Data Security News Headlines 22nd May 2017

  1. Google Adds New Behavior-Based Malware Scanner To Every Android Device

Billions of peoples are using android devices today, google always trying to protect their users. Google has introduced another security defense for its Android devices, called Google Play Protect. Google’s comprehensive security services for Android, providing powerful new protections and greater visibility into your device security. Google Play Protect for Android devices consists of App scanning, Anti-Theft Measures, and Browser Protection. Google Play Protect is actually built into devices, which will not only analyses apps before appearing on the Play Store but also monitor them once installed on the device, including apps that have been installed from third-party stores as well. With Google Play Protect, Android Device Manager has been replaced with Find My Device, use to locate lost and misplaced devices.

Cyber Security Tips:  Users can download this app from google play, avoid to download it from unknown sources and install this new feature introduced by google and make your device more secure.

  1. Fake website “шһатѕарр.com” masquerades as the WhatsApp.com

Reddit users have recently noticed a new malicious campaign to hoodwink users of messenger WhatsApp. Apparently, some hackers have sent links to poor victims, supposedly leading to the official website of WhatsApp (whatsapp.com), and while in reality, the links lead to the fake domain шһатѕарр.com. Once a user clicks on a link a “clicker” is redirected to the fake site and made an offer of an exciting app to make messages colorful. Google has already removed the app from the Chrome Store.

Cyber Security Tips: Users are strongly recommended that avoid to click on such a malicious links, check for WhatsApp.com instead of шһатѕарр.com and keep using updated antivirus protection.

  1. Improper Authentication vulnerability allow anyone to reset password in UBER

An Italian security expert Vincenzo C. has discovered a critical Authentication vulnerability in UBER by which anyone can reset the password for any account. The company held the Bug Bounty program which was operated by Hackerone where the researcher found the ‘Improper Authentication’ vulnerability. According to the security expert, with an email address for a valid Uber account, it was possible to take over that account because the reset token was exposed in the response of a password reset HTTP request. This meant an attacker could initiate password reset for an account and immediately receive the reset token for that account. The security expert found out that the vulnerability in the reset password could be exploited to generate an authentication token “inAuthSessionID”, and then anyone could use this to change the password for any account.

Cyber Security Tips:  Users are strongly recommended to keep watch on their email and once the vulnerability patched reset your password with a strong one.

  1. Civil hospital doctor loses Rs 2.34 lakh to cyber cheats

AHMEDABAD: Naranpura resident Dr. Jeetendra Shah has lodged a complaint with the cyber cell of the city crime branch alleging that he had been cheated of Rs 2.34 lakh in nine online transactions, though he had not received a ‘one-time password’ from the bank for any of the transactions. Shah, who is a doctor at the civil hospital, was using his credit card. As per investigation, police said that it impossible to make a transaction without OTP, but ask the bank for transaction details. The investigation team is also verifying with the companies from whom various services have been purchased through online transactions. We are also trying to find out the mobile number through which the transactions were executed,” said a police official.

Cyber Security Tips:  Users are strongly recommended that keep your banking data secure, never share it with anyone, never share you’re OTP and if any incident happened with you immediately contact with the cyber cell.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: