“Cybercriminals have been pushing Facebook users to download a Clubhouse app “for PC,” something that doesn’t exist. The app is actually a trojan designed to inject malware into your computer.”
Scraped personal data of 1.3 million Clubhouse users has reportedly leaked online
“The personal data of 1.3 million Clubhouse users has leaked online on a popular hacker forum, according to a Saturday report from Cyber News. The scraped data of Clubhouse users includes names, social media profile names, and other details.”
Chrome users, check if Google is tracking you with new targeted advertising
“Google is keeping an eye on where you go on the internet. Back in 2020 Google announced the beginning of the end of third-party cookies that track you as you click around the Chrome web browser.”
Android spyware masquerades as a System Update
“Malware of all kinds on Android are nothing new. Some even manage to get past Google Play Store’s security checks. Most, however, ride on apps that are sourced outside of Android’s sanction app store and those are often able to wreak more havoc than normal harmful apps.”
Vulnerabilities in Single Sign-On services could be abused to bypass authentication controls
“SAML XML injection gives attackers free rein over user accounts, although hard-to-execute bug proves real-world threat is minimal UPDATED A class of vulnerability detected in several Single Sign-On (SSO) services might allow attackers to hack into corporate systems, security researchers at NCC Grou”
Critical netmask networking bug impacts thousands of applications
“Popular npm library netmask has a critical networking vulnerability. The component gets over 3 million weekly downloads, and as of today, has scored over 238 million total downloads over its lifetime. Further, about 278,000 GitHub repositories depend on netmask.”
T-Mobile: First US network to comply with FCC’s STIR/SHAKEN protocol deadline
“For years now, US carriers have been doing their best to protect their customers against scam callers. It has gotten so bad that the government has even implemented rules against it and encouraged carriers to take the concern seriously.”
New Android malware spies on you while posing as a System Update
“New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated.”
Apple releases iPhone, iPad, Watch security patch for zero-day bug under active attack
“Apple has released an update for iPhones, iPads and Watches to patch a security vulnerability under active attack by hackers. The security update lands as iOS 14.4.2 and iPadOS 14.4.2, which also covers a patch to older devices as iOS 12.5.2. watchOS also updates to 7.3.3.”
Three billion phishing emails are sent every day. But one change could make life much harder for scammers
“Cyber criminals are sending over three billion emails a day as part of phishing attacks designed to look like they come from trusted senders.”