Alert for Dell computer owners to update software, two dark web markets closed and a San Francisco school embarrassed.
Welcome to Cyber Security Today. It’s Monday May 6th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com.
Dell computer owners are being warned to update a utility on their machines that could be used by a hacker. It’s called Dell SupportAssist, formerly known as Dell System Detect. It’s a utility that quietly and automatically checks the health of your PC. But a researcher discovered a bug that could allow someone to install malware. He told Dell, which has issued a fix. The update should automatically install, but users should check themselves and make sure it’s the latest version. Or, if you feel you don’t need it, uninstall Dell SupportAssist.
Two European-based dark web marketplaces have been taken down by police on the continent and the FBI. The German-based Wall Street Market, described as the world’s second largest illegal online market, and the Silkkitie SILK-KITTY(also known as the Valhalla Marketplace), based in Finland, have been shut. Wall Street Market sold drugs, stolen data, fake documents and malicious software. Two people in the U.S. have been arrested.
Experts say people are the biggest problem in cyber security. What they mean is people making mistakes, like clicking on a bad link or document in an email. Here’s another recent example: The San Francisco Unified School District recently notified parents that because of a staff error, an electronic document with information on current and some former students at one school — including their names and default access passwords — got sent to everyone on the school’s mailing list. Sounds like someone wasn’t careful when they hit “send” on an email message.
Do you have a Google or Android account? Do you worry about how long Google keeps your location and web activity data? Well, the company will soon add a new control that lets you automatically delete your location history, data on web sites you go to and data apps you use after a set period of time. You can do this now, but not automatically. As the Hacker News notes, this comes after the Associated Press found last year that even if you turn off Location History, Google services on Android and iPhone devices continue to track your movements. It also comes after it was learned last month that Google keeps that location data on a special database that may be accessed by police.
The auto-delete feature will let you set data to be kept for either three or 18 months before being wiped. Or you can delete data sooner, or keep all the data. The new control will be available in the coming weeks.
Finally, attention software developers: If you use the Jenkins software development automation server, make sure any plugins you use are patched. A security researcher has tested over 100 plugins and found security problems. There’s a link to the researcher’s blog with more details here
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.