Subj : Sophos Virus News
To   : All
From : Daryl Stout
Date : Fri Oct 04 2019 11:15:13

Here is the latest information from the Naked Security Blog from Sophos.
You can go to nakedsecurity.sophos.com to read these. You can also sign
up to have these delivered to your email during the week.

Be sure that you PRACTICE SAFE HEX -- and that you keep your anti-virus,
anti-malware, anti-spyware, and anti-ransomware software up to date. Do
NOT open any email attachments, even if they appear to be from someone
you know.

Also, if your browser seemingly locks up, telling you to call Microsoft
at a certain number, do NOT call the number!! Instead, close your web
browser, clear the cache and cookies, do a full virus scan, then restart
the browser.

***

S2 Ep11: Fleeceware, Chrome bug and the sextortion scam that won't die
- Naked Security Podcast

Listen to the latest episode of our podcast now.

***
	
Buying a new laptop? Here's how to secure it

Getting the basics right gives you a lot of protection. Here's how.

***
	
WhatsApp vulnerability could compromise Android smartphones

A researcher has released details of a WhatsApp flaw that could be used
to compromise the app and the mobile device the app is running on.

***
	
ś3 billion Safari iPhone privacy lawsuit given go-ahead

A UK class action lawsuit against Google, that represents around 5 million
iPhone users, can go ahead, according to the UK Court of Appeal.

***
	
Hacker's parents sentenced for selling his cryptocurrency

"You misguidedly tried to help your son" by moving his cryptocurrency,
but it "didn't help him at all," a judge said.

***
	
Google brings Incognito mode to Maps

It's good, but also a perfect opportunity for us to remember that I
ncognito mode doesn't translate to "I'm invisible!"

***

No federal privacy law will make it in the US this year, sources say

Without one, the companies that collect our data will likely face
compliance with California's take-no-prisoners law, in effect
1 January 2020.

***
	
PDF encryption standard weaknesses uncovered

Researchers have discovered weaknesses in PDF encryption which could
be exploited to reveal the plaintext contents of a file to an attacker.

***
	
Google's Password Manager now checks for breached credentials

Google has taken the next step in its strategy to secure users' passwords.
The search giant has taken a password-checking feature released in
February as an extension to its Chrome browser and embedded it directly
into its password manager service.

***
	
Ransomware attacks paralyze, and sometimes crush, hospitals

New attacks on the perennially besieged sector have crippled hospitals
in the US and Australia and caused one health clinic to shut down.

***
	
Exim suffers another "critical" remote code execution flaw

This latest Exim flaw could lead to at least a denial of service crash
in the software but also the possibility of remote code execution.

***
	
O.MG! Evil Lightning cable about to hit mass distribution

This malicious O.MG Lightning cable has come a long way, with extensive
work on the kinds of payload it can deliver.

***
	
218 million Words With Friends players lose data to hackers

The serial hacker GnosticPlayers is claiming to have ransacked Zynga's
user data - including names, emails and passwords.

***
	
Ex-Yahoo engineer pleads guilty to hacking 6,000 accounts

Reyes Daniel Ruiz went after younger women's accounts, including those
of his personal friends and work colleagues, he admitted.

***

Cloudflare adds VPN features to 1.1.1.1 privacy app

As promised in April, Cloudflare has finally launched Warp, a consumer
mobile privacy app that looks a lot like a VPN without actually being one.

***
	
Hacking 2020 voting systems is a "piece of cake"

That's how Senator Wyden described the results of DefCon's Voting Village,
where all of 100 voting systems were easily picked apart by hackers.

***
	
China's 500 megapixel camera is capable of mega-facial-recognition

The 'super camera' can identifying people dozens of meters away using
facial recognition.

***
	
Darknet hosting provider in underground NATO bunker busted

Police overcame not only digital defenses of the "bulletproof" provider
CyberBunker but also barbed wire fences and surveillance cams.

***
	
Checkm8 jailbreak and AltStore put cracks in Apple's walled garden

People are taking different tacks to get around Apple's tightly
controlled phone rules.

***
	
Social media manipulation as a political tool is spreading

Researchers say 'cyber troops' in 70 countries are using it to automate
suppression, mount smear campaigns, or spread disinformation.

***
	
Outlook on the web bans another 38 file types

Microsoft is about to put another 38 file extensions on its 'too risky
to receive' blocklist.

***
	
Is the era of social media Likes over?

Instagram's testing a program to hide the Likes that have created a
toxic cyberbullying environment. Now, Facebook is as well.

***
	
Monday review - the hot 24 stories of the week

From the fleeceware apps ripping off consumers to Microsoft's emergency
IE patch - and everything in between. It's weekly roundup time.

***
--- SBBSecho 3.10-Win32
 * Origin: The Thunderbolt BBS - tbolt.synchro.net (454:1/33)

.