Phishing strikes the Equifax Settlement, the next Spectre/Meltdown attack, SimpliSafe may not be so safe, and more in This Week in CyberSecurity: where we highlight select top cybersecurity stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cybersecurity and technology news.
If you would like to be the first to know about our Week in Cybersecurity reports and receive a FREE Webcam Cover, sign up here.
The Week of August 9th, 2019:
- The Equifax Settlement for their massive data breach in 2017 is underway, but with that comes fake websites and scammers attempting to steal your information. The FTC has already found and shut down fake websites posing to be the Equifax site where you can login and claim your settlement if you have been affected. The fakes are eerily close to the real thing so if you have been affected and are eligible for the settlement (or if you even need to check if you are eligible) before you give out ANY personal information, do not use any site other than the official FTC website. Also, double check the address bar for the green secure lock and scrutinize the site’s text for spelling and grammatical errors, because it is a form of a phishing attack. (CNET Security)
- Microsoft has confirmed that a new major vulnerability called “SWAPGS” that affects Windows PCS running on 64-bit Intel and AMD processors is spreading at an alarming rate. Similar to Meltdown and Spectre, this vulnerability could give a hacker access to your anything involving the operating system’s kernel memory, such as messaging, passwords, and webcam conferencing. A source at Bitdefender stated that “all Intel CPUs manufactured from 2012 to today” could be vulnerable to an attack. Thankfully, an update has been released as part of Microsoft’s “Patch Tuesday” to resolve the flaw so you should update your PC to the latest Windows 10 software ASAP if you have not yet. (Bitdefender)
- Normally Facebook hits our Week in Cybersecurity reports as a veteran appearance. However, this week it’s Twitter that’s under the scope for privacy concerns. This week, Twitter divulged in a blog post that they have resolved a bug that if you happened to interact with an ad for a third-party mobile app since May 2018, there is a chance that data such as your country code may have been shared despite your privacy choices. If you had interacted with one of those ads since September of 2018, you may have been served ads based on inferences from your device. We currently do not know just how many Twitter users have been affected, but the glitch was corrected on August 5th, so update your Twitter mobile apps ASAP. (Engadget)
- Using a SimpliSafe home security system? There is a chance your system can be easily compromised by a simple wireless emitter. A YouTube channel called “LockPickingLawyer” exposed the flaw through a video on their channel that shows how their system can be compromised with this tool, as the system works off the same frequency that several other popular wireless devices operate on, such as baby monitors and garage door openers. Even more alarming is that most of these products aren’t enough to interfere with the SimpliSafe system, but the $2 emitter is. SimpliSafe issued several rebuttals to the video, and while the issue is sorted out, you might want to take extra scrutiny when dealing with those systems. (The Verge)
neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your business needs. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.