Roughly 500 million iOS users have been affected by a cyberattack that takes advantage of an iOS Chrome bug.
The attacks are the work of the eGobbler gang, researchers said, which has a track record of mounting large-scale malvertising attacks ahead of major holiday weekends. Easter is coming up, and the crooks are banking on consumers spending a lot more time than usual browsing the web on their phones.
Another research firm says this attack can also affect Safari users. Be careful this weekend.
Andrew Orr and Bryan Chaffin join host Kelly Guimont to discuss “ownership” of eBooks, Instagram’s security, and viewing your tracked data.
This morning The Weather Channel was knocked off the air after a malicious software attack, and federal law enforcement are investigating.
Two high school students in New Jersey successfully jammed their school’s Wi-Fi network in order to avoid taking exams.
Secaucus Schools Superintendent Jennifer Montesano says the school’s Wi-Fi network has been restored and is now fully operational. But she declined further comment. Since much of the school’s curriculum is internet-based, the lack of Wi-Fi connection disrupted the students’ daily assignments.
As Redditor u/AdvancedAdvance quipped: “Although their slowing down the network to unusable speeds will land them in a lot of trouble at school, they can now expect to get full-time, high-paying job offers from AT&T and Verizon.”
Before you’re tempted to check out Amazon’s sale on TP-Link routers, you should know a zero day exploit was recently found in these devices.
Eva Galperin is the head of the Electronic Frontier Foundation’s (EFF) Threat Lab. Her latest project? Ending stalkerware once and for all.
In a talk she is scheduled to give next week at the Kaspersky Security Analyst Summit in Singapore, Galperin will lay out a list of demands: First, she’s calling on the antivirus industry to finally take the threat of stalkerware seriously, after years of negligence and inaction. She’ll also ask Apple to take measures to protect iPhone users from stalkerware, given that the company doesn’t allow antivirus apps into its App Store.
Millions of people were affected for 10 days in March by a spam email operation. But the spammer didn’t set a password for their server (via TechCrunch). [Apple Support Scam is a new Voice Phishing Trick] Email Spam It’s a fascinating story. Security researcher Bob Diachenko found the server after the operation. The spammer had…
Gavin de Becker, Jeff Bezos’ security consultant, is accusing the Saudis of hacking into Mr. Bezos’ phone in order to harm him.
Zubair Khan put together a list of popular web browsers and tested them to figure out which was the most private and secure.
To decide which browser is the best for privacy and security, we will evaluate them using two criteria: Available security features [and ]embedded Privacy Tools. Each browser will be rated out of five and will be ranked accordingly.
The browsers he tested: Chrome, Internet Explorer (Not Edge?), Safari, Firefox, Chromium, Opera, and Tor browser.
If you’ve updated to iOS 12.2 and/or macOS 14.4, you’ve probably seen a ‘Not Secure’ message in the Safari address bar. OSXDaily explains.
By seeing the ‘Not Secure” Safari message on an iPhone, iPad, or Mac you are simply being informed by Safari that the website or webpage being visited is using HTTP rather than HTTPS, or perhaps that HTTPS is misconfigured at some technical level.
Ironically, as the article points out OSXDaily is itself not secure.
If a website uses HTTPS, Safari will display a green padlock next to the domain in the address bar. But in some cases it could still be insecure.
In analysis of the web’s top 10,000 HTTPS sites—as ranked by Amazon-owned analytics company Alexa—the researchers found that 5.5 percent had potentially exploitable TLS vulnerabilities. These flaws were caused by a combination of issues in how sites implemented TLS encryption schemes and failures to patch known bugs (of which there are many) in TLS and its predecessor Secure Sockets Layer. But the worst thing about these flaws is they are subtle enough that the green padlock will still appear.
iOS 12.2 patches 51 security vulnerabilities, which is a huge incentive to update if nothing else announced yesterday was enticing.
The list of patches covers a wide variety of bugs an adversary could potentially manipulate to obtain effects like denial-of-service, privilege escalation, and information disclosure to gaining root privileges, overwriting arbitrary files, or executing code of the attacker’s choice.
More movies exclusive to iTunes have been leaked to pirate websites, providing stronger evidence for an iTunes DRM crack.
Microsoft announced that Windows Defender ATP—its built-in anti-malware tool—is coming to macOS.
Brian Krebs wrote a good article on how our phone numbers have become security and authentication tools, and thus closely tied to our identity. But there’s a problem with that.
Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on your phone bill payments — whoever inherits that number can then be you in a lot of places online.
Security expert Maik Morgenstern talks about iPhones and viruses and how in theory an iPhone could get one.
“In theory, yes,” Maik Morgenstern, chief technology officer for AV-Test, told Digital Trends. “However, the practical hurdles are quite high, and it is unlikely for a normal user to get affected. But vulnerabilities exist that can be exploited by attackers.”
Firefox Send is a free tool that lets you send encrypted files up to 1GB in size, or 2.5GB if you sign in with a Firefox account.
What sets Send apart is its ease of use. It works in any browser; just go to send.firefox.com. Upload or drag and drop files, and Send will generate a link that you can set to expire after a certain number of downloads—up to 100—or a certain amount of time, ranging from five minutes to seven days.
Being able to use any browser is probably the best part about this tool.
The United States might punish Germany if the country decides to use Huawei technology in its 5G infrastructure.
David Nield implores us to make sure we properly remove data from our devices before we get rid of them.
Your personal data—be it financial spreadsheets or web searches—is not something you want to be leaving behind for other people to find, and totally wiping your activity off devices or the web takes a few more steps than you might have realized. Don’t worry though, as we’re going to walk you through the process.
Special prototype iPhones called dev-fused iPhones help security researchers examine Apple’s code.