Skip to main content
Welcome to the Weekly Webroot Digest!#HappyFriday

 

This is a weekly series to highlight the best articles and news stories going on in the Community. 

What was your favorite story? What topics would you like to see? Sound off in the comments! :)

 



Intel Finally Details Slowdowns Caused by Meltdown & Spectre Updates

Firm says 2% to 4% performance impact likely.

Intel says it ran a series of tests on server platforms and it discovered that the impact could reach 2% in the case of common workloads typically performed by enterprise and cloud customers. Things are getting worse on servers working with large amounts of data, where the performance impact could go as high as 25%.

 

In other words, older computers running high-demanding tasks are the most likely to be affected by a noticeable slowdown, while the newest chips on Windows 10 shouldn’t experience anything else than a minor performance impact which most users wouldn’t even detect.

 

Keep reading!

 



Android security: This newly discovered snooping tool has remarkable spying abilities

The mobile malware can steal WhatsApp messages, eavesdrop on targets based on GPS coordinates, and more.



A newly-uncovered form of Android spyware is one of the most advanced targeted surveillance tools ever seen on mobile devices, coming equipped with spying features never previously seen active in the wild.

 

Named Skygofree by researchers because the word was used in one of its domains, the multistage malware is designed for surveillance and puts the device in full remote control of the attackers, enabling them to perform advanced attacks including location-based sound recording, stealing communications including WhatsApp messages, and connecting to compromised networks controlled by the malware operators.



Learn more!

 



Google’s Confusing Gmail Security Alert Looks Exactly Like a Phishing Attempt

Security researchers say the legitimate email is training people to have bad email hygiene.



Last week, you may have gotten a strange email alert from Google—or at least it looked like it came from Google. The email address of the sender is no-reply@accounts.google.com, and Gmail itself tells me it’s mailed by gaia.bounces.google.com and signed by accounts.google.com.

 

Still, many users took to the internet to voice their concerns & confusion:

“It has urgency, guides to a login page, quite vague, but alarming...we used to take legitimate Google emails and adapt, but this is just perfect as is. f...] It’s that good,” one user said. “Unforgivable for Google to send this out en masse.”

 

See the screenshot yourself!

 



Flaws Allowed Facebook Account Hacking via Oculus App

Facebook recently patched a couple of vulnerabilities that could have been exploited by malicious hackers to hijack accounts by abusing integration with the Oculus virtual reality headset.

Facebook announced the acquisition of Oculus VR back in July 2014 and added Oculus assets to its bug bounty program a few weeks later. Several vulnerabilities have been found in Oculus services since, including a series of flaws that earned a researcher $25,000.

 

According to the researcher, a specially crafted query allowed an attacker to obtain the victim’s access token, which under normal circumstances should not be accessible to third-party apps, and use it to take control of their Facebook account.

 

Get the details!

 



Phishers target Netflix users, ask for info and photo of their ID

Should you send Netflix a selfie in which you hold your ID card to get your account reinstated?

The answer is an emphatic no.

The request is the last of several steps of the most recent Netflix-themed phishing campaign, which starts with an email purportedly coming from the streaming company and warning the recipient that their account is “on hold”.

 

Those who are more observant will notice immediately that the email does not address them by name (as you would expect an email from a company that already has that information) and that, in the subject line, “Netflix” is spelled with a weird character (the Greek letter chi instead of “x”).

 

Always air on the side of caution!

 



Safe Deposit: How to Keep Your Cryptocurrency Secure

“How to buy Bitcoin” dominated Google how-to searches in 2017, ranking third overall. With the hype surrounding cryptocurrency at a palpably all-time high, now is a better time than ever to cover the essentials of keeping cryptocurrencies safe.

 

If you are just getting into the crypto space or you’ve known what ‘HODL’ means for a while now, there are some basics everyone should know about protecting their holdings.

 

Read more from Tyler on our Threat Blog!

 

What story from the last week the most important for you? We love hearing your feedback! 

Be the first to reply!

Reply