Last week on Labs, we took a look at some new Mac malware, a collection of various scraped data dumps, the protection of power grids, and how bad actors are using SMB vulnerabilities.
Other cybersecurity news
- Millions affected by Facebook photo API bug: An issue granted third-party apps more access to photos than should normally be granted, including images uploaded but not published. (source: Facebook)
- Bomb threats may be a hoax: An email in circulation urging ransom payments in Bitcoin lest bombs across the US be detonated may well be a fake, according to US law enforcement. (source: The Register)
- Man jailed for fraud offenses: A man in the UK has been jailed for taking part in fraudulent activities. The main point of interest is surely the spectacular device he built. (source: Met Police)
- Another Google Plus bug: For six days, developer were able to access profile data not made public by the users. (source: Google)
- Windows 10 data collection: Reddit users complained Windows 10 is grabbing a certain kind of data even with the setting disabled. (source: How to Geek)
- Taylor Swift concert tracks stalkers with facial recognition software: At a recent event, cutting-edge tech was deployed to ensure the crowds were free of potential troublemakers. (Source: Rolling Stone)
- Password disasters of 2018: A tongue in cheek look at some of the more spectacular password mishaps seen rumbling into view this year. (Source: Help Net Security)
- Android Trojan steals from PayPal accounts: Even with 2FA enabled, it might not be enough to keep your account balance safe. (Source: ESET)
- Character recognition collects URLs in YouTube videos: Theoretically private data in hidden videos may not be as private as you'd first hoped. (Source: Austin Burk's blog)
- Traveller data left lying around on USB sticks: Border Agents aren't being quite as careful as they should be where potentially sensitive passenger data is concerned. (Source: Naked Security)
Stay safe, everyone!
The post A week in security (December 10 – 16) appeared first on Malwarebytes Labs.
from Malwarebytes Labs full article here