Latest news from Naked Security (2020/03/06)

5 tips for working safely from home

Don’t let teleworking due to concerns over the coronavirus (Covid-19) put your cybersecurity health at risk….

Run ANDROID on an iPhone? Are you SERIOUS?!?

It’s true – Android on an iPhone. OK, a few things don’t work yet… such as sound. And the phone bit.

Researcher finds 670 Microsoft subdomains vulnerable to takeover

Researchers have found it’s still child’s play to hijack subdomains from companies such as Microsoft to use in phishing and malware attacks.

Chrome extension cons cryptocurrency users out of hardware wallet key

Ledger has warned users about a rogue Chrome extension that duped users into giving up the keys to their hardware crypto wallets.

Cathay Pacific fined over crooks slurping its database for over 4 years

The ICO found a “catalog of errors,” including backups without passwords, unpatched servers, no-longer-supported OSes and feeble anti-virus.

Boots yanks loyalty card payouts after 150K accounts get stuffed

The UK pharmacy chain says it wasn’t hacked, its systems are fine. It’s all the password reusers mucking things up again!

Latest news from Naked Security (2020/03/05)

Coronavirus warning spreads computer virus

There’s an attachment that you are “strongly recommended to read” on account of coronavirus infections in your area. Don’t open it!

Facebook: No, we are not killing Libra

Facebook denies that it’s cringing away from its virtual currency plans due to the fact that regulators loathe it.

Ethical hackers swarm Pentagon websites

Hackers are crawling all over the US Department of Defense’s websites – and DoD officials are quite happy about the whole thing.

Google launches FuzzBench service to benchmark fuzzing tools

Google has announced FuzzBench, a free service “for painlessly evaluating fuzzers in a reproducible way.”

Zynga faces class action suit over massive Words With Friends hack

It’s charging subpar password security and lousy user notification: Zynga has yet to notify users to warn them of the breach, the suit says.

Latest news from Naked Security (2020/03/04)

Why 3 million Let’s Encrypt certificates are being killed off today

If your certificate gets revoked and you don’t renew it, visitors won’t be able to get to your site…

S2 Ep29: Facial recognition, malware madness and smart speakers – Naked Security Podcast

Listen to the latest episode now!

NCSC: Secure your webcams now

We don’t want to see what you do behind closed doors, but lots of hackers would be happy to pull up a chair to view that video stream.

Google fixes MediaTek bug in Android March patches

There are patches for over 70 bugs, and they finally fixed a months-old exploit for MediaTek chipsets, said to affect millions of devices.

Tech support scammers hacked back by vigilante

A cybercrime vigilante was so incensed by tech support scammers, he reverse-hacked the Indian call centre to spy on his would-be attackers.

Facebook purges hundreds of fake accounts from state actors, marketers

It removed 5 networks engaged in foreign or government interference in Egypt, India, Russia, Iran, and Myanmar/Vietnam. Some targeted the US.