Friday Five: 8/17 Edition
Catch up on the latest security happenings with the week's infosec news roundup!
1. AP Exclusive: Google tracks your movements, like it or not by Ryan Nakashima
A group of researchers at Princeton recently uncovered that even when you have your location services turned off, Google is still able to track where you have been. After turning off the location services, one of the researchers had access via his Google account to all the places he had been over a three-day period. Google has previously stated that if you “Pause” the Location History you will not be tracked, however many Google apps, including Maps and Weather, will still get updated information on where you are when you use them. Google claims they have provided the proper descriptions, tools, and settings for you to not be tracked, but lawmakers have remained skeptical since they still have location history even if that setting is turned off. The Princeton team did discover that you can turn off Location History and Web and App Activity to minimize the amount of information Google applications store including location.
2. Third of people who send texts receive messages from scammers, survey finds by Sky News
The number of people receiving text message scams is rapidly increasing. These acts of fraud include fake messages from numbers that can appear to be a reputable business or organization, which makes it hard to differentiate for some people. These scams often attempt to have people click links or call numbers and then give personal information including credit card info or passwords. When receiving text messages from numbers you do not know, or are asking you to click on links, be very cautious and understand that text message scams are reaching more people.
3. Hacker Unlocks 'God Mode' and Shares the 'Key' by Curtis Franklin Jr.
Christopher Domas put on a demonstration last week at Black Hat that left people very engaged and erupting in applause. He was able to prove and show that modern CPU security has a big weakness that can allow a person to reach kernel level access to systems. He showed start to finish how he was able to bypass security and have total control over an entire system that he had not been granted ring 0 access to. Domas has released his toolset online and hopes that other people will continue the work and add on to it.
4. Mobile App-Based Fraud Jumps in Q2 by Phil Muncaster
In the past, mobile app fraud had not been very significant compared to other forms of fraud and phishing. Q2 of this year saw a turn in that as mobile app fraud continues to increase. This form of fraud includes apps that attempt to fake other apps and well-known brands. When the user downloads the app, they may be prompted to give information or may have downloaded malware directly. It’s important to check and make sure the app is credible as well as the developer to ensure downloading the app is safe and secure.
5. What Drives Hackers to a Life of Cybercrime? by Kacy Zurkus
One of the main reasons that people may turn to a life of cybercrime is of course the potential for tremendous financial gain. However, Wendy Zamora dove deeper into what some other motivations may be for these people. She conducted interviews with active and non-active cybercriminals on top of other research to determine that revenge, ego and sociological factors rate very high among the reasons why people want to commit these crimes. Zamora wanted to truly understand the motivations and intentions of these cybercriminals to see if some may eventually turn to a life of ethical hacking.
The Definitive Guide to DLP
- The seven trends that have made DLP hot again
- How to determine the right approach for your organization
- Making the business case to executives
The Definitive Guide to Data Classification
- Why Data Classification is Foundational
- How to Classify Your Data
- Selling Data Classification to the Business