Deep Dive — Security & Privacy Highlights from WWDC As with most things WWDC, this is a glimpse of the future rather than new tools we get to use today, but I think it’s still worth taking a little time to look at some of the security and privacy enhancements Apple announced. Apple’s current Communications […]
Continue readingMore TagTag: vulnerabilities
Security Bits — 19 March 2023
Deep Dive — Critical Android Base-Band Vulnerabilities❗ TL;DR: this is bad — remote code execution without user interaction over the cellular network, combined with the usual level of security confusion that goes with Android’s model. Unless your Android device is on the list of known-patched devices, or unless your vendor has explicitly announced that they […]
Continue readingMore TagSecurity Bits — 5 Feb 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Anker admits that Eufy cameras were never encrypted — appleinsider.com/… Apple have released their support for hardware Fido tokens for iCloud 2FA — sixcolors.com/… Editorial by Bart: remember that this feature comes with a […]
Continue readingMore TagSecurity Bits — 25 September 2022
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 Google have gotten SEC approval to pilot their controversial political ad spam by-pass feature with a limited number of campaigns in this year’s US mid-term elections — appleinsider.com/… 🇺🇸 The recent revelations of […]
Continue readingMore TagSecurity Bits — 3 August 2022
❗ Action Alerts Calls to action, if any stories in this section are relevant to you there is some action you should take. SAMBA have patched a critical bug in their open source implementation of Microsoft’s Active Directory, if you use SAMBA, patch ASAP! — nakedsecurity.sophos.com/… The commonly used open source crypto library GnuTLS has […]
Continue readingMore Tag
NC #890 Choosing a VPN, Security Bits with Bart Busschots
Hi, this is Allison Sheridan of the NosillaCast Apple Podcast, hosted at Podfeet.com, a technology geek podcast with an EVER so slight Apple bias. Today is Sunday, May 29, 2022, and this is show number 890. mp3 download June 6th is the WWDC Keynote, and as always, Steve and I will be in the live […]
Continue readingMore TagSecurity Bits — 9 January 2022
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Log4Shell (Log4J): Log4Shell-like security hole found in popular Java SQL database engine H2 — nakedsecurity.sophos.com/… 🇺🇸 FTC threatens “legal action” over unpatched Log4j and other vulns — nakedsecurity.sophos.com/… 🇬🇧 Meta (né Facebook) have decided […]
Continue readingMore TagSecurity Bits — 1 October 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇫🇷 Pegasus spyware found on 5 French cabinet members’ phones — www.intego.com/… Social Media Developments: Facebook pauses Instagram Kids development following widespread concerns — www.imore.com/… YouTube Is Banning Prominent Anti-Vaccine Activists and Blocking All […]
Continue readingMore TagSecurity Bits — 11 July 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. The Western Digital story from last time has continued to evolve: More devices are affected: Another 0-Day Looms for Many Western Digital Users – Krebs on Security — krebsonsecurity.com/… But there have also been […]
Continue readingMore TagSecurity Bits — 21 March 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. An interesting timeline of the Microsoft Exchange mega-attack discussed last time (Editorial by Bart: it really begs the question ‘what took Microsoft so long?’) — krebsonsecurity.com/… Bloomberg Report that when Parler (the social media […]
Continue readingMore Tag