- 17-year-old finds screen lock bypass vulnerability in Signal app for iOS
A 17-year-old high school student from Arezzo, Tuscany-Italy, has discovered an easy to exploit vulnerability in popular encrypted messaging app Signal for iOS that would let malicious hackers bypass the authentication process and access user chats. According to Leonardo, the vulnerability affects all versions of the application before 22.214.171.124. The vulnerability works in such a way that it allows attackers to bypass password protection and TouchID with a certain sequence of actions. “The Open Whisper Signal app before 2.23.2 for iOS allows physically proximate attackers to bypass the screen locker feature via certain rapid sequences of actions that include app opening, clicking on cancel, and using the home button.”
Cyber Security Tips: Users are strongly recommended that If you are using Signal app on iOS make sure it is updated to the latest version and do not leave your phone unattended in public place.
- New ransomware locks files & asks victims to play PUBG game
Usually, a ransomware attack is all about locking victim’s files for ransom. But according to the latest report, the new ransomware targeting your system but not asking for ransom. Yes, the campaign was discovered by MalwareHunterTeam who also shared the note that appears on the victims’ computer screens: “Your files is encrypted (sic) by PUBG Ransomware! But don’t worry! It is not hard to unlock it. I don’t want money! Just play PUBG 1Hours [sic] or Restore is [s2acxx56a2sae5fjh5k2gb5s2e].” The PUBG ransomware only targets Windows users.
Cyber Security Tips: To prevent yourself from such a malware you are strongly recommended that never open spam emails, avoid clicking any links without verify, download software’s only from trusted sources, regularly backup your data, never pay ransom if your system is locked by ransomware and keep your system up-to-date.
- Fake Android Apps Found in Play store with 6000,000 Installations
News day new android malware. A Fake Android Apps found in Google play store that posed as offering security proving unwanted ads and other potential cyber threats to installed user device and collection a lot of sensitive information. 35 Malicious Fake Android Apps discovered in official Google Play Store that posed as security apps but it doesn’t contain any of security future. These fake android apps that impersonate as security applications found in play store with 6000,000 installations. Not all the apps were downloaded manually but some of these applications are downloaded and installed by bots to post positive reviews and improve their respective app’s ratings according to the news published by GBHacker.
Cyber Security Tips: Users are strongly recommended that avoid downloading such unknown apps, check permission while installing any apps, download apps from trusted sources only and use reputed antivirus.