The multi-million dollar Equifax data breach settlement, Facebook creates its own AntiVirus, the alarming security problem with VLC Media Player, and more in This Week in CyberSecurity: where we highlight select top cybersecurity stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cybersecurity and technology news.

If you would like to be the first to know about our Week in Cybersecurity reports and receive a FREE Webcam Cover, sign up here.

The Week of July 26th, 2019:

  • This week, Equifax agreed to a settlement involving its massive data breach in 2017. One of the worst, if not the worst, data breaches in history that affected the personal data of over 140 million people has come down to a settlement of anywhere from $575 million to as much as $700 million depending on the claims of its victims. Equifax is also including 10 years of free credit monitoring and up to $20,000 for approved victims to cover damages that may have occurred from the attack. Equifax created a website to check on if you may be affected and/or eligible for a claim and it can be found here. (The Verge)
  • Do you use VLC Media Player? If so, a major security flaw within VideoLAN’s popular media player has been found that could give a hacker direct access to your system, the ability to install software, and run malware attacks. If the flaw is exploited, the attacker could alter user files, lock its victims out of their files, or create a DoS (Denial of Service) state. This flaw is just one of four different flaws that VLC is resolving, so we would recommend uninstalling and using another media player while they resolve the flaws. (InfoSec Magazine)
  • In May, Google revealed new policy rules for third-party add-ons for its Chrome Web Browser and Google Drive service as part of an initiative called Project Strobe. This initiative requires developers of any and all third-party Chrome apps to request only the minimum amount of gathered user data for their app to function. Now there is a deadline for those developers to comply with Project Strobe, which is October 15th, 2019, or else their app will be removed from the Chrome Web Store. Developers must now post a privacy policy if their app handles personal content (pictures, etc.) or communications. (Engadget)
  • You may have heard an ad for Robinhood during one of your favorite podcasts, but the stock-trading app has been storing its user passwords in a shockingly insecure fashion. This week, the company announced that through surveillance of its internal systems, they found “user credentials” in an open, readable file. Though Robinhood stated that no evidence was found of any account information being compromised and their user passwords are now encrypted through a new algorithm, we recommend changing your password ASAP. (CNET Security)
  • Facebook hits the cybersecurity news again this week, not for a privacy concern per usual. The social media juggernaut has teamed up with Trend Micro and F-Secure to make a free browser-based AV service for users that may be temporarily locked out of their accounts. Users that opt-in to what the site calls “making malware cleanup easier” will get alerts if the program finds any infections while scanning and is all done through the browser. This is an interesting addition for FB users although it does raise inquiries for those using their own AV solution, especially since Facebook prompt you in the future to try the service, even if they opt-out. (InfoSec Magazine)

neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your business needs. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.