Weekly Security Roundup #68: Leave No Patch Behind
Apply updates constantly and they’ll keep you safe(r)
It’s been a long week for the cyber security world. We’ve had plenty of news on critical patches for important softwares, but also an equal share of data breaches and phishing attacks. We also had a good laugh at some stories, like the one where the bad guys were caught before stealing $1 billion from banks, because they mistyped the name of where the money should be transferred. Our inner grammar nazi was deeply satisfied.
Before we go into the weekly news recap, make sure you check out my colleague Andra’s article about DROWN – a vulnerability that causes headaches to millions of website users.
Security articles of the week
On Patch Tuesday, Microsoft released 13 security updates, six of them marked as critical – with a total of more than 39 vulnerabilities that were solved.
Adobe also announced that they fixed serious issues for its Reader, Acrobat and Flash products.
Patch it up, patch it up!
A roundup of updates came from Google as well.
And if you have a Nexus phone, you probably noticed that they pushed the monthly an Android security update, that fixed 19 vulnerabilities.
What happens when you try to steal $1 billion from banks and misspell the account where the money should be transferred.
We had a deja-vu when we ran into this story: it’s exactly the same with last week’s Snapchat attack.
Long story short, an employee falls into a spear-phishing attack and sends W-2 tax form information on 10.000 current and former Seagate employees.
After the fraud attempts from the past year, the IRS (U.S. Internal Revenue Service) tried to strengthen the system by issuing personal identification numbers for people. The trouble with this plan? It’s as vulnerable as the methods used before, so the IRS already put a stop to it.
Modern day piracy: you hack into a transportation system, find out all you need to know about valuable cargo and then hijack it.
The rise and fall of the first ransomware to target Mac users.
Cyber security experts said they expect to see more attacks on Macs as the KeRanger hackers and other groups look for new ways to infect Mac computers.
Shortly after finding out that Amazon removed encryption for its Fire tablets, the company representatives announced that they changed their mind. The option will return this spring, with a Fire OS update.
Kids don’t want their parents to post about them on social media. Take them seriously.
We’re ending the security roundup in a funnier note. Check out this collection of stock photos with hackers.
It’s all fun and games until you lose your data and money. Cyber crime now jumped to second place on the most reported kind of economic crime, with losses climbing continuously. That’s why it’s important that you always set up multiple layers of security. If one of them falls, you’ll have several others to protect you.