Android Users Are Falling Short In Security Patches
Many Android users in the USA have not patched their device, could make them vulnerable to threats and attacks. A research from Skycure revealed that 71% of Android users of five US mobile companies were found lacking in updating latest security patch. The five companies include T-Mobile, MetroPCS, AT&T, Verizon and Spring. Google has released security report for Android that updates are delayed for some models as updates are first sent to mobile carriers and then it is sent to user.
Android Forum Faced Data Breach, Affected 2.5% Users
Android Forum notified about data breach whose 2.5% users got affected. The moderators of the forum believed that half of affected accounts never used Android Forum. The data breach included data like accessed email address, hashed passwords and salt. It is believed that attackers can use spear phishing attacks with stolen data. Android Forum suggested users to change passwords and the forum has taken further steps to harden security.
The Number Of Hacked Website Grew In 2016
Google’s State of Website Security Report for 2016 showed that the number of hacked site ratio grew by 32% in 2016 year. Many websites become outdated and hackers are taking advantage by infecting them. Google has urged companies to register for Search Console that notifies webmaster for website hacking because 61% webmasters whose website hacked had never received notification from Google. Google has also making clean-up guideline for infected websites.
Turkish Crime Family Group Threatened Apple For Massive Attack
Turkish Crime Family Group threatened Apple to wipe hundreds of millions of iPhones remotely if Apple fails to pay ransom amount. Hackers from this group claimed that they have 627 million credentials of iCloud and asked ransom from Apple. Initially, the group asked for $75,000 ransom, which then increased to $150,000 ransom. Apple is not going to pay ransom but attackers have given deadline of April 7 2017 for massive attack on Apple.
Google Project Zero Found Vulnerability In LastPass Firefox And Chrome Extension
The security expert at Google Project Zero found vulnerabilities in Chrome and Firefox extensions of LastPass password manager. Attacker to steal data of users could exploit the vulnerability. LastPass has 90 days to solve this vulnerability otherwise; Google experts will disclose the details. The team of LastPass is working to fix this bug. First, researchers found bug in Firefox extension for LastPass (3.3.2) on which the team was working. After that, researchers found vulnerability in chrome and Firefox extension for LastPass manager that could steal users’ password. In this case, LastPass issued temporary fix and fully patched vulnerability on server side.