Deep Dive — Operation Triangulation TL;DR — Kaspersky labs have discovered that they, and Russian government officials, were targeted by very advanced iOS malware that completely took over iOS devices for the last 4 years. Apple have patched all the exploited vulnerabilities, regular users were not targeted, and Kaspersky say there is not enough evidence […]
Continue readingMore TagCategory: Security Bits
Security Bits — 26 November 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. The recent wave of malicious Google ads targeting software downloads continues, this time it’s malicious versions of the popular Secure FTP client WinSCP — thehackernews.com/… ❗ Action Alerts Calls to action, if any stories […]
Continue readingMore TagSecurity Bits — 12 November 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Attackers continue to succeed in getting Google to host their malicious ads: Google ads push malicious CPU-Z app from fake Windows news site — www.bleepingcomputer.com/… A final twist in the SolarWinds mega-hack saga: SEC […]
Continue readingMore TagSecurity Bits — 29 October 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Passkeys continue to roll out: Google Adopts Passkeys as Default Sign-in Method for All Users — thehackernews.com/… Amazon adds passkey support as new passwordless login option — www.bleepingcomputer.com/… Deep Dive 1 — iLeakage TL;DR […]
Continue readingMore TagSecurity Bits — 17 September 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. UK backs down from nonsensical law after threats from Apple, WhatsApp — appleinsider.com/… (in a dishonest way, but better than nothing) Deep Dive — LastPass Vaults are Being Cracked (Follow the Money!) It was […]
Continue readingMore TagSecurity Bits — 3 September 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. An excellent overview of the NightOwl saga we mentioned last time: Did the NightOwl app really join Macs to a botnet army? — www.intego.com/… A fresh campaign has been launched to try pressure Apple […]
Continue readingMore TagSecurity Bits — 13 August 2023
Deep Dive — Have-I-Been-Pwnd Domain Search Revamped This is very much glass-half-empty-glass-half-full news. On the one hand, domain searches and domain monitoring have gotten way easier (you had to re-validate your domain for each search before), on the other hand, it’s now a subscription service, but with a generous free tier. What this feature has […]
Continue readingMore TagSecurity Bits — 30 July 2023
Deep Dive 1 — The Updated EU ⬌ US Data Sharing Framework Since the European Court of Justice struck down the Privacy Shield framework that large US-based tech companies relied on to easily transfer data on European citizens to the US in 2020, quiet negotiations have been ongoing to try replace it with an updated […]
Continue readingMore TagSecurity Bits — 9 July 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. We now have more details on how iOS 17’s new Check In safety feature will work: www.macobserver.com/… 🇪🇺 Six companies have confirmed to the EU Commission that they will fall under the Digital Markets […]
Continue readingMore TagSecurity Bits — 25 June 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Thanks to the iOS 17 & macOS Sonoma Betas we now know more about how password sharing in iCloud Keychain will work — www.macobserver.com/… (iOS) & appleinsider.com/… (macOS) Everyone needs to have an iCloud […]
Continue readingMore Tag