ClickSSL Weekly InfoSec Snipper March 27, 2017

This entry is part 67 of 73 in the series Weekly Infosec Snipper

Android Users Are Falling Short In Security Patches

Many Android users in the USA have not patched their device, could make them vulnerable to threats and attacks. A research from Skycure revealed that 71% of Android users of five US mobile companies were found lacking in updating latest security patch. The five companies include T-Mobile, MetroPCS, AT&T, Verizon and Spring. Google has released security report for Android that updates are delayed for some models as updates are first sent to mobile carriers and then it is sent to user.

Android Forum Faced Data Breach, Affected 2.5% Users

Android Forum notified about data breach whose 2.5% users got affected. The moderators of the forum believed that half of affected accounts never used Android Forum. The data breach included data like accessed email address, hashed passwords and salt. It is believed that attackers can use spear phishing attacks with stolen data. Android Forum suggested users to change passwords and the forum has taken further steps to harden security.

The Number Of Hacked Website Grew In 2016

Google’s State of Website Security Report for 2016 showed that the number of hacked site ratio grew by 32% in 2016 year. Many websites become outdated and hackers are taking advantage by infecting them. Google has urged companies to register for Search Console that notifies webmaster for website hacking because 61% webmasters whose website hacked had never received notification from Google. Google has also making clean-up guideline for infected websites.

Cheap SSL

Turkish Crime Family Group Threatened Apple For Massive Attack

Turkish Crime Family Group threatened Apple to wipe hundreds of millions of iPhones remotely if Apple fails to pay ransom amount. Hackers from this group claimed that they have 627 million credentials of iCloud and asked ransom from Apple. Initially, the group asked for $75,000 ransom, which then increased to $150,000 ransom. Apple is not going to pay ransom but attackers have given deadline of April 7 2017 for massive attack on Apple.

Google Project Zero Found Vulnerability In LastPass Firefox And Chrome Extension

The security expert at Google Project Zero found vulnerabilities in Chrome and Firefox extensions of LastPass password manager. Attacker to steal data of users could exploit the vulnerability. LastPass has 90 days to solve this vulnerability otherwise; Google experts will disclose the details. The team of LastPass is working to fix this bug. First, researchers found bug in Firefox extension for LastPass (3.3.2) on which the team was working. After that, researchers found vulnerability in chrome and Firefox extension for LastPass manager that could steal users’ password. In this case, LastPass issued temporary fix and fully patched vulnerability on server side.

Series Navigation<< ClickSSL Weekly InfoSec Snipper March 20, 2017ClickSSL Weekly InfoSec Snipper April 3, 2017 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.