Evil USB O.MG Cable opens up Wi-Fi to remote attacks

Posted on February 15th, 2019 by Responsible Cyber

by Lisa Vaas Take a look at one of your USB cables and you’ll probably see an icon. It might look like a trident, with a vector, circle and square stemming off the main branch. What do those three symbols mean? You can find multiple suggestions online. We’re less inclined to believe that it was […]

Read More

620 million records from 16 websites listed for sale on the Dark Web

Posted on February 15th, 2019 by Responsible Cyber

by Lisa Vaas The pockets of credential stuffers and spammers have been potentially fattened by another 617 million pilfered accounts, hacked out of 16 websites and now allegedly up for sale on the Dark Web. The Register reports that a seller on the Dream Market – a Dark Web marketplace hidden by the encrypted layers […]

Read More

Apple App Store stuffed with hardcore porn and gambling apps

Posted on February 14th, 2019 by Responsible Cyber

by Lisa Vaas Apple’s easily abused Enterprise Certificate program isn’t just letting snoopy Facebook and Google apps slide into its Apps store, it turns out: It’s also being exploited by, at the very least, a dozen hardcore porn apps and a dozen gambling apps. Last week, Facebook’s Research app – that paid people, including teens, […]

Read More

Google paid out $3.4m in bug bounties last year

Posted on February 14th, 2019 by Responsible Cyber

by Lisa Vaas A 19-year-old researcher from Uruguay; a restaurant owner from Cluj, Romania; and a Cambridge professor: these are just three of the 317 researchers who were rewarded for reporting vulnerabilities and helping keep Google users safer in 2018, the company said in its yearly bug bounty payout wrap-up. Google awarded a total of […]

Read More

Apple sued for ‘forcing’ 2FA on accounts

Posted on February 12th, 2019 by Responsible Cyber

by Lisa Vaas New York resident Jay Brodsky has filed a class action lawsuit against Apple, claiming that the company forces users into a two-factor authentication (2FA) straitjacket that they can’t shrug off, that it takes up to five minutes each time users have to enter a 2FA code, and that the time suck is […]

Read More

Jack’d dating app is showing users’ intimate pics to strangers

Posted on February 6th, 2019 by Responsible Cyber

by Lisa Vaas Dating/hook-up app Jack’d is publicly sharing, without permission, photos that users think they’re sharing privately. The Android version of the app has been downloaded 110,562 times from Google’s Play store, and it’s also available on iOS. Jack’d is designed to help gay, bi and curious guys to connect, chat, share, and meet […]

Read More

Digital signs left wide open with default password

Posted on February 6th, 2019 by Responsible Cyber

by Lisa Vaas Security researcher Drew Green has pried open an internet-connected digital signage system thanks to a default admin web interface password: an easily changeable password that allowed him into the web interface, from where he stumbled onto a chain of vulnerabilities that could allow a malicious attacker to upload whatever unsavories they’d like […]

Read More

Apple kicks Facebook’s snoopy Research app out of the App Store

Posted on January 31st, 2019 by Responsible Cyber

by Lisa Vaas For three years, Facebook has been secretly paying volunteers – including teens – to install a virtual private network (VPN) app called Facebook Research that plants a root certificate on their phones, according to Tech Crunch. That certificate gets the company “nearly limitless access” to the device, TechCrunch reports. It’s unclear exactly […]

Read More

It’s mop-up time for WebStresser DDoS-for-hire users

Posted on January 30th, 2019 by Responsible Cyber

by Lisa Vaas In April 2018, Dutch police inflicted a whole lot of “access denied” when they shut down Webstresser, the world’s biggest market for distributed-denial-of-service (DDoS) attacks. Law enforcement working in multiple countries nabbed at least four of the attack-for-hire site’s admins, and then they went knocking on the doors of its users. Some […]

Read More

Scammers steal social media videos to wring hearts and wallets

Posted on January 30th, 2019 by Responsible Cyber

by Lisa Vaas “I’m walking!” squealed the adorable, 4-year-old Mighty Miss Maya, born premature and later diagnosed with spastic diplegia cerebral palsy, when she took her first independent steps. “Ka-CHING!!!!” enthused one or more Instagram swindlers, who promptly swiped Maya’s photo and videos to plaster onto fake fundraising accounts. Earlier this month, Maya’s family, the […]

Read More