Keep those Andriod devices safe people!
This seems scary. If you don't think cyber security concerns you, you should probably be aware of how many things currently, or shortly will be, connected to the internet. Yes, it's cool to be able to control your house from your smartphone, or start your car from inside using it on a cold day, but if the communication is going across the internet insecurely, that means anyone else can too! We're not just talking about a defaced website, or even credit card information, we're talking about things that can kill you.
Frankly, until this is secured as much as possible, the self-driving car is a non-starter. I kind of like the idea of the self-driving car, but not so much if it can be hacked and actually controlled by someone else.
Malwarebytes has been one of my go-to resources for years when helping people clean up infected machines. Interesting to see them dip into a tool for Macs, which obviously can, and do, get malware as well!
Stop what you are doing and grab this patch. This security flaw is already out in the wild, attached to some of the nastiest malware out there. Get the update if you have Flash installed. (And you probably do!)
What's interesting about this is the timing. Obviously with Deflategate there was an inability to get texts from Tom Brady's phone, but having a mobile forensics expert wouldn't have changed that. You need access to the phone. Is the NFL planning on making that part of the CBA, that players have to turn over their phones to provide information to the league in an investigation? Would they actually agree to that? I don't think I would. It's not a matter of having something to hide either, we all have data that just shouldn't be public, or in anyone else's hands, on our devices. Just because I work for a company doesn't give them access to my personal phone. Putting that clause in a player's contract is overreaching, IMHO.
I've always been bothered by the idea of QR codes. I felt that they undermined everything we tried to teach users about online security. Don't open email attachments that you weren't expecting, don't blindly follow links without checking where they go, or just go to the website and login without clicking a link in an email, but then the marketing people got into the QR game and realized they could get people to "play" with their smartphones and scan a code, and that code could take them anywhere the marketer wanted to take them, and suddenly that seemed like something we should encourage? No, no and no. As this story points out, as a user, you have no idea where that QR code is taking you, are you really ok with that?
The facts about how shabby the security procedures at the OPM are appalling. The US government is constantly asking us to trust them to know what's best and protect us, but how can we when facts like these come out? No security staff until 2013 and not using encryption? WTH?
--"23% of recipients open phishing messages and 11% click on attachments"
Click in to find related links.