Mocana's Weekly News Roundup, Ed 10
The Roundup has taken an international turn for its tenth week. There are widespread mobile and debit card security issues all over the globe, from Mexico's ATMs being compromised to a mandatory South Korean app to monitor minors.
Are you aware of bluetooth skimmers and their ability to steal card data?
On domestic land, millions of fingerprint records were stolen, and could place counterintelligence measures at risk.
While allegations are on Chinese hackers, the true culprits remain unknown. One article quotes, "industrial espionage in cyberpspace by its government," has even been addressed by President Barack Obama as "an act of aggression that has to stop."
To read more on these interesting topics, see below:
This is a three-part investigative blog series that chronicles a trip to Mexico and the many ATMs that have been compromised due to a bluetooth circuit with a data storage device. These skimmers are actually targeted to go inside of machines, and the stolen data sent by the bluetooth components are encrypted. A fascinating read that brings to light the many security threats all over the world.
Last April, the South Korean government required if minors bought smartphones that they have a "child monitoring app." It's called "Smart Sheriff," yet there have been a reported 26 critical security flaws in the program. Children's information on the device "were being sent unencrypted." The risks of a large-scale exploitation is very plausible despite South Korean mobile operator association MOIBA claiming it has "fixed the vulnerabilities."
Mobile security threats are widespread from IT--not just malware, as this article indicates. It's important to take "a risk-based approach to safeguarding corporate-provided or employee-owned devices in the enterprise." Regardless of whether your phone is an Android or iPhone, no technology is immune from malware, or losing it, for that matter. Read the strategic ways to mitigate risks in IT for these devices.
Recently, a hack has stolen about 5.6 million fingerprint records, which was more than initially reported according to author David Alexander. This consisted of security clearance data on "millions of Defense Department and other U.S. government employees." No one has come out publicly to say who's to blame, but allegations on Chinese government hackers have been made privately by U.S. officials.
There is an update showing malware dubbed "XcodeGhost" was found in "hundreds of iPhone and iPad apps," but its threat number of apps affected is unclear. This article goes more into depth about the "tainted version," from China that "promised faster downloads than Apple's US servers." While it may appear to be more adware, this still comes with problems that aren't properly secured or encrypted.
We value your input as a reader; let us know your thoughts in the comments here or tweet us @mocana.