- Few millions Android users caught in virtual keyboard app data breach
Several researchers came across personal data of 31 million Android users of the keyboard app Ai.type after finding an open database online. The app offers themed keyboards for phones and tablets. The researchers claimed data left visible included names, phone numbers, locations and Google queries. The boss of the Israeli company behind the app admitted the breach but said most of the data was not sensitive.
2. Hosting developers targeted in ‘PARSEDROID’ POC Attack
After extensive research, a proof of concept attack has been found that could impact millions of users integrated with development of environments such as Intellij, Eclipse and Android Studio. These attacks can also be carried out against servers hosting for development environments in the cloud. The attack vector was identified as a proof of concept (PoC) it is calling ParseDroid.
- Google Patches critical Encryption bug affecting Pixel and Nexus phones
Google patched a critical encryption bug found on its Pixel, Pixel 2 and Nexus phones this week along with ring 49% other fixes, part of its December Pixel / Nexus Security Bulletin. One of the patches (CVE-2017-13167) is for an elevation of privilege vulnerability and four others could open the door for a denial of service attack, according to Google.
- Delhi University launches Cyber Security courses
After the statutory bodies received necessary approvals from Delhi University would launch a cyber-security course. It will cater to the niche domain of cybersecurity with a unique combination of cyber laws and security measures. The course is likely to start from February 2018, an official source confirmed, and classes will commence from March. The course will be held in two semesters will six papers in each.
- Number of retailers still looking for data breach response plan
The shopping season is in full swing this December and the growing number of retailers hit with data breaches. A recent survey has found that a large number of retailers still have zero data breach response plan. The overall retailers questioned had increased their ability to handle a cyber-security problem and secure customer data. 51% of the surveyed retailers had a plan but it was untested and 21% reported that their organization did not even have a data security plan.
