security threats – Page 27 – PossibleThreat Articles

Twitter turns off SMS texting after @Jack hijacking

September 6, 2019 0 Comments @jack, 2-factor Authentication, 2fa, account hijack, account hijacking, Celebrities, Hacked, Jack Dorsey, MFA, security threats, SIM swaps, SMS, Social networks, twitter

Credit to Author: Lisa Vaas| Date: Fri, 06 Sep 2019 09:41:13 +0000

Two problems, Twitter says: vulnerabilities that mobile carriers need to fix & its reliance on linked numbers for 2FA.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/2v_2dm33u_g” height=”1″ width=”1″ alt=””/>

Security Sophos

Scammers deepfake CEO’s voice to talk underling into $243,000 transfer

September 5, 2019 0 Comments AI, Artificial intelligence, audio, audio deepfake, CEO, deepfake, fraud, Machine Learning, Scam, security threats, vishing, voice, voice phishing

Credit to Author: Lisa Vaas| Date: Thu, 05 Sep 2019 14:38:02 +0000

The voice had the hint of a German accent and the same “melody” that an employee recognized in his boss’s voice.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/_coDs7IxGNM” height=”1″ width=”1″ alt=””/>

Security Sophos

Android gets September update as price of flaws soars

September 5, 2019 0 Comments Android, Android 10, bug bounties, Google, iOS, Mobile, Operating Systems, Organisations, Patching, Project Mainline, security threats, Technologies, vulnerability, Windows

Credit to Author: John E Dunn| Date: Thu, 05 Sep 2019 13:51:21 +0000

When is a security update not a security update? When it’s patching flaws in a version of an OS nobody beyond developers is yet running.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/xUkOcZUm9To” height=”1″ width=”1″ alt=””/>

Security Sophos

Author of record-setting IoT botnets pleads guilty

September 5, 2019 0 Comments author, booters, Botnet, Brian Krebs, DDoS, DDoS-for-hire, Denial of Service, Drake, Fbot, Gigabit Passive Optical Network, GoAhead, GPON, guilty, High Silicon DVRs, Huawei, IoT, Kenneth Currin Schuchman, Law & order, Masuta, mirai, Nexus Zeta, Nuclear Fallout, Okiru, ProxyPipe, Qbot, Remaiten, Routers, Satori, security threats, SWATting, Telemax, telnet, tsunami, Vamp

Credit to Author: Lisa Vaas| Date: Thu, 05 Sep 2019 13:44:37 +0000

He kept working on new botnets (and swatting a co-conspirator-cum-competitor) while indicted and on supervised release.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/GTqVr4bD8sE” height=”1″ width=”1″ alt=””/>

Security Sophos

Facebook loses control of key used to sign Android app

September 4, 2019 0 Comments Android, Android Package Kit, APK, APK repository, data loss, facebook, Free Basics, Google, Internet.org, Mobile, private key, security threats, signing key, walled garden

Credit to Author: Lisa Vaas| Date: Wed, 04 Sep 2019 16:30:46 +0000

What should be a private key used to vouch for the ‘Free Basics by Facebook’ app was used to sign unrelated apps.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/oMymgOZ03gI” height=”1″ width=”1″ alt=””/>

Security Sophos

QR codes need security revamp, says creator

September 4, 2019 0 Comments Counterfeit QRs, Denso, Masahiro Hara, payment security, QR codes, QR payments, QRLjacking, security threats

Credit to Author: Danny Bradbury| Date: Wed, 04 Sep 2019 10:57:18 +0000

QR codes have been around since 1994, but their creator is worried. They need a security update, he says.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/lNHS17cnf14″ height=”1″ width=”1″ alt=””/>

Security Sophos

EFF and Mozilla scold Venmo over app’s privacy failings

September 4, 2019 0 Comments data loss, EFF, financial data, Mozilla, Mozilla Foundation, Payment apps, Paypal, Privacy, security threats, Social networks, Venmo

Credit to Author: John E Dunn| Date: Wed, 04 Sep 2019 09:34:26 +0000

The tense stand-off between privacy campaigners and the popular mobile payment app Venmo has taken another turn for the worse.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/dIdmnOeegug” height=”1″ width=”1″ alt=””/>

Security Sophos

iPhone attack may have targeted Android and Windows too

September 3, 2019 0 Comments Android, Apple, bug bounty, Google, Government security, government spyware, iOS, iPhone, Mobile, nation state hacking, Operating Systems, security threats, vulnerability, Windows, zero day

Credit to Author: John E Dunn| Date: Tue, 03 Sep 2019 14:47:23 +0000

A sophisticated and sustained watering hole attack affecting iPhones may have targeted Windows and Android too.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/3wCw5XE352c” height=”1″ width=”1″ alt=””/>

Security Sophos

XKCD forums breached

September 3, 2019 0 Comments bcrypt, breach, correcthorsebatterystaple, Cryptography, data breach, data leak, data loss, hashing, MD5, phpBB, salting, security threats, vulnerability, xkcd

Credit to Author: Lisa Vaas| Date: Tue, 03 Sep 2019 10:17:58 +0000

How did the Correct Horse Battery get Stapled?<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/YDE5xjmhFxY” height=”1″ width=”1″ alt=””/>

Security Sophos

Google throws bug bounty bucks at mega-popular third-party apps

September 2, 2019 0 Comments Android, bug bounties, chrome, data loss, DDPRP, Developer Data Protection Reward Program, extensions, Google, Google Chrome, Google Play, Google Play Security Reward Program, hackerone, Mobile, oauth, security threats, third party apps, vulnerability

Credit to Author: Lisa Vaas| Date: Mon, 02 Sep 2019 10:51:32 +0000

Google’s going to throw more bug bounty money at the problem of nasty apps in its Play Store, it announced on Thursday. In a post from the Android Security & Privacy team’s Adam Bacchus, Sebastian Porst, and Patrick Mutchler , the company said that it’s throwing the security net over not just its own apps, but […]<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/bPMJRaBtj94″ height=”1″ width=”1″ alt=””/>