If you have FaceTime enabled you can be evesdropped on without your consent. A user simply calls you with FaceTime and before you answer they add themselves as a caller. They can instantly hear your phone without you knowing or having the option to stop it. If you attempt to it may transmit video. Simple solution though is to just go to Settings / FaceTime and disable it until the patch comes out later this week. Read about it here: https://www.cnbc.com/2019/01/28/apple-facetime-bug-lets-you-listen-even-if-someone-doesnt-answer.html Or basically anyplace on the net right now.
Microsoft released an Emergency OOB (Out of Band) Security Patch. As a reminder to everyone, Patches are important! If you can’t patch it, don’t use Internet Explorer to browse the web. Try Chrome or another browser. Disable any plug-ins you don’t need, only visit sites you know and trust. Unsure about any of this? Just Ask us. Read more below on The Register. Update Internet Explorer now after Google detects attacks in the wildSource: On the first day of Christmas, Microsoft gave to me… an emergency out-of-band security patch for IE • The Register
In this New York Times article they discuss FaceBook sharing your personal information with 3rd parties. This is probably not a surprise to anyone in IT, but you may not realize how much data they share and with whom. Two of the companies have links to the Russian and Chinese government. You may not care if Microsoft has your info or Apple, but how do you feel about a Russian search engine being able to tell who & what you like, where you are and even possibly information in private messages. All while trying to effect the outcome of a presidential election. In their research the NYT finds that permissions were given above what was needed and they weren’t monitored or rescinded when there was no longer a need. I encourage you to read more on the link below.
Internal documents show that the social network gave Microsoft, Amazon, Spotify and others far greater access to people’s data than it has disclosed.Source: As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants
Another Data Breach. Just a reminder that you cannot be to careful with your data. More information on NBC News at the link below.
The breach could potentially be one of the largest in history, behind the hacking of about 3 billion Yahoo accounts.Source: Marriott says data breach compromised info of up to 500 million guests
Not ready for consumer use. MS Pulls it’s latest pack after issues with missing documents. Read more at the Register link below.
Day four exceeds all expectations as Microsoft steps back from brinkSource: Microsoft yanks the document-destroying Windows 10 October 2018 Update
The Breach didn’t compromise passwords, but was related to a secure token allowing someone to convince Facebook they were you. It also effected some other apps that use Facebooks services. Read more on the CNet link below.
The vulnerability had to do with the social network’s “view as” feature.Source: Facebook breach put data of 50 million users at risk
Don’t trust inbound e-mails, phone calls, texts, etc. People will say anything to trick you out of your money. As a rule, change your passwords often. Protect your passwords. Don’t share them with anyone and don’t use the same ones on different accounts. Keep your AV up to date. We recommend WebRoot (ask us about it). Cover your camera when not in use as a rule of thumb too. Read more about this scam at the link below. Source: Sextortion Scam Uses Recipient’s Hacked Passwords — Krebs on Security
Time for Samsung users to switch to iPhone? It’s a scary headline that random pics from your phone can be sent to random people in your contacts. Still scary that you don’t know unless that person tells you. I would consider this a HUGE security issue. Many people keep confidential information in their phone as pics, including things like credit cards or passwords, not to mention personal pics. Samsung phones are spontaneously texting users’ photos to random contacts without their permission – The Verge
Yet another hole is found in the most popular processors on the market. Read more on ‘The Register’ link below.
Design blunder exists in Intel, AMD, Arm, Power processorsSource: Microsoft, Google: We’ve found a fourth data-leaking Meltdown-Spectre CPU hole
Do you use Drupal? Might want to read this article. Source: Hundreds of Drupal sites found to be hacked by cryptojackers