Mobile – Page 25 – PossibleThreat Articles

Apple announces a new iPhone (and you can’t have it)

August 9, 2019 0 Comments Apple, iOS, Macs, Mobile, Security

Credit to Author: Jonny Evans| Date: Fri, 09 Aug 2019 06:55:00 -0700

Apple has announced a new iPhone for 2020, but it will only be made available to a select group of security researchers – along with huge bounties to anyone informing the company of a new OS vulnerability.

Probably the world’s most exclusive iPhone

Ivan Krstić, Apple’s head of security engineering provided big insights into Apple’s platform security during his presentation at Black Hat U.S. 2019.

To read this article in full, please click here

Security Sophos

Parents, it’s time to delete Pet Chat from your child’s LeapPad

August 9, 2019 0 Comments Checkmarx, children, Cryptography, https, LeapFrog, LeapPad, LeapSearch, location data, MITM, Mobile, Pet Chat, Privacy, rogue access point, tablets, Tracking

Credit to Author: Lisa Vaas| Date: Fri, 09 Aug 2019 12:54:02 +0000

LeapFrog has done lots to fix the security of the LeapPad. Now all that’s left is for parents to scrape Pet Chat off of older tablets.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ejkztteslLE” height=”1″ width=”1″ alt=””/>

ComputerWorld Independent

The best privacy and security apps for Android

August 9, 2019 0 Comments Android, Mobile, Mobile Security, Privacy, Security

Credit to Author: JR Raphael| Date: Fri, 09 Aug 2019 03:01:00 -0700

Let’s get one thing out of the way right off the bat: If you’re looking for recommendations about Android security suites or other malware-scanning software, you’ve come to the wrong place.

Why? Because, like most people who closely study Android, I don’t recommend using those types of apps at all. Android malware isn’t the massive real-world threat it’s frequently made out to be, and Google Play Protect and other native Android features are more than enough to keep most devices safe.

To read this article in full, please click here

Security Sophos

More than 2m AT&T phones illegally unlocked by bribed insiders

August 8, 2019 0 Comments AT&T, bug bounties, CFAA, Computer Fraud and Abuse Act, hackerone, insider threats, Law & order, malware, Mobile, Muhammad Fahd, phone unlocking, unlocked phones, wire fraud

Credit to Author: Lisa Vaas| Date: Thu, 08 Aug 2019 12:28:54 +0000

The alleged, now indicted ringleader paid more than $1m in bribes to insiders who planted malware and hardware for remote unlocking.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/5KmgBCGFT2U” height=”1″ width=”1″ alt=””/>

ComputerWorld Independent

Many VPN apps on Apple’s App store can’t be trusted, researcher warns

August 8, 2019 0 Comments Apple, iOS, Mobile, Security

Credit to Author: Jonny Evans| Date: Thu, 08 Aug 2019 05:50:00 -0700

I’m told Apple is at last looking into the privacy and security of free VPN apps made available across its platforms, following a report from researcher, Simon Migliano.

Who owns your VPN service?

The researcher has flagged up several concerns that really should be recognized by anyone choosing a VPN service from both the Apple and Google App Stores:

Ownership: Migliano claims that almost 60 percent of the most popular VPN apps are actually owned (sometimes opaquely) by Chinese companies.
Privacy: The researcher also found that as many as 77% of these VPN apps may have what he calls “serious privacy flaws”,including no privacy policy at all, generic policies with no mention of VPN or no detailed logging policy.
Data protection: Migliano claims Apple is not enforcing its third-party data-sharing ban against VPN apps, with 80 percent of the top free VPN apps “in breach of the rules”, he said. Many are sharing data with third parties, he claims.

That last allegation is particularly concerning.

To read this article in full, please click here

ComputerWorld Independent

Almost half of tested free Android antivirus apps fail. That might prove very useful to IT.

August 8, 2019 0 Comments Mobile, Security

Credit to Author: Evan Schuman| Date: Thu, 08 Aug 2019 03:00:00 -0700

One of the problems with enterprise mobile BYOD efforts is that corporate apps — and lots of corporate data, including sensitive intellectual property — must coexist on the same device with whatever employees choose to download on the personal side. That’s far from ideal, but even worse is if employees choose to download a second antivirus program. Unlike doubling up on most apps (two VPNs, two word processors, two email programs, etc.), antivirus programs often conflict and fight each other, generating false positives and other bad results.

Unlike two deadbolts on a door, doubling up on security not only doesn’t work with antivirus, it can actually sharply weaken security. This all assumes that both antivirus programs are professional, effective and well-intentioned. But that’s often not the case. There are quite a few free antivirus programs out there, and they are disproportionately the ones employees opt to download. After all, if the company has already installed a high-level antivirus on the phone, why would an employee pay to install a second? But a free antivirus program is much more tempting.

To read this article in full, please click here

ComputerWorld Independent

Slack beefs up mobile security controls for Enterprise Grid

August 6, 2019 0 Comments Collaboration, Mobile, Security, Slack

Credit to Author: Matthew Finnegan| Date: Tue, 06 Aug 2019 08:00:00 -0700

Slack today unveiled new security capabilities for Enterprise Grid customers, including tighter controls for admins who oversee mobile device access.

Enterprise Grid was launched in 2017 for Slack’s biggest customers, with additional features to support large-scale deployments. Among the 150 organizations now using Enterprise Grid are Capital One, IBM and Target.

Slack has continued to build out security and compliance features for the software since its introduction, including the addition of enterprise key management last September.

To read this article in full, please click here

ComputerWorld Independent

Apple suspends Siri snooping (and promises more control for the rest of us)

August 2, 2019 0 Comments Apple, iOS, Mobile, Security

Credit to Author: Jonny Evans| Date: Fri, 02 Aug 2019 04:27:00 -0700

Apple has once again proved that it listens to valid criticism with the immediate global suspension of the Siri listening program that attracted so much controversy.

When it comes to privacy, Siri listens

At issue was quality control.

A small number of conversational snippets were shared with third party human contractors for quality control purposes.

To read this article in full, please click here

Security Sophos

Five Eyes nations demand access to encrypted messaging

August 1, 2019 0 Comments #nobackdoors, Apple, australia, backdoors, Canada, Cryptography, encryption, end-to-end encryption, facebook, Five Eyes, FVEY, Instagram, Law & order, Messenger, Mobile, new zealand, Privacy, Social networks, terrorism, uk, US, whatsapp

Credit to Author: Lisa Vaas| Date: Thu, 01 Aug 2019 10:39:54 +0000

The alliance wants tech companies to build backdoor access to users’ encrypted data, by force if necessary.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/OwcXC3l1bLY” height=”1″ width=”1″ alt=””/>

Security Sophos

iMessage bug could have allowed attackers to read data from any iPhone

July 31, 2019 0 Comments Apple, Apple patch, Google, imessage, iOS, iPad, iPhone, iPods, Mobile, Natalie Silvanovich, Operating Systems, Project Zero

Credit to Author: Danny Bradbury| Date: Wed, 31 Jul 2019 13:44:07 +0000

Google’s Project Zero has unveiled details of a bug in Apple’s iMessage that lets attackers read data from an iPhone without any user interaction.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/lRgoEr1lXx4″ height=”1″ width=”1″ alt=””/>