Open post
Security Bits Logo

Security Bits – USB Restricted Mode, Apple’s Focus on Security in OS Announcements

Followups Telegram have now been able to update their apps on Apple’s non-Russian app stores — nakedsecurity.sophos.com/… The VPNFilter malware/botnet story continues to evolve as security researchers find more router makes and model are affected. Additions to the list include routers by Asus, D-Link, Huawei & ZTE — www.zdnet.com/…, nakedsecurity.sophos.com/… & www.imore.com/… 🇺🇸 As anticipated, […]

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – VPNFilter, CallKit Removal in China, No Telegram Updates in App Store, End of Flash & Silverlight, Papua New Guinea Turns Off Facebook

Followups Spectre & Meltdown Details have been released of a new Spectre variant named Speculative Store Bypass, or SSB. The vulnerability affects AMD, ARM & Intel chips. Thankfully it can be mitigated quite easily, so it’s just a matter of applying software, OS, firmware, and microcode updates as they are released — arstechnica.com/…

Continue readingMore Tag
Open post
Security Bits Logo

Security Bits – Efail, 4th Amendment, Glitch & ThrowHammer, Black Dot & Text-Bomb

Security Medium — The Efail Email Encryption Vulnerability The latest bug with a cool name and a cute logo is Efail, a mashup of the words email and fail. The bug affects encrypted email sent with both of the common email encryption protocols S/MIME & PGP/GPG. Under certain circumstances, the bug allows an attacker to […]

Continue readingMore Tag

Security Bits – SESTA/FOSTA, CLOUD Act, Apple’s HSTS Clever Fix

Followups Cambridge Analytica & Facebook Kerfuffle Followup Additional developments: It’s been revealed that Facebook scraped call and text data from Android phones for years. Technically users did opt in to the collection, but it doesn’t seem to have been informed consent based on the public reaction to the reporting: Facebook scraped call, text message data […]

Continue readingMore Tag

Security Bits – AMD Bugs (AMD Gets Its Turn in the Spotlight (RyzenFall, MasterKey, Fallout & Chimera) & GrayKey

Spectre/Meltdown Update Microsoft have removed the special registry flag which prevented the Spectre/Meltdown patches being applied on machines without AV that explicitly declares itself compatible with the patch. This approach made sense early in the response to these bugs, but it did have an undesirable side-effect, a machine with no AV would never get patched. […]

Continue readingMore Tag

Posts navigation

1 2 3 4 5 6 7 8 9
Scroll to top