[ad_1]
The week has begun go out with a shot, or several of them really. Do you remember Meltdown and Specter, the vulnerabilities that essentially affected all Intel processors in the last decade? There is a related attack called ZombieLoad – yes, ZombieLoad – with a similar and wide impact. Serious things! But honestly, not even the worst revelation of the week.
This distinction is probably going to Cisco. Researchers at security firm Red Balloon discovered they could hack into the company's ubiquitous corporate router, meaning they could listen to all incoming and outgoing traffic from these networks. Cisco then acknowledged that dozens of its products were likely to be attacked, possibly including millions of devices, and that a fix would require an on-site visit.
And this before even ending up at the big bazaar of the week: the Israeli hacking company NSO Group has apparently found a way to break into the phones simply by making a call via WhatsApp. The recipient does not even need to make contact. There is also Microsoft, which has released its first Windows XP patch since the months leading up to the invasion of the WannaCry strain for ransomware – and we all know how it went.
I can not emphasize enough that all this happened on Tuesday.
Things calmed down a bit from there. The FCC has implemented a new automated call termination plan, which is roughly the same as the old automated call stop plan. Google has recalled its multi-factor authentication Titan Security Key on a fault Bluetooth. The federal government and Europol have dismantled a sophisticated international network of cybercrime. And we looked at how technology has helped the National Security Council to flourish in war affairs.
And there's more! Each week, we round out information that we have not touched on in detail, but that you should know. As always, click on the headlines to read the full stories. And stay safe outside.
Google tracks your purchases online via Gmail
Google recently campaigned in the field of privacy protection, including a New York Times Sundar Pichai, CEO, emphasizes the importance of protecting your data. It's a feeling that does not really correspond to this week's revelation that Google also searches your Gmail account for transaction traces and collects all of them on a separate web page of your account. You can find yours here. It includes Amazon purchases, subscriptions, tickets, anything for which you have received a receipt by email. Google indicates that it does not use the information to run ads and that the page exists "to help you easily view and keep track of your purchases, reservations and subscriptions in the same place." Honestly, it is not surprising that Google machines can read your messages. E-mail. However, it is difficult to understand on which planet the company thought that keeping a hidden page listing your retail activity would be considered anything but scary and intrusive. There is no easy way to delete this history, except to delete receipts from your email or check them one by one on your purchase page. To get at least a little control over how Google is following you, go to this preferences page and click "Do not use private results". Because, of course, Google has chosen to use the default private results rather than participate.
New decree bans foreign telecommunications equipment
While trade tensions between the United States and China are not resolved, President Donald Trump has struck this week a favorite target: Huawei, the Chinese technology company accused by the United States of posing a threat for national security. In a Wednesday decree, Trump banned transactions that pose "an unacceptable risk." The Commerce Department then placed Huawei on its list of entities, significantly limiting the potential of US companies.
A ransomware recovery company apparently just … paid the hackers
In a lengthy survey report released this week by ProPublica, several data recovery companies that had vowed to defeat ransomware with the "latest technology" called Proven Data Recovery have simply paid hackers behind the SamSam ransomware. Paying is not the worst of ideas when you're in this situation, but lying to customers and charging them extra is a bit.
Adobe 84 patches – Yes, 84 – Vulnerabilities
Adobe Flash will finally die next year, but it is not the only product of the software company to challenge for security reasons. This week, Adobe has released patches for dozens of bugs, most of which concern Adobe Acrobat and Reader. Do not worry, though; one still applied to Flash.
More great cable stories
[ad_2]
Source link