Welcome to the FlashRouters Privacy News Center, your one-stop shop for news on worldwide Internet privacy.
Whether it is a hardware vulnerability potentially exposing the privacy of users, a draconian government snooping in on their citizens, or even big company’s data breach, FlashRouters provides a solution for online safety in a constantly changing world. Now, let’s check in on this latest Internet privacy top stories.
According to The New York Times, the city of Los Angeles is suing the popular “Weather Channel” app of selling user data. The city government states that “operators unfairly coerced app users to turn on location tracking.”
However, it was further revealed that user’s location data was being used for commercial purposes, such as targeted marketing. Other weather apps have been subject to similar allegations as well, including Accuweather and WeatherBug.
The Ring, a video enabled “smart-doorbell”, has a history of poorly handling customer’s home video feeds. In 2016, Ring provided its Ukrainian research and development team complete access to every video created by every Ring camera around the world. These video files were unencrypted and were linked to a corresponding database of customers.
Coincidentally, Ring also provided U.S. based executives and engineers total access to the company’s support portal, allowing unfiltered and unrestricted access to live feeds of all their customers. Anyone given this level of access would only require a customer’s email address to be able to watch live footage of their home.
Researchers at Check Point Research uncovered a bug within popular video game Fortnite allowing attackers access user accounts. This bug granted access to accounts after clicking on a suspicious link. Epic Games, developer of Fortnite, was notified of the bug in November and has since patched the bug.
Attackers could potentially use these hijacked accounts to purchase the in-game currency “V-Bucks”. Since the game does not allow simultaneous sign-ins, the hacker could prevent the victim from logging into the account.
A recent discovery by Safety Detective’s research lab found that the Amadeus online reservation system contained a crucial vulnerability. It was found that it was possible to access and change reservations with only a booking number.
This booking system is used by 44 percent of the international carrier’s market. By simply making a small change in the code, attackers could access customer name and flight details, granting access to frequent flyer miles, seats, meals, email addresses, and more.
Amadeus released a statement citing that it had “added a Recovery PTR to prevent a malicious user from accessing travelers’ personal information.” The vulnerability has since been patched.
This month, Australia passed controversial laws granting police and security agencies access to encrypted messages. The government states that this measure is necessary to combat terrorism and crime, but many are concerned that it could undermine the security and privacy of users.
These laws differ to ones in China, Russia, and Turkey, where end-to-end encryption services are banned. For Australians, this law means that police can force companies to create a function to grant them access to encrypted messages without the user’s knowledge.
Companies that do not comply risk being fined.
According to Dror Liwer, chief security officer for Coronet, a cyber-security firm, airports are a target for hackers due to the concentration of “high-value assets.” This includes business travelers and more affluent individuals.
Hackers launch a fake airport Wi-Fi signal to entice unknowing users to connecting to it. Once the user connects to the hacker’s Wi-Fi, they have access to all your information. According to Liwer, the best way to protect yourself on public Wi-Fi networks is to use a virtual private network, or VPN.
The email accounts of four senior aides at the National Republican Congressional Committee were accessed by an outside hacker, party officials state. This event took place during 2018 midterm campaigns, exposing thousands of sensitive emails.
After alerting the committee as well as its cyber-security contractor, an internal investigation was initiated. Luckily, no information accessed during the hack has been exposed to the public.
Smartphone apps are tracking your location in near real-time and selling the information without your knowledge. Some individuals are tracked over 8,600 times, an average of once every 21 minutes. The information is so precise that companies are able to know exactly what you are doing and where you are during the day. This information is accurate within a few yards.
These companies sell and, use, and analyze the data to advertisers, retail outlets, and even hedge funds in order to gather information on consumer behavior. While companies claim that the data is not tied to anyone’s personal data, individuals with access to raw data can attach a name to the data by simply seeing where the device spent the most time.
This week, a security researcher found that nearly 19,500 Orange LiveBox ADSL modems are leaking Wi-Fi credentials. Troy Mursch, co-founder of Bad Packets LLC, states that his company’s honeypots have detected at least one threat actor scanning exclusively for Orange modems.
The attacker is exploiting a vulnerability affecting Orange LiveBox devices. It allows a remote attacker to obtain the Wi-Fi password and SSID for the modem’s internal Wi-Fi network by accessing its configuration file.
This attack can result in on-location proximity hacks and even a way for hacker’s to build an online botnet.
Just last week Amazon emailed users to inform them of a “technical error” that exposed their names and email addresses publicly available. Amazon has not revealed how many users have been affected by the mistake and has began to reach out to those affected.
However, these emails that Amazon has sent are surprisingly brief and offer little to no insight on how the leak happened. While Amazon claims that the error has been fixed and no actions need to be taken on the users’ end, this leak leaves users exposed to phishing attacks and false password reset attempts.
Amazon’s legit been sending out notices saying sorry we exposed your email address. Seems likely related to this https://t.co/21cRB2dHTk… Besides the brevity, what’s giving people pause is they sign the email https://t.co/KDiteRFaeR Why cap the “a” and why no https://? Strange pic.twitter.com/mwty3GmCN1
— briankrebs (@briankrebs) November 21, 2018
Do you have an older home router? Does it have the Universal Plug and Play (UPnP) protocol activated? If you answered “yes” to these questions, then you may be infected with malware developed by the NSA.
Fortunately, the NSA is not behind the plot to infect your router. The malware attack is being sent out by various cyber criminals and hacker groups. This malware has been dubbed “UPnProxy: EternalSilence” by researchers at Akamai, a data management firm. Essentially, this malware can infect old routers via the UPnP protocols and gain direct access to Windows PCs on home and small-business networks.
The best way to combat this attack if you aren’t already infected is to factory reset your router, disable UPnP, and then update your router to the latest firmware.
Researchers at Radboud University in The Netherlands have recently reported that hackers could easily bypass Microsoft’s default encryption on Crucial and Samsung solid state drives. The researchers were able to reverse engineer the firmware on multiple drives and discovered a “pattern of critical issues.”
One issue happens to be that the default master password to decrypt the data was just an empty string. This means that someone could decrypt the drive by just hitting the Enter key on the keyboard. Another issue happened to be that the drive’s password validation check did not work, allowing any password to unlock the drive.
The drives that the researchers found to have these issues include, but are not limited to, Crucial’s MX100, MX200, and MX300 SSDs, Samsung’s T3 and T5 portable SSDs, as well as Samsung 840 EVO and 850 EVO SSDs. These issues likely affect other products, considering that many share the same firmware.
The Marriott International hotel chain stated the Starwood reservation database system had been hacked. This database contained details of up to 500 million guests going as far back as 2014. The hotel group was informed i September that an attempt to access the database was made. An investigation taking place this month confirms that unauthorized access had been made.
The hackers also obtained encrypted credit-card information for some customers, but it is not clear if they will be able to use the payment details. The hack affects customers who made reservations for Starwood hotel brands from 2014 to September of this year. Some of these hotels include Sheraton, Westin, W Hotels, St. Regis, Four Points, Aloft, Meridien, tribute, Design Hotels, Elements, and the Luxury Collection.
Marriott International has since set up a dedicated website and call center for those affected in the breach. They will also be offering a year of free enrollment to Web Watcher to customers that live in the United States, Canada, and Britain. This service will alert people if their information is being sold online.
More Steps To Secure Your Home Network
A FlashRouter provides open-source firmware such as DD-WRT, OpenWRT and TomatoUSB to secure and protect your home network from exploits, whether they come from hackers or snooping governments.