What happened this week? A lot of cybersecurity news! We know it is hard to keep up with the ever-changing news cycle, so we gathered this week’s biggest stories and broke them down into bite-sized reads. Take a read-through of this week’s VIPRE Weekly Roundup!
Hackers have breached 60 ad servers to load their own malicious ads (ZDNet)
Code named Tag Barnakle, a hacker group has been able to infect 60 Revive ad servers with malvertising. Typically, hackers will pay legitimate sites to rent space. Then they’ll set a trap for anyone who clicks their link. This is a new and different attack. By controlling a legitimate advertising server the group can use real paid ads to deliver malware.
267 million Facebook profiles being sold online: What to do (Tom’s Guide)
Buckle up for more robo calls and scam emails. Scammers are selling some scraped Facebook data. Experts agree that the data itself isn’t necessarily a massive security risk since it’s data that Facebook users made publicly available about themselves. However, whenever one’s birthday date is exposed there is at least some risk. Additionally, if the data is sold, then it will likely be picked up by robo callers, telemarketers, and scammers.
Apple’s built-in iPhone mail app is vulnerable to hackers, research says (Washington Post)
Apple was informed about a sophisticated hack this week. There is a way for hackers to silently infect iPhones. Most malware attacks require some type of action (accepting scripts in a Word document or installing a fake flash player). This attack is more insidious. It uses the default email app to launch the attack. Don’t uninstall the app, though! It’s crucial for an iPhone to operate correctly.
Nintendo Switch breach exposes 160,000 users: What to do now (Tom’s Guide)
In case you, or anyone you know, have a Nintendo Switch. Accounts without two-factor authentication were exposed in a breach. The bad guys were sometimes able to link up accounts to buy games with the stolen funds. Fortunately, the bad guys weren’t able to access the accounts’ credit card or PayPal information… just the login info. However, if you tend to recycle passwords then you should change them immediately.
Unproven Coronavirus Therapy Proves Cash Cow for Shadow Pharmacies (Krebs on Security)
Since hydrochloroquine has been in the news lately, demand for it has increased. Scammers have realized this and are cashing in. These spammers function like affiliates – they get a cut of every sale. The Krebs article ends with a chilling note that a test of chloroquine versus coronavirus was stopped because the drug held no benefit. Actually, it’s just the opposite. There were more deaths among those given the drug.
The post VIPRE Week Roundup: April 24, 2020 appeared first on VIPRE.
