How AT&T Insiders Were Bribed to ‘Unlock’ Millions of Phones
Credit to Author: Louise Matsakis| Date: Wed, 07 Aug 2019 20:51:25 +0000
One cybersecurity threat that’s proven difficult for wireless carriers to combat? Their own employees.
Read moreMonth: August 2019
A Boeing Code Leak Exposes Security Flaws Deep in a 787’s Guts
Credit to Author: Andy Greenberg| Date: Wed, 07 Aug 2019 19:29:03 +0000
One researcher’s discovery suggests troubling oversights in Boeing’s cybersecurity.
Read more13-Year-Old Encryption Bugs Still Haunt Apps and IoT
Credit to Author: Lily Hay Newman| Date: Wed, 07 Aug 2019 18:42:24 +0000
RSA encryption has been around for decades. Unfortunately, so have bad implementations that leave it less secure.
Read moreTwitter may have shared your data with its ad partners without your permission
Credit to Author: Lisa Vaas| Date: Thu, 08 Aug 2019 12:48:11 +0000
Some user data, such as country and device type, was exposed to some advertisers for over a year.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/zUx2z5TCqdU” height=”1″ width=”1″ alt=””/>
Read moreCisco 220 Series Smart Switch owners told to apply urgent patch
Credit to Author: John E Dunn| Date: Thu, 08 Aug 2019 12:45:34 +0000
Businesses running any of Cisco’s 220 Series Smart Switches have some urgent patching work on their hands.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/K1mhEB2NowY” height=”1″ width=”1″ alt=””/>
Read moreMore than 2m AT&T phones illegally unlocked by bribed insiders
Credit to Author: Lisa Vaas| Date: Thu, 08 Aug 2019 12:28:54 +0000
The alleged, now indicted ringleader paid more than $1m in bribes to insiders who planted malware and hardware for remote unlocking.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/5KmgBCGFT2U” height=”1″ width=”1″ alt=””/>
Read moreS2 Ep3: Ransomware, surveillance and data theft – Naked Security Podcast
Credit to Author: Alice Duckett| Date: Thu, 08 Aug 2019 12:13:26 +0000
Episode 3 of the podcast is now live. This week, host Anna Brading is joined by Paul Ducklin, Mark Stockley and Ben Jones.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/FNaVR9sPAMM” height=”1″ width=”1″ alt=””/>
Read moreMany VPN apps on Apple’s App store can’t be trusted, researcher warns
Credit to Author: Jonny Evans| Date: Thu, 08 Aug 2019 05:50:00 -0700
I’m told Apple is at last looking into the privacy and security of free VPN apps made available across its platforms, following a report from researcher, Simon Migliano.
Who owns your VPN service?
The researcher has flagged up several concerns that really should be recognized by anyone choosing a VPN service from both the Apple and Google App Stores:
- Ownership: Migliano claims that almost 60 percent of the most popular VPN apps are actually owned (sometimes opaquely) by Chinese companies.
- Privacy: The researcher also found that as many as 77% of these VPN apps may have what he calls “serious privacy flaws”,including no privacy policy at all, generic policies with no mention of VPN or no detailed logging policy.
- Data protection: Migliano claims Apple is not enforcing its third-party data-sharing ban against VPN apps, with 80 percent of the top free VPN apps “in breach of the rules”, he said. Many are sharing data with third parties, he claims.
That last allegation is particularly concerning.
Almost half of tested free Android antivirus apps fail. That might prove very useful to IT.
Credit to Author: Evan Schuman| Date: Thu, 08 Aug 2019 03:00:00 -0700
One of the problems with enterprise mobile BYOD efforts is that corporate apps — and lots of corporate data, including sensitive intellectual property — must coexist on the same device with whatever employees choose to download on the personal side. That’s far from ideal, but even worse is if employees choose to download a second antivirus program. Unlike doubling up on most apps (two VPNs, two word processors, two email programs, etc.), antivirus programs often conflict and fight each other, generating false positives and other bad results.
Unlike two deadbolts on a door, doubling up on security not only doesn’t work with antivirus, it can actually sharply weaken security. This all assumes that both antivirus programs are professional, effective and well-intentioned. But that’s often not the case. There are quite a few free antivirus programs out there, and they are disproportionately the ones employees opt to download. After all, if the company has already installed a high-level antivirus on the phone, why would an employee pay to install a second? But a free antivirus program is much more tempting.
Microsoft puts another nail in VBScript coffin
Credit to Author: Danny Bradbury| Date: Thu, 08 Aug 2019 09:52:39 +0000
Listen up, VBScript fans: your favourite scripting language’s days are numbered.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/OFyXmnmBnSQ” height=”1″ width=”1″ alt=””/>
Read more