Weekly Security Roundup #86: Don’t Go Chasing Pokemons
Without taking precautions
Not a new week passes without some new ravaging ransomware, right?
My colleague Andra published a security alert about Stampado, a cheap type of ransomware that’s for sale on the dark web.
And for those of you about to go on vacation, yesterday I published a security guide with cyber security tips for travelers. It will help you safely enjoy your summer holiday, without getting burned.
Now off to the rest of the cyber security news:
Security articles of the week
This past week we’ve seen how Pokémon Go turned into a global phenomenon. With its popularity also came some major security risks.
Because it wasn’t officially launched in all countries, users are downloading malicious apps posing as Pokémon Go.
Btw, if you’re as fed up with this subject as I am, here something that might help.
It was Patch Wednesday, so time to do some updates.
Microsoft fixed 40 vulnerabilities in its software and Adobe released an update of Flash Player that patches 52 vulnerabilities.
Krebs makes a good point in this article, we completely agree with what he says:
“First off, if you have Adobe Flash Player installed and haven’t yet hobbled this insecure program so that it runs only when you want it to, you are playing with fire.”
Facebook is testing a new feature, named “secret conversations”, that offers users end-to-end encryption for Messenger. It will only work from one device – one phone, tablet or computer, selected by the user.
The format of the messages will also be limited, it won’t support GIFs and videos (at least not at first).
Another option will be to set self-destruct timers on messages, like on Snapchat.
In case you missed it.
Not a new week without a new type of ransomware! Nukeware delets your files and gives you absolutely nothing if you decide to pay the ransom.
…and another new type of malware, this one called Satana. It will block your operating system from booting up.
“More than 200,000 internet-connected systems remain vulnerable to the OpenSSL vulnerability known as Heartbleed bug, more than two years after the flaw was discovered.”
According to a recently-published survey, 1 in 3 consumers experienced card fraud in the past 5 years.
More fresh statistics: Bots account for 49% of all internet traffic and can do a lot more damage than you suspected.
And last but not least, our recommendation for this weekend: an interview with John McAfee, taken by Pierluigi Paganinin from SecurityAffairs.co .
Clearly, Pokémon Go was the highlight of this past week. We’ve seen how the app took off and turned into a global hype. But great popularity also comes with great security risks. In case you’re among the ones chasing pokemons, hope you’re aware of what you’re exposing yourself to.
Safely enjoy the weekend!