Do you use WhatsApp? Did you know that your phone can get hacked just by the act of accepting a video call on WhatsApp?
According to Google Project Zero’s security researcher, Natalie Silvanovich, a critical vulnerability has been found on WhatsApp that allows malicious users to control your smartphone once you accept the call. This issue is related to memory heap overflow. When a victim receives a video call from an attacker, malformed RTP packets are transformed, generating errors in Android and iOS apps without affecting WhatsApp web.
This vulnerability has been patched on 28th September and 3rd October in the Android and iPhone application respectively. If you missed the latest updates, please update your app before you open it again!
Singapore Gets the Crown of Shame in Having the Worst Cyber Hygiene
On the 3rd of October, VMware published a survey about the state of cyber hygiene in Asia. This survey showed that Singaporean users have not been fully aware of their security habits. The results showed that a majority of Singaporeans store their bank account credentials in one to six mobile applications, and only an estimated 14 percent of them use different passwords for the accounts they use, which is a significantly lower when compared to the global average of 24 percent. Moreover, 45 percent of Singaporeans use the same passwords across web or mobile applications, storing credentials of payment data. Although it may be convenient to use the same password, keeping your credentials safe should be top priority. A minor mistake or leak of your password could potentially lead to critical financial loss.
Check out our post to see how you can prevent such a data leak! [link]
Every month, more than 2.2 billion users log onto Facebook. The international social media platform recently got hacked and the credentials of 50 million accounts were leaked. The bug was discovered in the “view as” feature, which allowed hackers to gain the digital code, such as browser cookie. With this, hackers were able to sign in with other users’ accounts and it allowed them to gain the credentials of victims. Earlier this year, there was already a huge issue regarding Cambridge Analytica’s access to 87 million users’ data for political reasons. Since then, data privacy legislation has not been fully formed yet. This latest Facebook incident has pressurised the United States Congress to provide more structure in the privacy protection regulations.
French Dark-Web Drug Dealer Sentenced for 20 Years
The dark-web dealer who was arrested in the World Beard and Mustache Championships last year has finally been sentenced to 20 years in prison. Gal Vallerius, aka Oxymonster, was accused of crimes such as being an administrator of Dream Market, and trading OxyContin and Ritalin drugs.
Investigators suspected that the user, ‘Oxymonster’, could be the person named Vallerius. They narrowed down the scope through tracking the bitcoin transaction, as well as the Instagram and Twitter accounts of Vallerius, to match the writing style of Oxymonster. Common words were discovered, including the frequent use of ‘cheers’, quotation marks, and intermittent French posts. Because of the similarities in his writing style, the drug trader was captured.