Android zero day, deepfake scam, Facebook data leak, and more.


Hi, I’m Paul Torgersen. It’s Thursday,
September 5th, 2019 and this is a look at the information secu rity news from overnight. From ThreatPost.com:
A high-severity zero-day vulnerability has been found in Google’s Android operating
system. The specific flaw exists within the Video4Linux 2 driver. An attacker with physical
access to the Android device could leverage the flaw to escalate privileges and take control.
Vulnerability score of 7.8 and no patch yet available. From ZDNet.com:
Criminals used AI-generated audio to impersonate a CEO’s voice and conned a divisional CEO
in the U.K. into transferring $242k to a scammer’s account. These deepfake voice attacks could
be the next iteration of the business email compromise, which has cost businesses almost
$2bn over the past two years. From BleepingComputer.com:
A new Android Trojan named Joker has been found in 24 Google Play Store apps with more
than 472,000 combined downloads. Armed with a malware dropper and spyware capabilities,
it simulates user interaction on ad sites, and will also harvest its victims’ device
info, contact list, and text messages. See the article for details and a list of those
apps. Also from BleepingComputer.com:
For almost a year, threat actors could exploit a vulnerability in Samba software that allowed
them to bypass file-sharing permissions and escape outside the share root directory. Patches
have been issued for this 9.1 severity flaw if you are running versions 4.9.13 or 4.10.8
or earlier. And from TechCrunch.com:
An exposed server has been found that contained more than 419 million records over several
databases of phone numbers linked to Facebook accounts. Some of the records also had the
user’s name, gender and location by country. At least 18 million of those records are of
users in the U.K., we’ll see if GDPR has anything to say. That’s all for me today. Have a great rest
of your day and until tomorrow, be safe out there.

, , , , , , , , , , , , , , , , , , , , , , ,

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *