Select 15 Inch Macbook Pros Banned From Flights By FAA

According to Apple, the 15 Inch MacBook Pros sold between September 2015 and February 2017 have a serious battery issue that makes them prone to fire.

When the company discovered the issue in June of this year (2019), they issued a recall and urged all MacBook Pro owners to check the serial number of their computers to see if the battery needs to be replaced.

Recently, the FAA (Federal Aviation Administration) concluded their own investigation into the matter and concluded that the issue was serious. So serious that the agency alerted all US airlines, pointing to the rules issued in 2016 that prohibit them from transporting any products that have been recalled over safety issues in either the cabin or as cargo until the products have been replaced or repaired.

The language could not have been clearer:  This is a ban on the impacted MacBook Pros.  If you're a frequent flyer and you use one of the recalled MacBook Pros, be aware that it's going to complicate your life the next time you fly unless you can prove that you've had the battery replaced and your computer is no longer a safety risk.

In terms of scope and scale, according to the US Consumer Product Safety Commission, Apple sold more than 400,000 of the impacted devices in the United States, and more than 26,000 of them in Canada.

This is certainly not the first time an issue like this has come up, nor is this the first time the FAA has issued a ban on a specific piece of equipment.  Back in 2016, Samsung's Galaxy Note 7 received similar treatment after consumers began reporting that the phone's lithium-ion batteries were prone to exploding or catching fire.  The issue got so bad that Samsung ultimately cancelled the device altogether and brought it back to the drawing board to rework.

In any case, if you own a MacBook Pro, it pays to head to Apple's site and check the serial number to be safe.

CafePress Users Are Latest To Have Information Breached

Hardly a week goes by that we don't see another major data breach making the headlines.

The latest company to fall victim to hackers is CafePress.

They are well-known on the internet for offering a platform where users can create their own customized coffee mugs, tee shirts and the like.

The company didn't make a formal announcement about the breach, and users only became aware of it when they started getting notifications from Troy Hunt's "Have I Been Pwned" service. Once word started leaking out, Hunt joined forces with security researcher Jim Scott, who had worked with Hunt in the past tracking down other data breaches.

Working together, they discovered a de-hashed CafePress database containing nearly half a million accounts was being sold on black hat forums.  The researchers could not confirm, however, if these records were related to the most recent breach, or some previous one.

In any case, as they probed more deeply, they discovered that the company was actually hacked back in February of this year (2019), and that it was a significant breach. That breach exposed more than 23 million user records.  Based on their findings, the hack exposed email addresses, names, passwords, phone numbers and physical locations.

To date, CafePress has not made a formal announcement about the matter, nor acknowledged the breach in any way. Although if you are a CafePress user, you will be forced to reset your password the next time you log on.

While that's a good step, it's completely at odds with the company's clumsy handling of the issue.  Password resets are not breach disclosures and notifications, and shouldn't be treated as such.  File this away as an example of how not to handle a breach if your company is hacked.

Playing Videos Could Allow Hackers Into Your Phone

Do you have an Android device?  Are you running Android Nougat, Oreo, or Pie (versions 7x, 8x, or 9x)?  Do you play games on your phone?

If you answered yes to those questions, you may have a problem. It is a bigger problem given that there are more than a billion devices currently in service running one of those operating systems.

A carefully crafted, innocent-looking video file could be embedded in a game app and could compromise your system, thanks to a critical vulnerability.

 

Full Article: https://www.aimcybersecurity.com/2019/08/12/playing-videos-could-allow-hackers-into-your-phone/

 

Update iPhone to Avoid Possible iMessage Bug

People like and tend to gravitate to Apple products because the company has gone to great lengths to make their products are highly secure.

Sure, you pay more for them, but most people justify the added expense because a) they look better and are better designed than competing products and b) they've got a reputation for being more secure.

Unfortunately, even the most secure technology isn't immune to hacking and other problems.  In the not so distant past, we've seen reports of clever hackers finding ways of bricking Apple smartphones and causing other types of mayhem.  One of the more recent iterations of this involved a bug in Apple's iMessage system. The bug allowed hackers to send a carefully crafted message that made heavy use of special characters that could turn an expensive iPhone into a paperweight.

Full Article:

https://www.aimcybersecurity.com/2019/08/05/update-iphone-to-avoid-possible-imessage-bug/

 

New Phishing Scam Targets Your Amazon Account

McAfee researchers have discovered a new version of the 16Shop phishing kit in use by hackers around the world. According to the latest research, there are now more than 200 URLs currently being used by hackers to collect login information from Amazon customers. The methodology the hackers are using is simple. The hackers craft an email that appears to come from Amazon that indicates a problem with the user's account.

Ironically, most of the emails claim that an unauthorized login was attempted on the user's account and the email recommends that the user log in immediately to check and make sure nothing has been tampered with.

 

Full Article: https://www.aimcybersecurity.com/2019/08/01/new-phishing-scam-targets-your-amazon-account/