Security Briefing 11.29.16
WindTalker, a vulnerability in Wi-Fi networks that lets hackers potentially read keystrokes based on finger positions on cell phones and tablets, has been discovered by a group of computer scientists. These are the good guys, nothing to get alarmed about just yet, as it requires specific firmware to capture CSI information.
A new way to spread ransomware – images embedded into Facebook Messenger. Using scalable vector graphics (SVG) files, which is based on XML, allows scripts to be ran. Facebook Messenger user receives a .svg file, opens a website that appears to be YouTube (but the URL shows it isn’t) and requests a codec to be installed. Then things go downhill rapidly.
A British ISP suffers a major breach of its upgraded database, impacting nearly 6 million users. Attack vector was using employee logins to look at compromised personal data, but not financials. Three arrests so far. Don’t be socially engineered!
WhatsApp can actually do encrypted video communication now! This is a big deal because this app has an estimated 1 billion users worldwide.
British government officially announced that broadband providers in the UK will soon be forced in to blocking all ‘adult’ websites. This raises very large questions about the ‘sanctity of the internet’ as a ‘free zone.’ The ‘how’ hasn’t been totally hashed out and most of the UK service providers already provide a level of ‘parental controls’ to their users, but that functionality may soon be removed as well.
iPhone 6 Plus devices have strange ‘touch disease’ that happens when the device is ‘dropped multiple times on a hard surface and then incurring further stress.’ According to a statement by Apple. Other sources indicate that the problem stems from improper solder joints inside the phone. Apple to provide $149 credit to those affected by the ‘disease’ to get it fixed.
In a bold move, Amazon has taken counterfeiters to court this week. Two different cases so far, for using clear knock-offs of patented products. This comes as a relief to a lot of SMB manufacturers of goods who have been getting hammered by cheap fakes over the years and at least shows Amazon’s willingness to try.
Chinese hackers take over Canada’s armed forces site and redirect it to the official Chinese government page. Cute.
Tesla… good grief, Tesla and Elon Musk are going to take over the world. SpaceX asked permission to launch 4,425 satellites into orbit, which is more than orbit the earth today, total. This is for global 1GBPS internet. The solar roof they are developing is insane and, actually costs less and looks better than a traditional roof, before energy production. The plan is to eventually put this on the Tesla model cars as well. And they’re starting to ramp up R&D on the batteries, as well.