FixMeStick’s Weekly Cybersecurity Round-Up: July 29th-Aug 4th

It’s Cybersecurity Round-Up time, FixMeFans. Last week was bustling in the world of cybersecurity, what with Capital One’s massive data breach, Apple facing criticism for vulnerabilities in both Siri and iMessage, and some new stats on the unsettling rise of phishing scams. Stay security-savvy and up-to-date by reading our round-up below!

Image result for capital one

Capital One announced a massive data breach last week. Customer information such as credit card application data, transaction history, contact information, as well as credit scores, limits and balances were hacked by software engineer Paige Thompson.

The breach is estimated to have affected 100 million users in the US, and 6 million in Canada. To read the full story and find out how to protect yourself, check out the blog article we wrote on the breach last week.

Could Siri be listening to you all the time? The Guardian published a story last week that raised concerns over Apple’s voice assistant feature (more popularly known as Siri) recording you even when you’re not talking to it.

A contractor that works with Apple told the Guardian that incidents where Siri records you without you knowing are part of a quality control testing program called ‘grading’. These private conversations are then sent to Apple, where employees listen to, analyze and record them to test Siri’s accuracy. Pretty scary stuff!

This is a direct invasion of privacy, and Apple has now responded by suspending the program until they find a better, more honest way to test out Siri’s capabilities. Are you an iPhone user? Get caught up on the full story here

If Siri’s shady spying habits weren’t enough for Apple to deal with last week, researchers from Google’s Project Zero also revealed a bug in Apple’s iMessage that lets attackers read data from a targeted iPhone without any user interaction.

Apple has since patched the error, but researchers will be monitoring the iOS interface closely to make sure iPhone users are safe from outside attacks in the future.

The fashion trading platform StockX was hacked last week, but they weren’t exactly honest about it. StockX sent its users a vaguely worded password reset email on Thursday, passing it off as necessary for ‘system updates’.

However, TechCrunch received information from another source claiming that more than 6.8 million records were stolen by a hacker from StockX in May and user data was put up for sale on the dark web. The data included names, email addresses and other user information.

The StockX hack is a good example of how companies will almost always choose protecting their reputations over protecting their users. Don’t rely on others to stay safe online, become a cybersecurity expert with our Internet Safety 101 guide

According to an article published by Forbes this week, sextortion campaigns are on the rise. Sextortion is a type of phishing scam where payment is demanded through threats to release incriminating (and often false) evidence of victims using pornographic websites.

Researchers have revealed that over 7 million email addresses have been affected by sextortion in the first half of 2019. Could you be targeted by this kind of attack? Read on to find out.

Love our Cybersecurity round-up? Share it with your friends on Facebook to keep all your loved ones informed and protected! Check back next week for updates on these stories and more.