions take over your internet connection. The changes were spotted in Google Chrome Canary builds (v62.x) and come in the form of pop-ups that appear to the right side of the screen, near the Chrome drop down menu. This gives users the chance to easily revert any unwanted changes at the moment they occur.
Google linked to internet disruptions in Japan. A widespread internet disruption hit Japan on Friday, blocking access to banking and train reservation services as well as gaming sites. A Google spokesperson admitted the company’s blunder in a statement to another local news outlet.
iOS vulnerabilities discovered and reported to Apple. A fully chained iOS kernel exploit that (should) work on all the iOS devices running iOS 10.3.1 or earlier was released by one of Zimperium’s researcher after responsible disclosure. The exploit itself consists of multiple vulnerabilities that were discovered all in the same module: AppleAVEDriver.
Microsoft will never again sneakily force Windows downloads on users. Following a German court case, Microsoft has vowed to never force upgrade files onto users again.

Safe surfing, everyone!

The Malwarebytes Labs Team

The post A week in security (August 21 – August 27) appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/