Android Users Are Falling Short In Security Patches
Many Android users in the USA have not patched their device, which could make them vulnerable to threats and attacks. Research from Skycure revealed that 71% of Android users of five US mobile companies were found lacking in updating the latest security patch. The five companies include T-Mobile, MetroPCS, AT&T, Verizon, and Spring. Google has released a security report for Android that updates are delayed for some models as updates are first sent to mobile carriers and then it is sent to users.
Android Forum Faced Data Breach, Affected 2.5% Users
Android Forum notified about data breach whose 2.5% users got affected. The moderators of the forum believed that half of the affected accounts never used Android Forum. The data breach included data like accessed email addresses, hashed passwords and salt. It is believed that attackers can use spear-phishing attacks with stolen data. Android Forum suggested users change passwords and the forum has taken further steps to harden security.
The Number Of Hacked Website Grew In 2016
Google’s State of Website Security Report for 2016 showed that the number of hacked site ratio grew by 32% in 2016 year. Many websites become outdated and hackers are taking advantage by infecting them. Google has urged companies to register for Search Console that notifies webmasters of website hacking because 61% of webmasters whose websites were hacked had never received notification from Google. Google has also made clean-up guidelines for infected websites.
Turkish Crime Family Group Threatened Apple For Massive Attack
Turkish Crime Family Group threatened Apple to wipe hundreds of millions of iPhones remotely if Apple fails to pay ransom amount. Hackers from this group claimed that they have 627 million credentials of iCloud and asked ransom from Apple. Initially, the group asked for $75,000 ransom, which then increased to $150,000 ransom. Apple is not going to pay ransom but attackers have given deadline of April 7 2017 for massive attack on Apple.
Google Project Zero Found Vulnerability In LastPass Firefox And Chrome Extension
The security expert at Google Project Zero found vulnerabilities in Chrome and Firefox extensions of LastPass password manager. Attackers stealing the data from users could exploit the vulnerability. LastPass has 90 days to solve this vulnerability otherwise; Google experts will disclose the details. The team of LastPass is working to fix this bug. First, researchers found a bug in the Firefox extension for LastPass (3.3.2) on which the team was working. After that, researchers found vulnerabilities in chrome and Firefox extensions for LastPass manager that could steal users’ passwords. In this case, LastPass issued a temporary fix and fully patched vulnerability on the server side.