Security Stories October 13

Update at the bottom: Another team with another cable able to hijack a Mac, among other devices.

The T2 exploit team who found a way to take over the security chip in modern Macs has demonstrated a way to do so without user intervention — using nothing more than a modified USB-C cable.

The ad-hoc team, who call themselves Team t8012 after Apple’s internal name for the chip, believe that nation-states may already be using this approach.

expand full story

Security Stories October 8

FBI warns of hotel Wi-Fi security risks during pandemic

Wi-Fi security risks are always something to consider when using any kind of public hotspot, but the FBI has this week issued a specific warning about working from hotels during the coronavirus crisis …

Security Stories October 6

Speculation that the T2 security chip on modern Macs can be hacked has been confirmed by the team behind the research. A combination of two different exploits would give a hacker the ability to modify the behavior of the chip, and even plant malware like a keylogger inside it.

All Macs sold since 2018 contain the T2 chip, and because the attack uses code in the read-only memory section of the chip, there is no way for Apple to patch it …

expand full story

Security Stories September 25

Twitter security: physical security keys for staff; election protection measures

Twitter security made the headlines for all the wrong reasons back in July, when a major hack saw many high-profile accounts taken over to post a cryptocurrency scam. Affected accounts included Apple, Elon Musk, Joe Biden, and Barack Obama.

The company has now implemented a range of security measures in response, including physical security keys for two-factor authentication of staff with access to accounts …

Security Stories September 23

Face ID is normally a completely seamless way to unlock an iPhone and iPad: just swipe up and it unlocks automatically. At a time when we’re frequently wearing masks, however, it’s rather less seamless.

So we’d like to see Apple allow an unlocked Apple Watch to automatically unlock an iPhone and iPad …

expand full story

Security Stories September 22

Bing user data exposed – includes location, search terms, sites visited

A team of security researchers has found Bing user data exposed on a server owned by Microsoft. The data comes from both iOS and Android versions of the Bing app. The data exposed includes unique user IDs, search queries, location, and even webpages visited as a result of searches …

Powered by WordPress.com VIP