Another month, more security vulnerabilities and hacking incidents! This article won’t cover them all, but it does cover a few major security-related incidents and vulnerabilities you need to be aware of.
WhatsApp users need to update to the latest version, as data-stealing malware can be injected onto your device via a phone call if you’re using an older version of WhatsApp. This is apparently capable of bypassing WhatsApp’s ‘end-to-end’ encryption because it is actually on your device. Data theft and spying aren’t limited to WhatsApp, so please use the most privacy-conscious services and apps that you can find. Most notably those that don’t track you or collect your data in the first place. After all, data thieves often go straight to servers (where collected data is stored) instead of your device.
Hackers Sneak Backdoor Onto Android Devices (Triada Scandal)
In 2017, it was found that the Triada backdoor (supply chain trojan) was installed on Android devices prior to leaving the factory. Google ameliorated the issue. However, it’s back. Imagine a phone being infected with malware right out of the box, and it’s in the firmware! Data is one of the most valuable things today, so data theft is one of the most frequent cyber crimes.
Intel Processor Vulnerability – MDS
The Intel Microarchitectural Data Sampling (MDS) vulnerability is a processor flaw identified by Intel, and hackers can exploit it to steal data from your CPU. While a potential serious vulnerability, Intel says it is difficult for hackers to exploit. Also, don’t count on your anti-virus software to detect malware that is exploiting it, as it is incredibly hard to detect.
Hackers Click Past MacOS Security Prompts
Hackers have found a way past MacOS security prompts that restrict access to sensitive information on your Mac with the use of malware. What they used are called ‘synthetic clicks’, meaning they can secretly click past those security prompts without your knowledge to access sensitive information on your Mac.