June 4, 2020

Google deletes Indian app that deleted Chinese apps

By Danny Bradbury

Google has deleted an app from the Play Store that offered to delete Android software associated with China.

The app, created by Jaipur, India-based developer OneTouch AppLabs, purported to scan Android phones for any apps with links to China. It used market research to identify apps from a named list and would then offer users the chance to wipe them from the user’s phone. Demos found online showed it deleting TikTok, the popular messaging app owned by Chinese developer ByteDance, and UC Browser, developed by Alibaba-owned UCWeb. It also reportedly deleted the app for the Zoom videoconferencing service, which the Munk School’s Citizen Lab revealed was sending encryption keys to Chinese servers.

After deleting the apps, it displayed the message “You are awesome”.

Why would someone develop an app that wipes another country’s software from a user’s smartphone? Ideology seems to be a key factor. The developer’s website described the app as a way to support Atm Nirbhar Bharat (self-reliant India). Indian Prime Minister Narenda Modi used the slogan in a televised address about COVID-19 in mid-May, during which he said that Indians had to “protect ourselves”.

Read more at https://nakedsecurity.sophos.com/2020/06/04/google-deletes-indian-app-that-deleted-chinese-apps/

Firefox fixes cryptographic data leakage in latest security update

By Paul Ducklin

We don’t know whether lockdown has anything to do with it, but how time flies!

We couldn’t believe it either – it’s four weeks since Firefox’s last regular security update.

If you want to check your version numbers, Firefox 76.0 is now replaced by 77.0; Firefox 68.8.0ESR is now 68.9.0ESR, and the Tor Browser, based on Firefox ESR, is now at version 9.5 and based on 68.9.0ESR.

As we’ve explained before but we’ll mention again because it’s useful to know, the first two numbers in the ESR version should add up to the leftmost number in the regular release.

So the current ESR is based on the feature set of Firefox 68, but with 9 updates’ worth of regular security fixes in there, so it is at 68+9=77 in security terms.

For organizational users of Firefox who are conservative about new software features but aggressive about installing security patches, the ESR version is an excellent compromise.

Indeed, the extent to which new features bring new bugs of their own can be inferred from the fact that the Security Advisory for this update (MFSA2020-20) has two separate items for “memory management bugs fixed in 77 and in 68.9ESR” and for “memory management bugs fixed in 77 only”.

Those fixes are denoted CVE-2020-12410 and CVE-2020-12411 respectively, and cover various memory management problems that were found by Mozilla itself as part of its internal bug hunting process.

The bug lists are still not public, presumably to give people time to get their updates before hints on how to exploit them are published for the world to see.

Read more at https://nakedsecurity.sophos.com/2020/06/03/firefox-fixes-cryptographic-data-leakage-in-latest-security-update/

VMware flaw allows takeover of multiple private clouds

By John E Dunn

VMWare’s VMware Cloud Director has a security flaw that researchers believe could be exploited to compromise multiple customer accounts using the same cloud infrastructure.

Formerly known as vCloud Director, Cloud Director is a popular enterprise platform for managing virtual datacenters across multiple sites.

A few weeks back, security pen testing company Citadelo chanced upon what looks like a significant vulnerability while it was varying out an audit for a VMware customer.

The vulnerability was a code injection flaw, now identified as CVE-2020-3956. The researchers developed a proof-of-concept that used the web-based interface or the platform’s Application Programming Interface (API) capable of taking over multiple private clouds on any vulnerable provider.

Read more at https://nakedsecurity.sophos.com/2020/06/03/vmware-flaw-allows-takeover-of-multiple-private-clouds/

Amtrak breached, some customers’ logins and PII potentially exposed

By Lisa Vaas

Amtrak, the national rail service for the US, has suffered a data breach that may have exposed some customers’ logins and other personally identifiable information (PII), the service has disclosed.

The state-backed transportation company, which is also known as the National Railroad Passenger Corporation, says that a third party got unauthorized access to some Amtrak Guest Rewards accounts on the evening of 16 April. The rewards program enables customers to earn points – by spending on travel, hotels, car rentals and more – that they can then apply to Amtrak purchases.

Amtrak revealed the breach on Friday in a regulatory filing – namely, a sample letter to consumers about the breach – with the Office of the Vermont Attorney General.

The service said that it determined that the intruder used compromised usernames and passwords to access some reward accounts and that they may have also viewed customers’ personal information. However, the attacker didn’t access financial data, be it credit card information or Social Security taxpayer IDs.

Read more at https://nakedsecurity.sophos.com/2020/06/03/amtrak-breached-some-customers-logins-and-pii-potentially-exposed/


Advanced Computer Services of Central Florida

Centrally located in Winter Haven, we serve residential and business clients in and around Polk County.

9 Camellia Drive
Winter Haven, FL 33880

Our Promise to You

Plain language, no tech-talk

We will never try to over-sell you a product you don't need.

Advanced Computer Services of Central Florida is your local, hometown computer service and repair company that can do more than just fix your PC.  We offer highly skilled professionals who can be counted on to give you sound advice on upgrades, software and hardware, commercial & residential networks, hardwire or secure wireless.

No trip charges within Polk County

No after-hours or weekend fees

$45.00/hr Residential

$65.00/hr Commercial - free system evaluation