Dear Reader,
Cybersecurity is not just important in a professional context, but it is essential for anyone interacting with a connected device. We depend on it to protect our communication, finances, and other sensitive data. In this month’s newsletter, we have compiled a handful of recent news stories that highlight what can go wrong if one is not mindful of the security risks in personal computing.
What’s lurking in your browser
The extent to which a simple browser extension can compromise security was demonstrated again recently, when a popular Chrome plug-in infected over a million PCs. This is, of course, not just a Chrome issue. The ecosystem of browser extensions is full of adware, spyware, and other malicious things. That’s why it is recommended to keep them to an absolute minimum and only install plugins from sources you trust.
Mind your software sources
Of course, attackers don’t have to take the detour via browser plug-ins if they are inside the browser itself already. One of the ways for attackers to achieve that is to trick you into a malicious download, as happened recently with a tampered version of the TorBrowser. The same recommendation applies here as well: Only download software from trusted sources and think before you click.
Annoying apps may deliver more than just ads
A similar approach to malware distribution uses so called “dropper” apps on your smartphone. Given that many consumers rely on their phones for sending money and performing other financial transactions, one could argue this is even more dangerous. In a recent example, malicious Android apps delivered trojans particularly targeting banking apps and stealing the victims’ financial data.
Sometimes the leak is built-in
Not necessarily a malicious feature, but definitely an unwanted side-effect could be built into your browser by the developers themselves. As Bleeping Computer reports, your browser spellcheck may be transmitting your passwords and other sensitive data. An important reminder to stay vigilant, even if it’s just personal computing, and to disable software features that you do not require.
The crucial double check
In an article for Cybersecurity Magazine last year, Andrea Babbs highlights the importance of implementing a double check to improve email security. However, the basic idea also applies to other scenarios beyond email. Being aware of security risks, remaining alert, and thinking twice about emails, software installations, and online interactions is often the best defense.
-----------------
For our latest video discussion on the security and production systems please see the River Publishers YouTube.
The latest journal articles from River Publishers in all areas of cyber security can be found on the River Publishers website.
https://cybersecurity-magazine.com/
https://www.linkedin.com/showcase/cybersecuritymagazine
@magcybersec
https://www.facebook.com/Cybersecurity-Magazine-100535232117942