Open post
Security Bits Logo

Security Bits – Facebook Token Hack, Bloomberg Amazon & Apple Servers & China, Facebook Uses 2FA Numbers for Advertising

Security Bits – 5 October 2018 Followups 🇺🇸 The CA IoT security law discussed previously has been signed into law — www.theverge.com/… Google have announced plans to further limit what browser plugins can do in an attempt to crack down on the explosion in plugin-based malware we talked about last time — arstechnica.com/… & nakedsecurity.sophos.com/…

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – Cold Boot Attack, Apple’s Anti-Fraud Trust Score, EU Copyright Act Amendments

Security Bits – 21 Sep 2018 Followups Following on from Apple’s belated removal of Adware Doctor for steal users browser history, Apple have now booted three apps from TrendMicro for doing the same, specifically Dr. Cleaner, Dr. Antivirus, and Dr. Archiver. TrendMicro insist it was an innocent mistake due to code re-use, and not malicious […]

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – Forced Smartphone Decryption Breaches 5th Amendment, Apple Fails to Remove Malicious App, Google & MasterCard Sharing Info

Followups Instapaper comes back to the EU at last — www.macobserver.com/… Facebook is refusing to comply with a GDPR data request, so a complaint has been lodged with the Irish Data Protection Commissioner (DPR). The DPR has opened an investigation, but has said the case is likely to get escalated from Ireland to the European […]

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – Zero-Day on macOS, Facebook Rates User Trustworthiness, Facebook’s VPN Was Tracking Users, Excessive Google Tracking, Teenager Hacks Apple

Followups More speculation-based flaws in Intel Chips (Editorial by Bart: as with other recent Spectre/Meltdown variants, there’s no need for home users to panic, just keep your OSes patched. It’s cloud providers that really need to worry about these flaws.) L1 Terminal Fault AKA L1TF – Intel have released mitigations, and they don’t have significant […]

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – Bad Times for Facebook, Data Transfer Project, Bluetooth Bugs, Malware in the Mail

Pre-amble (by Allison) — Bad Times for Facebook Facebook lost $120B in value after their July Earnings call, which is the biggest one-day stock fall in history — marketwatch.com/… One root cause is that European advertising growth in Europe “decelerated more quickly than other regions” because of GDPR. Facebook Chief Financial Officer David Wehner said, […]

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – USB Protected Mode, Exactis Breach

Followups 🇪🇺 EU Copyright Directive: Italy Wikipedia shuts down in protest at EU copyright law — www.bbc.com/… Copyright Directive legislation voted down by European Parliament — nakedsecurity.sophos.com/… (This is not the end of this legislation, but it is a significant setback.) Spectre/Meltdown Another variant has been discovered, but it’s similar enough to previous ones that […]

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – Mostly Good News

Followup Following on from security breaches at the 3rd-party companies all American cell phone companies were sharing real-time location data with, Verizon have announced they are ceasing all location data sharing (the other carriers have ended their relationships with some specifics companies, but not globally like this) — krebsonsecurity.com/… GDPR Fallout & Experiences: The Norwegian […]

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – USB Restricted Mode, Apple’s Focus on Security in OS Announcements

Followups Telegram have now been able to update their apps on Apple’s non-Russian app stores — nakedsecurity.sophos.com/… The VPNFilter malware/botnet story continues to evolve as security researchers find more router makes and model are affected. Additions to the list include routers by Asus, D-Link, Huawei & ZTE — www.zdnet.com/…, nakedsecurity.sophos.com/… & www.imore.com/… 🇺🇸 As anticipated, […]

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – VPNFilter, CallKit Removal in China, No Telegram Updates in App Store, End of Flash & Silverlight, Papua New Guinea Turns Off Facebook

Followups Spectre & Meltdown Details have been released of a new Spectre variant named Speculative Store Bypass, or SSB. The vulnerability affects AMD, ARM & Intel chips. Thankfully it can be mitigated quite easily, so it’s just a matter of applying software, OS, firmware, and microcode updates as they are released — arstechnica.com/…

Continue readingMore Tag

Posts navigation

1 2 3 4 5
Scroll to top