//Week in review - 25 Oct 2019
AusCERT Week in Review for 25th October 2019
This week we saw both Google and Mozilla release updates to patch multiple vulnerabilities in the Chrome and Firefox browsers, part of the on-going battle to ensure we are a little safer whilst we battle the web.
Additionally, with consumer protection in mind, Apple pulled eighteen malicious apps from the iOS store, whilst on Google Play Store, forty two adware Android apps were removed. However, despite measures taken by vendors to protect us from the ‘evilz’, we must still remember that have to take responsibility for our own actions and choices. Be vigilant with your app choice and always perform due diligence.
Every day we are more invested in staying connected to both people and systems, and Naked Security informed audiences in an article this week that people still think of phishing as being solely an email borne scam. However, the article correctly reminded readers that the technique is applied by scammers to communications streams available on our electronic devices, including social message, instant messaging and SMS text messages.
Please feel free to dive into the associated articles:
iBye, bad guy: Apple yanks 18 iOS store apps that sheltered advert-mashing malware
Date: October 24
Author: The Register
42 Adware Apps with 8 Million Downloads Traced Back to Vietnamese Student
Date: October 24
Author: The Hacker News
Phishy text message tries to steal your cellphone account
Date: October 18
Author: Naked Security
Here are four of this week’s interesting security bulletins:
VMware issued update to resolve a vulnerability associated with its vCenter Server Appliance, addressing a sensitive information disclosure vulnerability (remote unauthenticated) in backup and restore.
As always, stay safe, stay patched, and make it a good weekend!
Colin and Patch the AusCERT cat