PossibleThreat Articles

Articles for the experts…

Apple

ComputerWorld Independent 

Why every user needs a smart speaker security policy

0 Comments , , ,

Credit to Author: Jonny Evans| Date: Mon, 24 Feb 2020 06:06:00 -0800

Does your voice assistant wake up randomly when you are engaged in normal conversation, listening to radio, or watching TV? You’re not alone, and this may have serious implications in enterprise security policy.

All things being equal (they’re not)

“Anyone who has used voice assistants knows that they accidentally wake up and record when the ‘wake word’ isn’t spoken – for example, ‘seriously’ sounds like the wake word ‘Siri’ and often causes Apple’s Siri-enabled devices to start listening,” the Smart Speakers research study says.

To read this article in full, please click here

Read more
Security Sophos 

Apple chops Safari’s TLS certificate validity down to one year

0 Comments , , , , , , , , , , , , , ,

Credit to Author: John E Dunn| Date: Mon, 24 Feb 2020 11:42:33 +0000

From 1 September 2020, Safari will no longer trust SSL/TLS certificates with more than a year on the clock.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/cpkLvAwmg9A” height=”1″ width=”1″ alt=””/>

Read more
QuickHeal Security 

Take your browser security to the next level!

0 Comments , , ,

Credit to Author: Swapnil Nigade| Date: Mon, 24 Feb 2020 09:59:32 +0000

  Today, almost every computer user leverages a variety of web browsers to surf the internet — Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari are some of the popular browsers in use in recent times. It is very important to configure internet browser(s) in a secure way because vulnerable web…

Read more
ComputerWorld Independent 

Apple joins industry effort to eliminate passwords

0 Comments , , , , ,

Credit to Author: Lucas Mearian| Date: Fri, 21 Feb 2020 03:00:00 -0800

In a somewhat unusual move for Apple, the company has joined the Fast IDentity Online (FIDO) Alliance, an authentication standards group dedicated to replacing passwords with another, faster and more secure method for logging into online services and apps.

Apple is among the last tech bigwigs to join FIDO, whose members now include Amazon, Facebook, Google, Intel, Microsoft, RSA, Samsung, Qualcomm and VMware. The group also boasts more than a dozen financial service firms such as American Express, ING, Mastercard, PayPal, Visa and Wells Fargo.

“Apple is not usually up front in joining new organizations and often waits to see if they gain enough traction before joining in. This is fairly atypical for them,” said Jack Gold, president and principal analyst at J. Gold Associates. “Apple is often trying to present [its] own proposed industry standards for wide adoption, but is generally not an early adopter of true multi-vendor industry standards.

To read this article in full, please click here

Read more
Security Sophos 

Suspect who refused to decrypt hard drives released after four years

0 Comments , , , , , , , , ,

Credit to Author: John E Dunn| Date: Fri, 14 Feb 2020 12:12:52 +0000

The US Court of Appeals ruled that he couldn’t continue to be held for refusing to give up his passcodes.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/-PcVPhz2bC0″ height=”1″ width=”1″ alt=””/>

Read more
Security Sophos 

Mozilla issues final warning to websites using TLS 1.0

0 Comments , , , , , , , , , , , , , ,

Credit to Author: John E Dunn| Date: Wed, 12 Feb 2020 16:13:57 +0000

From March, the Firefox, Chrome, Safari and Edge browsers will show warnings when users visit websites that only support TLS versions 1.0 or 1.1.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/3oMQ9dp5jKA” height=”1″ width=”1″ alt=””/>

Read more
ComputerWorld Independent 

Smart lighting security flaw illuminates risk of IoT

0 Comments , , ,

Credit to Author: Jonny Evans| Date: Fri, 07 Feb 2020 06:35:00 -0800

The latest smart home security nightmare sheds light on the risk you take each time you add another connected item to your home, office or industrial network – and even market leading brands make mistakes.

The story of Hue

Philips Hue smart lighting systems are probably among the most widely installed smart home solutions in the world, so plenty of people deserve to learn about the latest Check Point research which warns of a major security flaw in them.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Is Apple's iCloud folder sharing a shadow IT problem?

0 Comments , , , ,

Credit to Author: Jonny Evans| Date: Thu, 06 Feb 2020 06:35:00 -0800

After a long delay, Apple is preparing to introduce iCloud Folder Sharing across both its Mac and iOS platforms. This is a big blessing for collaboration, but is it safe?

What is iCloud Folder Sharing?

iCloud Folder Sharing was first announced at WWDC 2019, but delayed until – well, at present it is still delayed and was only recently made available inside the latest iOS and macOS developer betas. Which means it should be on the way.

Probably.

How it works?

To read this article in full, please click here

Read more
Security Sophos 

NIST tests methods of recovering data from smashed smartphones

0 Comments , , , , , , , , , , , , ,

Credit to Author: John E Dunn| Date: Tue, 04 Feb 2020 12:54:30 +0000

Criminals have found to their cost that reducing a device to a pile of rubble means nothing if the internal chips are still in working order.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/DhhD2UVxfZU” height=”1″ width=”1″ alt=””/>

Read more
Security Sophos 

Apple proposes simple security upgrade for SMS 2FA codes

0 Comments , , , , , , , ,

Credit to Author: John E Dunn| Date: Mon, 03 Feb 2020 12:54:31 +0000

Apple thinks it’s come up with a simple way to make SMS two-factor authentication (2FA) one-time codes less susceptible to phishing attacks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/EmuD8lIFjiU” height=”1″ width=”1″ alt=””/>

Read more