Again we hear of a breach. This time a company that codes the digital keyboards that can be installed on devices has been hacked. Now it is being exposed as to how information the company was actually gathering about the people that use their keyboard software. Things that have absolutely nothing to do with the app they created has been gotten from this company. Why should this company be tracking this information so hard? We always need to be vigilant about what software and hardware we use. A company we work for may test us. I know mine sends me phishing attempts (I think I catch most of them because they tend to use outside companies, such as Wal-Mart, that has no record of that email address, or shouldn’t). Check it out:
Exercise Skills Carefully
There’s the age-old adage, “Just because you CAN do something doesn’t mean you SHOULD do it.” Back in September, I was asked by someone I know to hack into their joint account. I refused. Now here I am, sitting at my job, on my lunch break, writing this blog post, looking forward to next Friday and the graduation ceremony. No charges to worry about, not facing any jail time. Not this guy. His friend was in jail, so he used his skills to hack into the county jail system. He used his skills in attempt to break his friend out of jail (by giving the friend and others an early release). He was caught, tried, and convicted. Now he is waiting for the sentence he has to serve. He may be facing more time than the friend that he was trying to break out (who knows what sentence the other friend was facing, and the hacker is facing up to 10 years in prison). Check it out:
Google Cracking Down on the Play Store
Android app developers are having a fit now. Google has finally put their foot down and are requiring the reason for links to other apps. The apps that Google is trying to protect are the accessibility apps. This means that some developers are using the accessibility apps for things that may not require these apps. While the link between the two apps may provide the user with benefits, hackers are starting to use this link to infect people with malware. So Google is now giving app developers 30 days to prove that the accessibility code is helping disabled users or remove the code. If the developers do not comply with this requirement, Google will remove the app from the store completely. This is a concern for developers who have created apps that use these features for a legitimate purpose but not for disabled users. Check it out:
https://thehackernews.com/2017/11/android-accessibility-services.html
KRACK Vulnerability Exposed
The KRACK vulnerability is a vulnerability in the WPA2 protection used for WiFi. This is a technology that is used by more people in more places than we can to know about if there is a vulnerability. This vulnerability does not mean the end of the WPA2 security, it just means that there has to some extra protection given. Unfortunately, we have to make sure that we keep up with the news and other information. The reason for this is that there is such a rush to get software out to the public, sometimes the software developers do not include security measures in the programs for current security vulnerabilities. They just update the software after release to help protect against the threats. The following website is more information about this vulnerability and what companies have released patches for their devices.
http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now/
Is Big Brother Really Watching?
There are a lot of conspiracy theories about the government watching every move we make. Some people are afraid to even have certain televisions. They do not want to have televisions that can connect to the Internet and refuse to connect to the Internet themselves. Now what would these conspiracy theorists make of this article is anyone’s guess. They are already paranoid about being watched through their televisions and computers, now someone is saying the iPhone camera could have been taken over by malicious apps that were downloaded from somewhere other than the Apple Store? Oh, yeah. Conspiracy theorists would eat that one up. We just have to watch what we download and from where to protect ourselves from this hack. There is a danger from the permissions that we allow for certain apps. However, there is more danger from downloading apps that have not been approved by the Apple Store or Google Play. Check it out: https://thehackernews.com/2017/10/iphone-camera-spying.html
Kaspersky opens it source code
Although some security experts say that this will not help, Kaspersky has opened its source code after being accused of spying for the Russian government. This is in effort to repair their reputation as a anti-virus and anti-malware software. Kaspersky is doing this in effort to show that they are not spying for the Russian government, and are also offering money to people who can vulnerabilities in their code. They are also calling for a review of their business practices. This shows the importance of a company’s reputation, and how damage to the reputation can impact the bottom line. Some security experts say that opening the source code doesn’t do anything as the Russian government can access another area.
https://thehackernews.com/2017/10/kaspersky-antivirus-source-code.html
Even Microsoft Can Be Hacked
We all know that the software developed by Microsoft has vulnerabilities, that is the reason for many of their updates. However, this article is talking about the company itself, not just their products, getting hacked. The bug reporting system that is maintained by Microsoft so they can find areas for vulnerabilities was hacked back in 2013, and Microsoft is just now admitting it. At the time of the hack, Microsoft employees only had to enter a password to access the system. Since the hack, Microsoft has implemented a Multifactor Authentication (MFA) method.
https://thehackernews.com/2017/10/microsoft-bug-tracking-breach.html
Spying is still going on, it just went to the cloud.
The USSR fell in the 80s, and people assumed that the Cold War had ended after around 40 years. It didn’t end because the spying on each other didn’t end. Countries have always done that and will continue to. Israel proved it a couple of years ago, though we are just finding out about it. Israel managed to hack Kaspersky, an anti-virus and anti-malware company, back in 2015. This fact was just released, and what Israel found is that Russia is still spying on America. They are just doing it in cloud now. The Cold War didn’t end, it just moved to the cloud.
https://thehackernews.com/2017/10/kaspersky-nsa-russian-hackers.html
Amazon gets a smaller hit than other companies
Amazon’s Whole Foods chain has not been open very long, but it is already getting hit by hackers. It is impressive, however, as to how much was damaged. The actual food chain was not compromised, just taprooms and service-table restaurants located within this chain. Also, it was not all of the taprooms and service-table restaurants, just certain locations. Amazon Whole Foods found the hack fairly quickly and notified authorities as soon as they found out. The main Amazon network was not hit. This shows great division of the networks and digital security. The actual, physical Point-of-Sale (POS) devices were affected by the hack. For more information check out this article: https://thehackernews.com/2017/09/amazon-whole-foods.html
Learn how to hack from your Android platform
We can make calls on our cell phones while on the go. This is the first thing we were offered, then came text messaging. With Blackberries came the ability to check email on while on the move. We are no longer tethered to our houses to stay in touch , whether it is calling, texting, emailing, or messaging over the Internet. Why not learn how use the Android platform to learn how to hack on the go? There are now classes that make learning how to use the Android platform to hack on the go possible. Just be careful when you hack. Do it ethically.
https://thehackernews.com/2017/09/android-mobile-hacking.html
Writing for the Information Professions, Fall 2017 