It's time to reconsider what you install in your web browser, what mobile information you send, or the types of email you're sending.
Here's why in this edition of cyber security news you need to know.
1. Watch Out For Fraudulent Chrome Extensions
More than 100,000 computers have been infected by a new malware family called NigelThorn, which affects only Chrome users. NigelThorn is “capable of credential theft, cryptomining, click fraud, and other nefarious actions,” says SecurityWeek.
The malware works because of social engineering: friends appear to send links to victims, who are then “redirected to a fake YouTube page that asks them to install a Chrome extension to play the video,” SecurityWeek says. “Once they accept the installation, the malicious extension is added to their browser, and the machine is enrolled in the botnet.”
NigelThorn steals Facebook login credentials and Instagram cookies to spread the link to another unsuspecting friend either through Facebook Messenger or a post on Facebook in which a friend is tagged. The process continues when one of those friends sends the link.
Protect yourself from this malware by avoiding suspicious links and Chrome extensions, and get smarter about security awareness.
2. Your Encrypted Emails May Not Actually Be Encrypted
Sensitive emails may be revealed due to a new set of vulnerabilities in encryption technologies, says a recent report.
“The flaws, collectively dubbed EFAIL by the team of European researchers who discovered it, affect the end-to-end encryption protocols known as OpenPGP and S/MIME,” writes Threatpost.
You may be affected if you use tools like Thunderbird, Apple Mail, and Outlook for your email. However, the Signal service is not affected.
“In a nutshell,” writes Johns Hopkins University Assistant Professor Matthew Green, “if I intercept an encrypted email sent to you, I can modify that email into a new encrypted email that contains custom HTML. In many GUI email clients, this HTML can exfiltrate the plaintext to a remote server. Ouch.”
The Electronic Frontier Foundation has steps you can take to prevent secure emails from leaking.
3. New Attack Threatens Data Corruption
An attack technique called Nethammer can execute code on targeted systems by writing and rewriting memory on dynamic random access memory (DRAM) chips, according to The Hacker News.
Ultimately, this “bit flipping” technique can allow attackers to take control of a victim’s system.
No fix is known as of this writing to fix the issue since software patches cannot fix exploited hardware weaknesses. That leads THN to suspect that the “threat … has potential to cause real, severe damage.”
4. Cell Phone Data Leaked
If you’ve used the website LocationSmart to track your mobile device, snoopers may discover your location.
Phones operating on all major U.S. mobile carriers—AT&T, Sprint, T-Mobile, and Verizon—may have been affected, according to KrebsOnSecurity.
The LocationSmart demo allows users to enter their information, including a phone number, to see the approximate location of their mobile phone. The service texts the phone number, and after receiving consent, texts people their location on a Google Street View map.
However, a security researcher at Carnegie Mellon University soon learned that anyone could track the location of any phone number without authorization.
Krebs reports that it’s unclear what the carriers will do about the breach.
The LocationSmart service is currently offline.
Organizations should have a mobile policy in place, and that policy should address issues related to location.
