CISA Warns of High-Severity Android Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning of a high-severity Android vulnerability believed to have been exploited by a Chinese app to spy on its users.
This bug allows attackers to escalate privileges on unpatched Android devices without requiring user interaction.
Our Recommendation: Make sure to keep your mobile devices updated with the latest software releases and patches.
OpenAI Confirms ChatGPT Data Breach
ChatGPT creator OpenAI confirmed a data breach caused by a bug in an open source library, causing some exposure of users' chat history and potentially their payment information, as well.
Our Recommendation: If you are a ChatGPT subscriber, make sure to enable MFA for your online banking logins, and set up banking alerts with your financial institutions to stay on top of any unusual activity.
Google Releases a Security Patch to Fix a Zero-day Exploit in Chrome
For the second time this year, Google has released a security update for its Chrome web browser to patch another zero-day exploit. The patch fixes a total of eight vulnerabilities and is available for Windows and Mac users with a Linux version being released soon.
Our Recommendation: Make sure your Chrome browser is consistently being updated. To manually update the browser, go to Chrome settings and select Help > About Google Chrome.
Financial Firm NCR Hit by Ransomware; Some Restaurants Impacted
NCR reported an issue related to its Aloha restaurant point-of-sale (PoS) product on April 12. The company said a limited number of its hospitality customers had been impacted by an outage at a single data center, which may have caused some users credentials to be breached.
Read more
Our Recommendation: Make sure to always use complex passwords and enable MFA on your online accounts to protect against account breaches.