Security Digest Oct 9 – 15, 2017

[2 minute read]



two identities

  • Facebook connects real-world identity (which the facebook account is based on to) to anonymous sex worker identity.
    • Even though though sex worker identity uses a different name, email, and not even in facebook, Facebook was able to link the identity to existing facebook account and even suggest her identity to sex groups.
    • It is increasingly difficult to maintain two identities even when you have a legitimate reason to hide your identity.


ie bug

  • Internet Explorer bug leaks whatever you type in the address bar.
    • The flaw was disclosed Tuesday by security researcher Manuel Caballero.
    • Until it is fixed, it is advised to use other browsers.


Screen Shot 2017-10-16 at 9.25.36 AM

  • DoubleLock: New ransomware not just encrypts your Android but changes your PIN lock.
    • It’s a two-stage malware that first tries to wipe your bank or PayPal account and subsequently locks your device and data to request a ransom.
    • Check this video to see how it works.
    • Recovery:
      • For non-rooted devices, users can factory-reset their phone to unlock the phone and get rid of the DoubleLocker ransomware.
      • For rooted Android devices with debugging mode enabled, victims can use Android Debug Bridge (ADB) tool to reset PIN without formatting their phones.
    • In order to protect yourself from such attacks in the future, always download apps from trusted sources such as Google Play Store and use apps by verified developers only.


social security number

  • After Equifax massive breach of credit data, there is a increasing pressure to replace SSNs but it is not easy to do so.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s