Sprint accounts may be compromised, Google Chrome tightens up its Incognito Mode, Apple zooms to fix Zoom's vulnerabilities, and more in This Week in CyberSecurity: where we highlight select top cybersecurity stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cybersecurity and technology news.
If you would like to be the first to know about our Week in Cybersecurity reports and receive a FREE Webcam Cover, sign up here.
The Week of July 19th, 2019:
- Apple has been working diligently to resolve a vulnerability that lied within Zoom for Mac, a video conferencing software tool that not only allowed intruders to hijack the user’s webcam, but also opened a backdoor for phishing attacks. The heightened danger rests in that Zoom installs a local web server on Mac devices and runs in the background, which could be exploited to gather information for use in a phishing attack, or to send out DOS (Denial of Service) attacks. Even worse, if the user uninstalls Zoom, the web server remains active and continues to gather information or even initiates a reinstall. Zoom has rolled out a patch to remove the local web server and to grant the user access to completely remove Zoom and manually reinstall the program, sans exploit. (Medium)
- We’ve been reporting on the large American Medical Collection Agency data breach that affected of LabCorp and Quest Diagnostic earlier this year, but another medical company has reported their patients’ sensitive data potentially being stolen. Clinical Pathology Laboratories (CPL) is the latest to report being affected by the AMCA breach as the Protected Health Information (PHI) of 2.2 million of its patients may be at risk. So far, that is 7.7 million customers affected at LabCorp, 11.9 million impacted patients at Quest Diagnostics, and an additional 34,500 at CPL that may have had their credit card or banking information stolen as well. All from one data breach. (CNET Security)
- Another cybersecurity news week, another Facebook report. This time, the FCC is putting its foot down about the social media platform’s persistent personal invasion issues. Facebook is slated to be faced with a $5 billion penalty for multiple accounts of privacy concerns. The settlement is still going through the US Justice Department, but once it is finalized, it will top the previous large-scale legal privacy battle the FTC had with Google in 2012, which settled for $22.5 million. (ZDNet)
- Chrome 76, the newest update of Google’s Chrome Web Browser, is making major changes to its Incognito mode to increase privacy for its users. The most major change involves Google resolving what they call a “loophole” in the file system framework of Incognito mode that allows other websites to detect a private session. Many websites such as Forbes and the New York Times have their sites engineered to detect if a visitor is in Incognito mode and restrict them from viewing the content without signing in or paying, or in some cases completely block the user from its content. The Chrome 76 update is slated to prevent that from happening anymore, as the company is looking to bring the concept of privacy back to its private mode. (Engadget)
- If you have a mobile phone with Sprint, you may want to be on the lookout for a security alert from the company, as they have been involved in a major data breach. A vulnerability that resided in an “add a line” promotion from Samsung’s website may have exposed critical account information that could result in unauthorized access to your account. Sprint has responded swiftly to the flaw by alerting the potentially affected accounts and resetting their account PIN codes. Full details of what may have been exposed and exactly how many accounts were affected have not been divulged by Sprint as of this time. (The Verge)
neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your daily duties. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.