Google to Ban Third Party Extensions for Chrome
Google already has a security mechanism in place which warns users on installing any extension which is hosted on a third party store. But it seems that the mechanism is going to be tighter. From January onwards, users will be able to install extensions only from the official Web Store. The present security mechanism is not agile enough to block malware authors. Malicious extensions from third party source can mess with the settings of the browser, and interfere with the user experience. Google has advised developers to migrate their extensions that are on a third party store to Chrome Web Store before January. Read the complete news here.
Facebook and Microsoft Join Hands in Bug Hunting
Facebook and Microsoft are known for their individual bug bounty programs. This time, it seems, the two companies are rolling out a bug hunt contest together. Winners may take home as much as $5000; all they have to do is point out security holes in technologies which run online communications. These include Web platforms such as OpenSSL, PHP, Perl, and Apache. Developers are also invited to hack the Internet itself. The panel that will be judging the contest will comprise people from Microsoft, Facebook, and Google. Follow this link to know more on the bug bounty program and how to go about it.
CIA buys Customer Data from AT&T, pays $10 million
According to New York Times, AT&T trades customer data with Central Intelligence Agency (CIA) for more than $10 million a year. This data includes certain phone calls which are used to crack down terrorists. The CIA provides the telecom company with phone numbers of potential terrorists. AT&T then runs these numbers through its customer database for call records that can identify the suspects. Reportedly, AT&T is playing a voluntary role in this entire process. Read the official statements given by AT&T and the CIA on this matter, here.
Watch out for the Android Trojan Called Svpeng – It may Phish you!
Svpeng is a banking Trojan that spreads via SMS and spam messages. For now, the malware is targeting users in the USA, Germany, Belarus and Ukraine. This is how it works. Once the victim launches their banking app in their infected mobile, the malware overlaps the current window with its window to snatch the user name and password. Svpeng plays a similar stunt with Google play users. When the victim launches the Google play app, the malware presents a window urging the user to feed in their credit card information. The stolen information is then sent to the attacker. Stay safe from such apps by reviewing them before installing, getting them from official stores, and using a reliable mobile antivirus software.