Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Pegasus/NSO Group: Apple may have patched flaw used by Pegasus in iOS 14.7.1 — www.imore.com/… Pegasus spyware maker investigating misuse, halts access for several governments — www.imore.com/… Backup Tool ‘iMazing’ Updated to Detect Pegasus […]
Continue readingCategory: Security Bits
Security Bits — 24 July 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. The PrintNightmare story continues to evolve with yet another privilege escalation bug being found in the print spooler — it’s now more important than ever to follow Microsoft’s advice and stop and disable the […]
Continue readingSecurity Bits — 11 July 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. The Western Digital story from last time has continued to evolve: More devices are affected: Another 0-Day Looms for Many Western Digital Users – Krebs on Security — krebsonsecurity.com/… But there have also been […]
Continue readingSecurity Bits — 27 June 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 Two years ago First American Financial made the news for leaking sensitive financial data on more than 800 million documents for people who bought or sold a house in the preceding 16 years. […]
Continue readingSecurity Bits — 13 June 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Last time we learned Facebook abuse EXIF data to track users’ locations even when they ask not to be tracked. The day after we recorded this excellent article came out explaining how to strip […]
Continue readingSecurity Bits — 30 May 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 Hot on the heels of the Colonial Pipeline hack, the US Department of Homeland Security (DHS) has published cybersecurity rules for pipeline operators — www.macobserver.com/… Vizio’s questionable privacy stance has come up a […]
Continue readingSecurity Bits — 16 May 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Twitter is continuing its moves to nudge people on its platform towards being better netizens by adding a dialogue to their mobile app warning users when they use potentially abusive language in replies — […]
Continue readingSecurity Bits — 2 May 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Apple are letting Parler back into the iOS AppStore, they have apparently sufficiently reformed their moderation practices — www.imore.com/… SolarWinds are changing their name to N-able! — www.n-able.com/… Deep Dive(s) ❗ Action Alerts Calls […]
Continue readingSecurity Bits — 18 April 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇬🇧 (🏴 & 🏴) Both Apple & Google have stopped the NHS from publishing an update to their COVID app to insert location tracking. This is expressly forbidden in their COVID exposure notification API […]
Continue readingSecurity Bits — 4 April 2021 Including Deep Dive on Firefox’s SmartBlock
Security Bits — 4 April 2021 Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 Following on from the excellent Motherboard reporting last time that showed how easy it was to hijack the SMS messages destined for a US cellphone number, the […]
Continue reading