WhatsApp Squashes Critical Bug; Amazon ‘Prime Early Access’ Sale; Ad Fraud Apps Removed from Google & Apple Stores; New Deepfake ThreatPosted: September 27, 2022 Filed under: Uncategorized Leave a comment
WhatsApp haș crushed a ‘critical’ security vulnerability that affects its Android app. The bug allowed attackers to remotely plant malware on a victim’s smartphone during a video call. Techcrunch.com reports that the bug had a severity rating of 9.8 out of 10! Malwarebytes said it was an app component called ‘Video Call Handler,’ which when triggered allowed an attacker to take complete control over a victim’s app. The bug was discovered in house and, and WhatsApp says they have seen ‘no evidence of exploitation.’ The patch is in the latest version of WhatsApp. Install it now!
Amazon has slated its two-day ‘Prime Early Access Sale’ for October 11th and 12th. According to geekwire.com, the online giant hopes to boost sales similarly to the bump they get from Prime Day during the summer. They will release a Top 100 list of products in conjunction with the sale. Amazon says no decision has been made on this becoming an annual event. HINT: If it is successful, you can count on it!
Security researchers from HUMAN’s Satori Threat Intelligence Team spotted 75 apps on the Google Play Store and 10 on Apple’s App Store that engaged in fraud. All together, they had been downloaded 13 million times. Bleepingcomputer.com says that besides flooding mobile users with ads…both visible and hidden, the apps generated revenue by impersonating legitimate apps. Both Google and Apple have removed them all after being notified.
Deepfakes are unfortunately getting better. In a research paper by Microsoft’s Chief Science Officer Eric Horovitz, he warns of ‘interactive’ and ‘compositional’ deepfakes on the horizon. Venturebeat.com reports that interactive deepfakes as “the illusion of talking to a real person. Imagine a scammer calling your grandmom who looks and sounds exactly like you.” Compositional deepfakes, he continued, go further with a bad actor creating many deepfakes to compile a “synthetic history.” Thankfully, in the paper, Horvitz cites a variety of ways governments, organizations, researchers and enterprises can prepare for and defend against the expected rise of interactive and compositional deepfakes…including more use of multi factor identification, new watermarking, and more fingerprint ID. Let’s hope they get busy!