Data Security News Headlines 20th January, 2017

  1. Mac Malware With Ancient Code Spying On Biotech Firms

A strain of malware targeting Apple Mac computers has been found to use an ancient code to spy on biomedical research facilities. Known as Quimitchin, evidence suggests it has been in existence undetected for a number of years. Quimitchin is designed to take screenshots of an infected computer system and gain access to the webcam functionality. It can also be used by an attacker to simulate mouse clicks and key presses, and to change the position of a computer cursor. Apple codenamed the malware family as ‘Fruitfly’, and has now released an update that will be automatically downloaded on to users computers to help fend off any future infections of this mysterious virus.

Cyber Security Tips: Update your browser and system regularly. Use a good Anti-Virus Software. Set firewalls and router security.

  1. Crash Anyone’s Iphone or Ipad with a Simple Emoji Text Message!

A newly discovered bug in Apple’s iOS mobile operating system is being exploited in a prank that lets anyone crash your iPhone or iPad by just sending an emoji-filled iMessage. Here’s the first troublesome text: A white Flag emoji, the digit “0” and a Rainbow emoji. As soon as this text is received, the iPhone’s software attempts to combine the emojis but fails, and the messaging app crashes and eventually reboots in a few minutes. The recipients do not even have to open or read the message.

  1. Adobe Acrobat auto-installed a vulnerable Chrome extension on Windows PCs

The Adobe released an update to Adobe reader; it was to address 29 vulnerabilities in it. However, some users are not pleased that the updates also automatically installed an Adobe Acrobat Chrome extension which was designed to convert web pages into PDF files. This extension requires the permission to access data on the websites that the user visits, communicate with cooperating native apps and manage downloads. DOM-based XSS vulnerability was identified in this extension which allowed privileged JavaScript code execution.

Cyber Security Tips: Always read about the description before enabling any extension on your browser.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: