Hi there FixMeFans and StartMeStars! We’re bringing you the top cybersecurity stories from the month of August, which range from vulnerabilities found in Google Chrome and Microsoft Exchange to a six-figure cryptocurrency robbery, and how your home security system could be compromised.
A Microsoft employee has sounded the alarm on a massive security breach to Microsoft Exchange email servers. The breach was discovered earlier this year, but apparently, at that time, companies using Microsoft Exchange were not told explicitly which programs to patch. Used in the right combination, these security vulnerabilities can be used to remotely execute code commands, without requiring a password. Fortunately, this issue is patched on the latest version of Windows– yet another good reason to always make sure your system is up to date! You can get the full story here.
A device-hijack bug has been found in the video surveillance network Kalay, a cloud-based technology marketed at sellers of home security devices, including security cameras and smart locks. The Kalay software is installed in the vendor’s firmware, allowing customers to use Kalay to manage and access the existing security devices. This bug can be used to create a new set of authorization credentials– and hack into a customer’s existing video feed. To read more about this hijack bug and find out what to do if you have the Kalay system, click here.
Google has confirmed new, and serious, security vulnerabilities in Chrome 92. This comes after another set of vulnerabilities were reported and patched in July. All 9 vulnerabilities are considered high priority, and 7 were discovered by hackers outside of Google. The good news? These were just ‘vulnerabilities‘, meaning the issues were spotted and patches released before any malicious hackers exploited them. How to get the patch and make sure your Chrome browser is secure? Update, update, update! Read more about these vulnerabilities here.
The biggest cryptocurrency heist in history happened last month: Over $600 million in cryptocurrency was stolen mid-August from Poly Network, a platform typically used for peer-to-peer currency transactions. In a strange turn of events, the hacker decided to return the funds, all but $200 million, which are still located in a password-protected account as ‘insurance’. It is unclear why the hacker had this change of heart, some suspect it is a publicity stunt. However, robberies like this are becoming all too common. Luckily we have some tips to help you stay safe, should you decide to invest in cryptocurrency, here. Curious to read the full story? Click here.
That’s August’s top cybersecurity stories in review. Don’t forget to tune into our next cybersecurity roundup. Any stories catch your eye? Let us know in the comments below!