Cyber Security Today – Trust still needed in security, cheap phones may mean cheap privacy, dump these Android apps

Trust still needed in security, cheap phones may mean cheap privacy, dump these Android apps.

Welcome to Cyber Security Today. It’s Monday September 23rd, I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

Trust is an important word, especially in cyber security. We trust the companies whose products we buy will protect our personal information. This is especially true for cellphone companies. So it’s disheartening to hear how the head of an American cryptocurrency exchange and his company were victimized. According to the ZDNet news service, court documents say in 2017 a con bought stolen personal details about the chief executive of the exchange, including his cellphone number. Then somehow he got the cellphone company to add call forwarding service to the victim’s account. That meant incoming calls would be silently forwarded to the crooks. It also meant they could bypass the two-factor authentication the executive had to protect his phone, Ultimately the crooks were able to use the entry into the cellphone to get into the exchange’s systems, change passwords and steal cryptocurrency. The two hackers now face criminal charges. I advise people a lot about using two-factor authentication as much as they can. So do experts. But security also means companies have to do their part, too. That means having tough procedures when someone calls or emails and asks to change passwords or features.

For security reasons travelers going to some countries don’t want to take their own smartphones. Instead they buy a cheap phone they can throw away after the trip. Or, they make break their phone while away and have to buy a new one. But a report from Privacy International warns that cheap phones may come with cheap privacy. For example, one staffer had to buy a phone in the Philippines. It had a number of problem apps, but the biggest problem was the operating system: It ran Android 6. For those who don’t know the latest version is 10, which is only just starting to be released. The older the operating system the more likely there will be security and privacy problems. By the way, those of you who have a four-year-old Android phone that’s not running version 8 or 9, think about getting a new phone.

Speaking of Android, two more strange apps that you should avoid have been found in the Google Play store. One is called Sun Pro Beauty Camera, the other is Funny Sweet Beauty Camera. Combined they have been downloaded 1.5 million times. What’s wrong? According to a security firm called Wandera, these apps force a lot of ads on users’ phones. And they ask for suspicious permissions when installed. According to the news site Bleeping Computer, they have been removed from the Google Play store. My feeling is a smartphone is not a place to play or experiment with apps. Just because an app is on the Play store doesn’t mean it’s safe. Read reviews and check the history of the developer.

Finally, firms that run the Forcepoint VPN virtual private network should make sure they’ve got the latest version. There’s a serious bug in the desktop client that has to be patched.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast