Security News

Facebook releases Ray-Ban Stories

Plus, Apple patches against Pegasus and the FTC warns about LGBTQ+ dating app scams

The newest wearable tech on the market is a pair of glasses that can record 30-second videos and take photos, the result of a collaborative effort between Facebook and Ray-Ban. The glasses, called Ray-Ban Stories, are “designed for frictionless media capture of the world around you” according to Wired. The reporters who tried them out said the glasses are lightweight and very simple to operate. The reporters also noted that the LED indicator light on the front of the glasses, intended to alert anyone nearby that the glasses were recording, is exceptionally dim, making it potentially easy to record covertly.

“This is the end of privacy in the physical world,” commented Avast’s Luis Corrons. “And I’m not saying this because of Facebook’s disastrous mismanagement of users’ privacy; these are just the first of a number of smart glasses that are going to flood the market over the next several months, devices that can record video and audio without people being aware of it.” The glasses were released this week, and they sell for $299.

Apple releases patch against Pegasus spyware

Just a week before the newest iOS comes out, Apple released a security update for iPhones, iPads, Apple Watches, and Mac computers that patches a vulnerability reportedly exploited by Pegasus spyware, put out by Israeli security company NSO Group. The zero-day, zero-click exploit, nicknamed ForcedEntry, comes in the form of a malicious PDF sent via iMessage. Pegasus is a spyware capable of accessing and recording texts, videos, photos, and web activity, as well as passively recording and scraping passwords on a device. For more on this story, see CNET

Phony Walmart release claims to accept Litecoin

A fake release published through a legitimate press channel announced that Walmart was going to begin accepting Litecoin cryptocurrency as payment. The phony news was amplified by several news websites and press agencies before Walmart told news outlets that the announcement was “inauthentic.” The Litecoin Foundation later confirmed on Twitter that no such partnership exists. Globe Newswire issued a statement saying “a fraudulent user account was used to issue an illegitimate press release.” While the source of the release is still unknown, the price of Litecoin jumped about 30% after the announcement, before falling back down to its typical price. For more, see BBC News

AARP lists warning signs for fraudulent apps

Because fraudulent apps are so prevalent these days – apps designed to steal your data, money, identity, or all three – AARP has published a list of “warning flags” to help users identify these scams. At the top of the list is to consider where you got the app. If it was from any source that is not an official app store, be wary. Official app stores have security screenings, so malicious apps will usually avoid them and sell on other platforms. Another tip given by AARP is to carefully investigate what is free. Some apps, known as fleeceware, will claim to be free, but then charge the user exorbitant hidden fees. AARP also suggests reading recent reviews and comments before downloading the app. 

FTC warns of LGBTQ+ extortion scams

The U.S. Federal Trade Commission warned consumers that scammers are using LGBTQ+ dating apps to find victims for extortion scams. After posing as a potential romantic partner on the app, the scammer “chats with you, quickly sends explicit photos, and asks for similar photos in return,” the FTC wrote. “If you send photos, the blackmail begins. They threaten to share your conversation and photos with your friends, family, or employer unless you pay – usually by gift card.” The FTC offers the following tips to avoid the scams: check out who you’re talking to, don’t share personal information with someone you just met on a dating app, and don’t pay scammers to destroy photos or conversations. 

This week’s ‘must-read’ on The Avast Blog

With 61% of the world's population now online, we must commit to a digital world that respects our right to privacy and security online in order to achieve digital freedom. Avast CEO Ondrej Vlcek explains how Avast is shaping the digital landscape to be a fairer, freer, more equitable place for all.