#ThanksgivingEdition
This is a weekly series to highlight the best articles and stories happening all over the web.
What was your favorite story? What topics would you like to see? Sound off in the comments!
Webroot Security Predictions 2018
We here at Webroot have compiled 40 predictions for 2018 from our Experts.
Here are some highlights:
- We will see the first widespread worming mobile phone ransomware, perhaps spread by SMS / MMS.
– Eric Klonowski, Senior Advanced Threat Research Analyst
- Predicting at least 3 separate breaches of at least 100 million accounts. I bet the data is already breached as of right now, but the organization is unaware and will learn next year.
– Tyler Moffitt, Senior Threat Research Analyst
- We will see the first health-related ransomware targeting devices like pacemakers. Instead of ransom to get your data back, it will be a ransom to save your life.
– Eric Klonowski, Senior Advanced Threat Research Analyst
Uber Hides Massive Breach
Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.
Get all the details of the Hack.
Banks Say “No” to iPhone X Face ID Facial Recognition Due to Security Concerns
Not very surprisingly, some banking apps won’t get Face ID support anytime soon.
Face ID security concerns have made banks delay a decision on whether their mobile apps should include facial recognition for authentication and payments, with several claiming Apple hasn’t yet demonstrated the new technology is more secure than Touch ID.
“It was difficult for us to adopt the biometric technology (of iPhone 😵 abruptly since it normally takes some time to undergo several security procedures before adopting a new technology. Plus, the phone’s facial authentication technology was not fully proven,” an official of Kookmin Bank has been quoted as saying.
Check out the full article.
$31 million in tokens stolen from dollar-pegged cryptocurrency Tether
All eyes may be on the meteoric rise of Bitcoin at the moment, but it's far from being the only cryptocurrency on the block. Startup Tether issued a critical announcement after it was discovered that "malicious action by an external attacker" had led to the theft of nearly $31 million worth of tokens.
Tether knows the address used by the attacker to make the theft, but is not aware of either who the attacker is, or how the attack took place. The company is releasing a new version of its Omni Core software client in what it says is "effectively a temporary hard fork to the Omni Layer."
Get the Full Story.
MediaProjection vulnerability leaves 77 percent of Android phones open to screen and audio recording
More than three-quarters of Android phones are vulnerable to screen and audio recording by attackers. By exploiting the MediaProjection service, an attacker can easily trick a user into granting the relevant rights to a malicious app.
A report by MWR Labs explains:
To use the MediaProjection service, an application would simply have to request access to this system Service via an Intent. Access to this system Service is granted by displaying a SystemUI pop-up that warns the user that the requesting application would like to capture the user's screen.Learn what this means for the future of the Play Store.
It was discovered that an attacker could overlay this SystemUI pop-up which warns the user that the contents of their screen would be captured, with an arbitrary message to trick the user into granting the attacker's application the ability to capture the user's screen.
What story from the last week the most important for you? We love hearing your feedback!