There’s no doubt that Apple’s self-polished reputation for privacy and security has taken a bit of a battering recently. On the security front, Google researchers just disclosed a major flaw in the iPhone, finding a number of malicious websites that could hack into a victim’s device by exploiting a set of previously undisclosed software bugs.
Month: August 2019
Brookline has become the third Massachusetts municipality to call for a ban on the use of facial recognition technology by a municipal government. The proposed ban, put forward in a warrant article by town meeting member Amy Hummel, is likely to be considered by town representatives in November. A statement in support of Hummel’s proposal was issued
by John E Dunn Imagine that an iPhone could be turned into a surveillance tool capable of sending hackers a record of its owner’s entire digital life, including their location in real time, all their emails, chats, contacts, photos and saved passwords. A showstopper of a compromise, and yet according to Google Project Zero researcher
These days it seems that there is a scam for every season, and back-to-school is no different. From phony financial aid, to debt scams, and phishing emails designed to steal your identity information, there are a lot of threats to study up on. Of course, many of these scams are just different twists on the
So your aluminum Series 2 or Series 3 Apple Watch is suddenly cracking around the edges… but you don’t remember bumping it on anything, or being particularly rough with it. Surprise! It might not be your fault at all. Apple says that they’ve determined that “under very rare circumstances”, the displays on aluminum Series 2
If you have an online account with Foxit Software, you need to reset your account password immediately—as an unknown attacker has compromised your personal data and log-in credentials. Foxit Software, a company known for its popular lightweight Foxit PDF Reader and PhantomPDF applications being used by over 525 million users, today announced a data breach
If you were trying to sneak in a quick game on Xbox Live during your Friday afternoon lunch break and found that you can’t get online: don’t worry, you’re not alone. While Microsoft’s Xbox Live Status page still says all things are good to go, reports are pouring in of an outage keeping many users
Fileless malware, BEC, digital extortion and ransomware attacks all grew significantly between 2018 and the first six months of this year, according to new data from Trend Micro. The security giant blocked over 26.8 billion threats in the first half of the year, over 90% of which were email-borne, according to its mid-year roundup report,
As data breaches and ransomware attacks continue to dominate the headlines, so too do stories about the shortage of trained information security professionals. There is a link: The cybersecurity skills shortage means that the skilled human assets needed to fight hackers’ increasingly sophisticated and damaging attacks are just not available, leaving everyone less safe. Recent
by Alice Duckett Episode 6 of the Naked Security Podcast is now live! This week, host Anna Brading is joined by Mark Stockley and Paul Ducklin to discuss jailbreaking iPhones [2’50”], sophisticated Instagram phishing [14’02”] and the latest social media hoax [28’23”]. As always, we love answering your cybersecurity questions on the show – simply
They may not be saying so, but your senior analysts are exhausted. Each day, more and more devices connect to their enterprise networks, creating an ever-growing avenue for OS exploits and phishing attacks. Meanwhile, the number of threats—some of which are powerful enough to hobble entire cities—is rising even faster. While most companies have a
Security researchers at Google say they’ve found a number of malicious websites which, when visited, could quietly hack into a victim’s iPhone by exploiting a set of previously undisclosed software flaws. Google’s Project Zero said in a deep-dive blog post published late on Thursday that the websites were visited thousands of times per week by
In the wake of data abuse scandals and several instances of malware app being discovered on the Play Store, Google today expanded its bug bounty program to beef up the security of Android apps and Chrome extensions distributed through its platform. The expansion in Google’s vulnerability reward program majorly includes two main announcements. First, a
Target’s same-day curbside pickup service, Drive Up, has now reached all 50 U.S. states, the retailer announced on Thursday. The service allows consumers to shop online then pull up to designated spaces at their local store to have their purchases ferried to their vehicle by Target staff. Drive Up has rolled out to Target stores
The cost of global data breaches to victim organizations will rise to over $5 trillion by 2024 as regulatory fines take hold and firms become more dependent on digital systems, according to new predictions from Juniper Research. The figures come from the UK-based market watcher’s latest report, The Future of Cybercrime & Security: Threat Analysis,
VMware is ready to bring its intrinsic security approach to firewalls. Rather than solely tackling the threat of the moment, the age-old technology will focus on reducing the attack surface. The goal is to harden the infrastructure so there are fewer places attackers can break in. “It’s time for security to come up to speed
by John E Dunn With iOS 13 nearing release, Apple users perhaps thought they were done with iOS 12 updates for good. If so, they were wrong. On 26 August 2019, another update was released for the four-week-old iOS 12.4 in the form of iOS 12.4.1. Apple doesn’t describe this as an ‘emergency’ patch –
Introduction As of July 2019, Microsoft has fixed around 43 bugs in the Jet Database Engine. McAfee has reported a couple of bugs and, so far, we have received 10 CVE’s from Microsoft. In our previous post, we discussed the root cause of CVE-2018-8423. While analyzing this CVE and patch from Microsoft, we found that
Residently, the U.K.-based ‘proptech’ startup that is building a rental platform to improve the rental experience, has picked up £7 million in seed funding. Backing comes from Felix Capital, LocalGlobe, and A/O PropTech, along with a number of the startup’s existing angel investors. The new funding will be used to grow the startup’s engineering and
Cybersecurity researchers have discovered over 80 Magecart compromised e-commerce websites that were actively sending credit card information of online shoppers to the attackers-controlled servers. Operating their businesses in the United States, Canada, Europe, Latin America, and Asia, many of these compromised websites are reputable brands in the motorsports industry and high fashion, researchers at Aite
The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here. 1. Peloton files publicly for IPO Peloton previously filed a confidential S-1, but now its IPO documents have been revealed publicly, showing
Google has removed a legitimate-looking PDF creator app with 100 million downloads after security researchers revealed it contained Trojan malware. Igor Golovin and Anton Kivva at Russian AV vendor Kaspersky decided to take a closer look at the popular CamScanner app after multiple negative reviews over the previous month indicated something had gone wrong. “After
by Danny Bradbury Source code management site GitHub is the latest company to support WebAuthn – a new standard that makes logging into online services using a browser more secure. WebAuthn is short for Web Authentication and it’s a protocol that lets you log into an online service by using a digital key. It’s a
Whether you’re a small business owner or a blogger, having an accessible website is a must. That’s why many users look to web hosting companies so they can store the files necessary for their websites to function properly. One such company is Hostinger. This popular web, cloud, and virtual private server hosting provider and domain
Trump said in July that some U.S. suppliers would be allowed to sell to Huawei while it remains blacklisted, but so far no vendors have been allowed to do so. Reuters reports that more than 130 applications have been submitted by companies that want to do business with Huawei, but the U.S. Commerce Department has
Beware! Attackers can remotely hijack your Android device and steal data stored on it, if you are using CamScanner, a highly-popular Phone PDF creator app with more than 100 million downloads on Google Play Store. So, to be safe, just uninstall the CamScanner app from your Android device now, as Google has already removed the
Building exteriors tend to get gross. Dirt clings to the walls. Windows get filmy. Spiderwebs amass. If you live in a particularly humid area, mold and mildew can start to make exterior walls look like a science experiment. On taller buildings, scrubbing it all off generally means bringing a bucket truck, scaffolding, or suspension gear
Apple has released a new iOS security update designed to fix a jailbreak bug which it previously addressed and then accidentally rolled back. The flaw itself, CVE-2019-8605, is a use-after-free vulnerability credited to Ned Williamson working on the Google Project Zero team. The flaw, which could allow an attacker to execute arbitrary code with system
Tanner Harding Reporter, Products Content Published: 26 Aug 2019 Puppet has launched Puppet Remediate — its first vulnerability remediation product. The product aims to reduce the time from vulnerability detection to remediation by unifying infrastructure and vulnerability data, quickly identifying which infrastructure resources are being impacted and taking immediate action to remediate vulnerabilities. Key features
by Naked Security writer Get yourself up to date with everything we wrote last week – it’s weekly roundup time. Monday 19 August 2019 Did Facebook know about “View As” bug before 2018 breach? Multiple HTTP/2 DoS flaws found by Netflix 61 impacted versions of Apache Struts left off security advisories Tuesday 20 August 2019
- 1
- 2
- 3
- …
- 8
- Next Page »