A week in security (October 14 – 20)

Credit to Author: Malwarebytes Labs| Date: Mon, 21 Oct 2019 15:45:45 +0000

Last week on Malwarebytes Labs, we tried to unlock the future of the password (its vulnerabilities, current alternatives, and possible future disappearance), analyzed the lagging response by many businesses in adopting a patch for Pulse VPN vulnerability, looked at Instagram’s bulked-up security against phishing emails scams, and were reminded that ransomware remains a dominant threat facing businesses and consumers today.

A malicious version of the privacy-focused Tor Browser was used to steal about $40,000 from dark web shoppers. (Source: Bleeping Computer)
Countless older Amazon devices—including the first generation Echo and eighth generation Kindle—are vulnerable to man-in-the-middle attacks through a Wi-Fi exploit. (Source: Dark Reading)
“Jackpotting” attacks, in which ATM machines are hacked to toss out money, have spread across the world. (Source: Motherboard)
Google’s newest Pixel 4 smart phone comes with a brand new security flaw, too—its facial recognition features do not require a person’s eyes to be open. (Source: Ars Technica)
More than 330 suspects were arrested as part of the US Department of Justice’s seizure and shutdown of the dark web’s largest child porn marketplace. (Source: HackRead)
Facebook CEO Mark Zuckerberg upset users when said he feared an “erosion of truth” while still permitting politicians to lie on his platform. (Source: The Washington Post)
Oracle co-CEO Mark Hurd, 62, died after spending one month on medical leave from the company. (Source: TechCrunch)
US Customs and Border Enforcement is considering adopting facial recognition software for the bodycams worn by agents who patrol the border. (Source: Reuters)

Stay safe, everyone!