Alright, everyone, this week has been a whopper. I didn’t foresee Facebook Messenger adopting full user encryption, but it’s definitely time. And Apple’s move to auto-updating macOS? We can only wait and see how users react. Catch up on those stories and more in this week’s edition of the Threat Recap. Here are five of the major security stories happening this week.
Facebook Messenger Adopts Full User Encryption
Facebook has been rolling out end-to-end encryption for all of its nearly 1 billion Messenger users. This type of encryption allows users to maintain completely private conversations and even enables users to have message “expire” after a predetermined amount of time. While encryption is still an opt-in feature, it is definitely a step in the right direction for keeping users’ sensitive information private.
Apple Moving Towards Updating macOS Automatically
Following the path of Microsoft, Apple has announced that they will begin pre-downloading new macOS updates automatically, without any indication to users. While Microsoft’s attempts to auto-upgrade users to Windows 10 wasn’t as successful as anticipated, Apple hopes that users will be more inclined to follow through with the upgrade since it’s already been silently installed.
Hutton Hotel Warns Customers of Payment Breach
In a year filled with payment processing breaches, yet another hotel has been forced to announce that their systems had been compromised. The Hutton Hotel in Nashville has warned customers from the past year to be vigilant of any fraudulent charges made using their credit cards and has offered free credit monitoring to all patrons who made purchases on-site in the last several years. While the investigation is underway, officials are still unclear as to how the breach occurred or how long ago it may have taken place.
New Iteration of WildFire Ransomware, Dubbed Hades Locker
When WildFire Locker’s servers were taken offline in August, many hoped it would lead to a decline in user ransoms. Unfortunately, the developers were not apprehended and have released Hades Locker, a new ransomware variant that is largely based around WildFire. Once executed, Hades Locker will begin encrypting all files on any mapped drives and appending file extensions to include “.~HL”, while also removing any shadow volume copies to prevent local file recovery.
DressCode Android Malware Found on Google Play Store
Recently, researchers have discovered dozens of popular apps currently on the Google Play store that are infected with DressCode malware. Once the app is installed, DressCode is able to connect the device to a botnet that is being used to drive click fraud. Additionally, DressCode can be harmful if connected to home and work networks, as it has the capability to download sensitive information it finds, along with accessing other devices that are on the network.