Followups Australia’s controversial anti-encryption law has come into effect — www.macobserver.com/… Sprint to Stop Selling Location Data to Third Parties After Motherboard Investigation — motherboard.vice.com/…
Continue readingCategory: Security Bits
Security Bits – 11 January 2019
Followups CastHack Hackers hijack thousands of ChromeCasts to warn of latest security bug — techcrunch.com/… https://nakedsecurity.sophos.com/2019/01/04/dont-fall-victim-to-the-chromecast-hackers-heres-what-to-do/ — nakedsecurity.sophos.com/… Marriott now admits over 5 million passport numbers were stolen in their recent data breach — www.macobserver.com/… The first segment on episode 120 of the Checklist podcast by Secure Mac covers the convincing new phone scams targeting […]
Continue readingSecurity Bits – 3 Jan 2019
Notable Security Updates Microsoft released an emergency fix for an IE Zero-day — krebsonsecurity.com/… Logitech have released a critical security update for their Logitech Options app (used to configure some of their devices). Unfortunately the fix was two days too late, coming two days after Project Zero released details of the bug (time was up) […]
Continue readingSecurity Bits – 14 December 2018
Followup Bloomberg’s controversial The Big Hack story SuperMicro released the results of an independent audit which found no evidence of hardware or software tampering on its motherboards — www.reuters.com/… & arstechnica.com/… The Marriott Breach Marriott Data Breach Is Traced to Chinese Hackers as U.S. Readies Crackdown on Beijing — www.nytimes.com/… An interesting related opinion piece […]
Continue readingSecurity Bits – 24 November 2018
Notable Security Updates Adobe have issued an emergency patch for a critical bug in Flash — nakedsecurity.sophos.com/… Patch Skype for Business now or risk DoS via emoji kittens! — nakedsecurity.sophos.com/… Update now! Dangerous AMP for WordPress plugin fixed — nakedsecurity.sophos.com/… Microsoft pulls Office patches that are causing application crashes. Office365 users don’t need to take […]
Continue readingSecurity Bits – 15 November 2018
Followups 1 — The Windows 10 Fall 2018 has been Re-released After having to withdraw the update due to a bug that led to accidental file deletions in a very small number of edge cases, Microsoft have now released a fixed version — arstechnica.com/…
Continue readingSecurity Bits – 02 November 2018
Followups Apple CEO Tim Cook Is Calling For Bloomberg To Retract Its Chinese Spy Chip Story — www.buzzfeednews.com/… 🇬🇧 Facebook fined £500K for Cambridge Analytica saga — nakedsecurity.sophos.com/… Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks — krebsonsecurity.com/…
Continue readingSecurity Bits – Google Plus Data Breach, SSH Vulnerability, WhatsApp and D-Link Vulnerabilities, Apple Privacy Portal
Followup The Facebook hack: Facebook October 2018 security breach: Everything you need to know — www.imore.com/… Facebook opens up about data breach details — nakedsecurity.sophos.com/…
Continue readingSecurity Bits – Facebook Token Hack, Bloomberg Amazon & Apple Servers & China, Facebook Uses 2FA Numbers for Advertising
Security Bits – 5 October 2018 Followups 🇺🇸 The CA IoT security law discussed previously has been signed into law — www.theverge.com/… Google have announced plans to further limit what browser plugins can do in an attempt to crack down on the explosion in plugin-based malware we talked about last time — arstechnica.com/… & nakedsecurity.sophos.com/…
Continue readingSecurity Bits – Cold Boot Attack, Apple’s Anti-Fraud Trust Score, EU Copyright Act Amendments
Security Bits – 21 Sep 2018 Followups Following on from Apple’s belated removal of Adware Doctor for steal users browser history, Apple have now booted three apps from TrendMicro for doing the same, specifically Dr. Cleaner, Dr. Antivirus, and Dr. Archiver. TrendMicro insist it was an innocent mistake due to code re-use, and not malicious […]
Continue reading