A week in security (March 4 – 11)

Credit to Author: Malwarebytes Labs| Date: Mon, 11 Mar 2019 15:47:27 +0000

A roundup of cybersecurity news from March 4–11, including a Chrome zero-day, Labs’ data privacy report, news from RSA, and more.

Categories:

Tags:

(Read more…)

The post A week in security (March 4 – 11) appeared first on Malwarebytes Labs.

Read more

Apples Kam­­pf gegen Piraten-App-Entwickler: 2FA als Heilsbringer?

Credit to Author: Jörg Schindler| Date: Thu, 21 Feb 2019 09:53:37 +0000

Apple will seine Entwickler dazu verpflichten, eine Zwei-Faktor-Authentisierung (2FA) zu verwenden, um dem Handel mit Entwicklerzertifikaten und damit einem Einfallstor für schadhafte Apps entgegenzuwirken.   Es ist noch nicht lang her, dass sich die beiden Giganten Apple und Facebook über eine App Namens „Facebook Research“ in den Haaren lagen. Diese Applikation war nicht für den generellen [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/mcuA5wiUNdY” height=”1″ width=”1″ alt=””/>

Read more

Apple is learning why shortcut security is a bad idea

Credit to Author: Evan Schuman| Date: Wed, 20 Feb 2019 11:00:00 -0800

When Apple launched its enterprise developer certificate program — which helps enterprises make their homegrown apps for employee use-only available through iTunes — it had to make a difficult convenience-vs.-security decision: how much hassle to put IT managers through to get their internal apps posted. It chose convenience and, well, you can guess what happened.

Media reports say pirate developers used the enterprise program to improperly distribute tweaked versions of popular apps — including Spotify, Angry Birds, Pokemon Go and Minecraft — while others used the platform to distribute porn apps along with real-money gambling apps. And all the bad guys had to do was lie to Apple reps about being associated with legitimate businesses. Apple didn’t bother to investigate or otherwise verify the answers.

To read this article in full, please click here

Read more

A week in security (February 4 – 8)

Credit to Author: Malwarebytes Labs| Date: Mon, 11 Feb 2019 17:05:33 +0000

A roundup of security news from February 4 – 8, including Facebook’s secure messaging integration, Google’s changes to URLs, a scam involving the Kindle store and John Wick, and more.

Categories:

Tags:

(Read more…)

The post A week in security (February 4 – 8) appeared first on Malwarebytes Labs.

Read more

Merging Facebook Messenger, WhatsApp, and Instagram: a technical, reputational hurdle

Credit to Author: davidruiz| Date: Thu, 07 Feb 2019 16:53:35 +0000

Facebook’s plan to integrate secure messaging across Messenger, WhatsApp, and Instagram will demand technical know-how and a fierce commitment to user privacy.

Categories:

Tags:

(Read more…)

The post Merging Facebook Messenger, WhatsApp, and Instagram: a technical, reputational hurdle appeared first on Malwarebytes Labs.

Read more

Apple pulls Facebook enterprise certificate

Credit to Author: Christopher Boyd| Date: Thu, 31 Jan 2019 16:44:03 +0000

After an app using an internal-only certificate from Facebook made its way into the outside world, Apple has responded by pulling Facebook’s developer certificate with immediate consequences for the social media giant.

Categories:

Tags:

(Read more…)

The post Apple pulls Facebook enterprise certificate appeared first on Malwarebytes Labs.

Read more