Security

1,182 'Security' stories July 2011 - August 2019

See All Stories

Facebook beefing up election interference measures, but researchers unhappy

Ben Lovejoy Aug 28 2019 - 4:28 am PT

Facebook boosts countermeasures for election interference in 2020

Facebook said today that it is beefing up its measures designed to prevent foreign interference in the 2020 presidential election. Election interference by foreign states was found to have played a role in 2016.

A declassified version of a joint intelligence community report revealed that the CIA, FBI, and NSA all agree that Russia interfered in the 2016 US presidential election with fake social media posts and other activities. A number of individuals were subsequently charged with criminal offenses as a result of investigations into this…

Expand
Expanding
Close

Lightning security key iPhone iPad YubiKey 5Ci

First dual security key launches with Lightning and USB-C, works with iPhone, iPad, Mac, more

Michael Potuck Aug 20 2019 - 6:12 am PT

After previewing the first Lightning security key for iPhone and iPad back at CES in January, Yubico has launched its YubiKey 5Ci today. The new hardware security key offers both Lightning and USB-C and is compatible with macOS, iOS, and more.

Expand
Expanding
Close

Security

Serious Bluetooth security flaw officially acknowledged; now patched by Apple

Ben Lovejoy Aug 16 2019 - 6:48 am PT

Bluetooth security flaw requires updated spec

A serious Bluetooth security flaw has been acknowledged by Bluetooth SIG, the official body in charge of standards for the wireless communications technology. It is sufficiently dangerous that the official Bluetooth specification has been changed.

The vulnerability would make it far easier for an attacker to brute-force a pairing with your devices…

Expand
Expanding
Close

Facebook aware of hack risks

Facebook warned staff of 2018 hack risk, but not users, says court filing

Ben Lovejoy Aug 16 2019 - 4:51 am PT

A court filing says that Facebook warned staff of the risk that led to a huge security breach that last year allowed hackers to access almost 29 million accounts — but failed to warn its users…

Expand
Expanding
Close

Location-based dating apps can put privacy at risk

Location-based dating apps allow users to be tracked just from their username

Ben Lovejoy Aug 13 2019 - 5:08 am PT

A number of location-based dating apps can be used to track the real-time locations of users, armed with nothing more than their username and the official API…

Expand
Expanding
Close

Security researchers demonstrate how to bypass Face ID with glasses and tape

Chance Miller Aug 8 2019 - 5:37 pm PT

At the Black Hat security conference today, researchers demonstrated a unique way to bypass Face ID authentication. The foundation of the bypass is a pair of glasses with tape on them, and the Attention Detection feature of Face ID.

Expand
Expanding
Close

Apple vastly expands security bounty program: higher payouts, ‘dev’ devices, Mac support

Michael Potuck Aug 8 2019 - 1:18 pm PT

Apple bug bounty

After hearing rumors about Apple expanding its bug bounty program earlier this week along with expectations for the company to start giving out dev devices like iPhones to security researchers, Apple has confirmed at the Black Hat conference today a vast expansion to its bounty program along with opening it up to all.

Expand
Expanding
Close

WhatsApp security flaws can fake messages from you, and there’s no fix

Ben Lovejoy Aug 8 2019 - 6:05 am PT

WhatsApp security flaws can't be fixed

WhatsApp security flaws revealed by security researchers at this year’s Black Hat conference would allow someone to fake messages from you.

Check Point Research says that it found three different ways to exploit the vulnerability, including the ability to put words in your mouth…

Expand
Expanding
Close

Latest Spectre and Meltdown affects Windows PCs only

PSA: Latest Spectre and Meltdown scare only affects Macs running Windows

Ben Lovejoy Aug 7 2019 - 4:46 am PT

Spectre and Meltdown — bugs created by a major security flaw in Intel and ARM chips — are back in the news today. Both Microsoft and Apple issued patches, but a new exploit has been discovered…

Expand
Expanding
Close

Report: iOS 13 to limit VoIP API for apps like Facebook and WhatsApp, eliminate background activity

Michael Potuck Aug 6 2019 - 11:23 am PT

Apple privacy

A new report today from The Information details a change coming with iOS 13 that will force WhatsApp and others to redesign their messaging apps. The small but notable change has to do with how third-party apps use iOS to make internet voice calls with the PushKit VoIP API and also run in the background which will be restricted come this fall.

Expand
Expanding
Close

Security

Report: Apple to provide ‘pre-jailbroken’ iPhones to researchers, launch macOS bug bounty program

Chance Miller Aug 5 2019 - 6:22 pm PT

Apple security

Apple is reportedly set to provide security researchers with unique iPhone models that would allow them to more easily find weaknesses in iOS. Forbes reports that Apple will make this announcement at the Black Hat security conference later this week.

Expand
Expanding
Close

Guardian Firewall VPN iOS

Guardian VPN privacy app for iOS now open to the public, including lite version

Michael Potuck Aug 5 2019 - 10:16 am PT

After launching for a limited amount of users back in June, Guardian Firewall + VPN for iOS has now been made available to the public. The popular app features both intelligent firewall and VPN functionality, gives alerts when companies try to track you, and more. If you’d like to test out the app before paying for a subscription, there’s also a free lite version.

Expand
Expanding
Close

Apple reviewing Siri audio grading practices, will let users opt out in future

Benjamin Mayo Aug 1 2019 - 11:30 pm PT

How to stop Apple from listening to Siri recordings

Apple has announced in a statement that it is suspending the program which entailed human Apple contractors listening and grading a sample of Siri responses for quality control.

The company is conducting a thorough internal review of its Siri policies, and it will reinstate (a presumably different form of) Siri grading when it is finished. When Siri grading returns, users will be able to choose to opt-out of grading.

Expand
Expanding
Close

AirDrop security flaw can allow bad actors to see your phone number [Video]

Ben Lovejoy Aug 1 2019 - 5:59 am PT

AirDrop security flaw demonstrated

An AirDrop security flaw can allow anyone with a laptop and scanning software to see your phone number. The same is true when you share a Wi-Fi password from your iPhone.

Doing the same from a Mac reveals its permanent MAC address instead…

Expand
Expanding
Close

American online scam victims map

Americans lost over $2.4 billion in online scams last year, new report claims

Michael Potuck Jul 31 2019 - 3:48 pm PT

A recent report from CenturyLinkQuote looks at the amount of money Americans lost last year in online scams that were reported to the FBI. Along with the massive total of $2.4 billion in losses, the report breaks down which states had the highest victim rates and highest average losses per victim.

Expand
Expanding
Close

Prison for selling 40,000 fake Apple products

Guy who smuggled 40,000 fake Apple products into US gets three years in prison

Ben Lovejoy Jul 31 2019 - 6:06 am PT

A Chinese national living in the US has been sentenced to 37 months in prison after being convicted of smuggling 40,000 fake Apple products into the country from China …

Expand
Expanding
Close

Six serious ‘zero interaction’ vulnerabilities found in iOS; one not yet fixed

Ben Lovejoy Jul 30 2019 - 4:10 am PT

zero interaction vulnerabilities found in iOS

Google security researchers have discovered six so-called ‘zero interaction’ iOS vulnerabilities – bugs that can allow an attacker to take control of the phone without the user having to do anything other than receive and open a message.

Five of them have been fixed in iOS 12.4, but Apple has not yet been able to completely close the sixth one …

Expand
Expanding
Close

Lockdown iOS firewall open source

Lockdown launches as world’s first open source firewall for iOS

Michael Potuck Jul 24 2019 - 10:01 am PT

The team behind the open source ConfirmedVPN that launched last December is out today with another security-focused app for iOS called Lockdown. The new free app is what the developer says is the first open source firewall and works completely on device to block apps from crypto mining, sharing data with Facebook, and can block custom domains as well.

Expand
Expanding
Close

Bluetooth flaw allows iPhones, iPads, Macs, Apple Watch, and more to be tracked

Ben Lovejoy Jul 18 2019 - 7:04 am PT

Bluetooth flaw affects most Apple devices, Win 10 & Fitbit

A Bluetooth flaw has been discovered that would allow a bad actor to track a wide range of devices — including iPhones, iPads, Macs, and Apple Watches.

Other vulnerable devices are laptops and tablets running Windows 10, and Fitbit wearables. Android devices are, however, not at risk …

Expand
Expanding
Close

Democrats warn presidential candidates, call for FBI to investigate FaceApp

Ben Lovejoy Jul 18 2019 - 4:23 am PT

Call to investigate FaceApp

US Senate Minority Leader Chuck Schumer (D-NY) has officially called on the FBI and FTC to investigate FaceApp, citing national security concerns.

The controversy over FaceApp, which allows users to choose a photo and then have the app make them look younger or older, began with what turned out to be a false alarm…

Expand
Expanding
Close

Mac webcam hijack affects RingCentral and Zhumu as well as Zoom [U]

Ben Lovejoy Jul 16 2019 - 4:20 am PT

Mac webcam hijack vulnerability present in multiple apps

Update: Apple is pushing a new security update to remove these webservers too.

The Mac webcam hijack flaw discovered in the Zoom video conference app is also present in RingCentral and Zhumu.

The evidence also suggests that the same vulnerability will exist in other Mac video conferencing apps …

Expand
Expanding
Close

Security

Apple security engineering chief to talk iOS and macOS at Black Hat 2019

Chance Miller Jun 27 2019 - 4:29 pm PT

At the Black Hat security conference in August, a lead Apple security executive will offer new details on iOS 13 and macOS Catalina. The talk will run for 50 minutes and is entitled “Behind the Scenes of iOS and Mac Security.”

Expand
Expanding
Close

Can smart home devices get viruses? Experts separate fact from fiction …

Ben Lovejoy Jun 27 2019 - 5:39 am PT

Can smart home devices get viruses? There’s been a lot of talk about the idea of IoT (Internet of Things) devices being infected by viruses, not least because Samsung this month recommended scanning its QLED televisions for viruses every few weeks.

Security experts from Avast and Symantec have set out to separate fact from fiction. They say that while a virus isn’t impossible, it is extremely unlikely – but there are four other ways the security of your smart home can be compromised, and we outline some simple steps you can take to reduce the risks …

Expand
Expanding
Close

macOS Gatekeeper vulnerability has now been exploited by adware company

Ben Lovejoy Jun 25 2019 - 5:35 am PT

macOS Gatekeeper vulnerability now being exploited

A macOS Gatekeeper vulnerability discovered by a security researcher last month has now been exploited in what appears to be a test by an adware company.

Gatekeeper is designed to ensure that Mac apps are legitimate by checking that the code has been signed by Apple. Any app failing that check shouldn’t be allowed to install without the user acknowledging the risk and granting explicit permission to proceed …

Expand
Expanding
Close