security Stories Yesterday

GOOG: 872.30

9.54
Stock Chart

A U.S. ban on carrying laptops and tablets in the cabin of inbound international flights may be extended to European countries, including the UK. Any electronic device larger than a phone would have to be placed in hold baggage.

The U.S. government currently applies the ban to flights from 10 airports, mostly Middle Eastern and North African. The measure was introduced last month, the Department of Homeland Security stating that it was in response to intelligence suggesting that terrorists planned to smuggle explosives inside consumer electronics items …

expand full story

security Stories March 22

GOOG: 829.59

-0.87
Stock Chart

The Android Security team has just published its year in review of the mobile operating system for 2016. Sifting through the report, major highlights include improvements in dangerous app detection and increased collaboration with partners on monthly patches. Google also shared some of its security plans for the year ahead.

expand full story

Everyone can use an Echo Dot: Just $50!

security Stories March 21

GOOG: 830.46

-17.94
Stock Chart
9to5mac 

security Stories March 15

GOOG: 847.20

1.58
Stock Chart

Thousands of Twitter users have this morning had their accounts hijacked and used to tweet a swastika and Nazi hashtags. The attack appears to be in support of Turkey’s President, urging support for a referendum which could allow President Erdoğan to remain in power until 2029.

The Verge reports that many verified and high-profile Twitter accounts were compromised, and that the hijack appears to have been carried out via a third-party app.

Accounts operated by Amnesty International, Duke University, Reuters Japan, and BBC North America were among those hijacked. Several users have noted that all hijacked tweets appear to have been linked to Twitter Counter, a Netherlands-based analytics application. Twitter Counter was previously targeted in a November 2016 attack that caused some high-profile accounts to spread spam. 

Twitter confirmed that a third-party app was behind the hack, so checking which apps have permission to access your Twitter account is one important step to take. Here’s a quick checklist to check the security of Twitter and other services …

expand full story

security Stories March 7

GOOG: 831.91

4.13
Stock Chart

Wikileaks claims that the U.S. Central Intelligence Agency has a specialized unit within its Center for Cyber Intelligence that is devoted to developing and obtaining zero-day exploits for Android devices, in addition to one targeting Apple’s iOS. A zero-day exploit is one unknown to Google or security researchers, so cannot be protected against.

A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. “Year Zero” shows that as of 2016 the CIA had 24 “weaponized” Android “zero days” which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.

The CIA is also said to have teams working on attacking Windows and Samsung TVs, ‘which are turned into covert microphones.’

Wikileaks further claims that the CIA recently ‘lost control’ of the majority of the malware it uses to attack devices …

expand full story

security Stories February 24

GOOG: 828.64

-2.69
Stock Chart

User data from 3,400 websites has been leaked and cached by search engines as a result of a bug in Cloudflare, a content delivery network. Sites affected over the course of several months include major ones like Uber, Fitbit and dating site OKCupid. 1Password also uses Cloudflare, but says that end-to-end encryption means that no customer data was exposed.

ArsTechnica reports that the leaks were spotted by Google security researcher Tavis Ormandy.

We observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security.

Cloudflare has admitted that the breach occurred, but Ormandy and other security researchers believe the company is underplaying the severity of the incident …

expand full story

9to5toys 

Submit a Tip

cancel

Submitting a tip constitutes permission to publish and syndicate. Please view our tips policy or see all contact options.

Powered by WordPress.com VIP