ClickSSL Weekly InfoSec Snipper March 6, 2017

This entry is part 64 of 73 in the series Weekly Infosec Snipper

Google Chrome Enabled Malware Protection For Mac OSX

Google chrome has brought malware protection for chrome Mac OS users. The new update is aiming at unwanted software and malware that target Apple OS. Google is trying to keep Apple’s devices safer from rising malware. “The Settings Overrides API” allows extensions to overrule various Chrome settings. The Settings Overrides API is only way to make change in chrome setting in Mac OSX. At this end of month, users will be warned against malicious software that wants to change chrome settings using with API.

Telegram App Is Suspected To Privacy Leakage

According to Fidelis security, Telegram app has a privacy issue. The app is revealing users’ credentials to scammers. When you sign up for Telegram, it scans user’s contact list and notify others that you have signed up. Spammer can take advantage of this situation as if spammer has your number in their contact list; the spammer will also be notified about your sign up.

Cloudflare Leaked Browsing Session, Says Google’s Experts

Google’s expert discovered fact about Cloudflare’s leakage of browsing sessions. However, Google has found vulnerability but not found evidence of exploitation. Google has found thousands of pages of leaked data from search engine caches. The date contained customer cookies and CloudFlare headers. CloudFlare also issued a note for customers explaining the reason for cause as well how they handled the situation. The vulnerability caused due to faulty code in edge servers and exposed browser information.

Cheap SSL

vBulletin Exposed Forum Accounts And Forums Details

vBulletin forum accounts were leaked and around 820,000 forum accounts were affected. The root cause of this attack was due to vulnerability in old version of vBulletin. The hacker claimed that around 126 forums have been hacked and stolen personal data belonged to forum admin and registered users. The information was verified by Hacked-DB once they managed to scan data. The attack was conducted between January and February 2017 and hackers got user accounts, email addresses, hashed passwords and unique IP addresses.

Amazon Web Services Faced Outage Due To Typo

Amazon faced bug in its billing system that caused 5 hours of outage of Amazon Web Services servers. The issue made thousands of website unavailable while other websites show broken images and links. The sites and services include Quora, Slack, Medium, Giphy, Trello, Splitwise, SoundCloud, and IFTTT got affected with this typo mistake. The issue caused while debugging the cloud storage billing system. There was one of input was incorrectly entered and large set of servers was removed.

Series Navigation<< ClickSSL Weekly InfoSec Snipper February 27, 2017ClickSSL Weekly InfoSec Snipper March 13, 2017 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.