Another flaw found in macOS Mojave’s privacy protection

Posted on February 15th, 2019 by Responsible Cyber

by John E Dunn Ever since Apple announced enhanced privacy protection for macOS Mojave 10.14 last September, a dedicated band of researchers has been poking away at it looking for security flaws. Embarrassingly for Apple, it’s not proved a tough challenge with the first turning up on launch day when one researcher reported a surprising […]

Read More

Evil USB O.MG Cable opens up Wi-Fi to remote attacks

Posted on February 15th, 2019 by Responsible Cyber

by Lisa Vaas Take a look at one of your USB cables and you’ll probably see an icon. It might look like a trident, with a vector, circle and square stemming off the main branch. What do those three symbols mean? You can find multiple suggestions online. We’re less inclined to believe that it was […]

Read More

Ep. 019 – Android holes, iOS screengrabbing and USB poo [PODCAST]

Posted on February 15th, 2019 by Responsible Cyber

by Paul Ducklin The Naked Security podcast pokes a stick into the latest critical security bugs in Android, investigates the dubious art of iOS screenshots you didn’t know about, and marvels at the USB drive that survived a seal’s digestive tract. With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy. This week’s stories: If […]

Read More

620 million records from 16 websites listed for sale on the Dark Web

Posted on February 15th, 2019 by Responsible Cyber

by Lisa Vaas The pockets of credential stuffers and spammers have been potentially fattened by another 617 million pilfered accounts, hacked out of 16 websites and now allegedly up for sale on the Dark Web. The Register reports that a seller on the Dream Market – a Dark Web marketplace hidden by the encrypted layers […]

Read More

Inside a GandCrab targeted ransomware attack on a hospital

Posted on February 14th, 2019 by Responsible Cyber

by Mark Stockley Thanks to Sophos experts Vikas Singh and Peter Mackenzie for the research in this article. Just before 9pm on Sunday, 3 February 2019, a GandCrab executable sparked into life for an instant, before its brief existence was snuffed out by antivirus software. Stopped in its tracks, the malware triggered the first of what […]

Read More

What’s behind this 1,000-character phishing URL?

Posted on February 14th, 2019 by Responsible Cyber

by Danny Bradbury Phishing sites are common, but this week the internet found a strange strain that’s a little rarer: a phishing site with a URL almost a thousand characters long. Experts have a good theory about why a scammer would go to all that trouble. Bleeping Computer learned of a strange phishing campaign which […]

Read More

Apple App Store stuffed with hardcore porn and gambling apps

Posted on February 14th, 2019 by Responsible Cyber

by Lisa Vaas Apple’s easily abused Enterprise Certificate program isn’t just letting snoopy Facebook and Google apps slide into its Apps store, it turns out: It’s also being exploited by, at the very least, a dozen hardcore porn apps and a dozen gambling apps. Last week, Facebook’s Research app – that paid people, including teens, […]

Read More

Google paid out $3.4m in bug bounties last year

Posted on February 14th, 2019 by Responsible Cyber

by Lisa Vaas A 19-year-old researcher from Uruguay; a restaurant owner from Cluj, Romania; and a Cambridge professor: these are just three of the 317 researchers who were rewarded for reporting vulnerabilities and helping keep Google users safer in 2018, the company said in its yearly bug bounty payout wrap-up. Google awarded a total of […]

Read More

Update now! Microsoft and Adobe’s February 2019 Patch Tuesday is here

Posted on February 14th, 2019 by Responsible Cyber

by John E Dunn Internet Explorer (IE) may have launched way back in 1995 but nearly a quarter of a century later it’s still creating work for Microsoft and Windows users. Take February’s Patch Tuesday, a highlight of which is a bona fide IE 10 and 11 zero-day said by Microsoft to be under active […]

Read More

Top tips for Valentine’s Day – and the rest of the year! [VIDEO]

Posted on February 13th, 2019 by Responsible Cyber

by Paul Ducklin In this week’s Naked Security Live video, we’re giving you three quick and easy security tips for Valentine’s Day… …and for every other Day (and every other day) in the year. [embedded content] (Watch directly on YouTube if the video won’t play here.) PS. Like the shirt in the video? They’re available […]

Read More