Watch for patches, an FBI cyber crime report and another password warning
We’re bringing you the latest cyber security news. Welcome to Cyber Security Today. It’s Friday May 11th. To hear the podcast, click on the arrow below:
It’s patching week, so attention Android device users: This week Google released its May Security fixes, which – hopefully — your device manufacturer and carrier have tested and approved for release. A notification should pop up on your screen. If not, go into Settings, and then System, to see if updates are available. In addition, owners of LG handsets should be on the lookout for a patch that plugs a severe hole in the handwriting feature. Older devices may not get these Android and LG patches because carriers don’t pass them on.
Abode released fixes for Creative Cloud, Adobe Flash Player and the Adobe Connect web conferencing software tool. So far, no exploits for these have been seen in the wild. Microsoft’s Patch Tuesday release fixed more than 60 vulnerabilities, including two Windows zero-day flaws that can be exploited for remote code execution and privilege escalation.
On the enterprise side SAP administrators should be on the lookout for security patches for more than a dozen vulnerabilities, including four bugs in Internet Graphics Server.
Interesting numbers out this week from the FBI on cyber crime in America. The top three crime types reported by victims in 2017 were non-payment/non-delivery of products, personal data breach and phishing. Losses are estimated at $1.4 billion. It wasn’t only Americans who reported cyber crime to the FBI; 3,164 Canadians did too, the biggest group of foreigners. I’m looking forward to the creation of the new RCMP National Crime Co-ordination Centre to get better Canadian numbers on online crime. Of course, these numbers will only be accurate if offences are reported to police.
Finally, a story from an Online Trust Alliance blog about a responsible company and passwords. The company is Google, which this week emailed a warning to a user of its Wi-Fi Nest thermostat that his password for the device had been compromised in a data breach. The data breach wasn’t at Nest but somewhere else, so obviously the victim had re-used his password more than once. That’s a big mistake. There was no explanation of how Nest found out about the password problem, but it’s good of them to have warned a customer. The stolen password could have been used to break into the victim’s home network to steal valuable data. The lesson for listeners always use unique passwords and enable two-factor authentication where you can.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening.