Credit to Author: Danny Bradbury| Date: Tue, 23 Jul 2019 10:13:08 +0000
Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/XizfSFAizIQ” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: JR Raphael| Date: Thu, 08 Mar 2018 08:58:00 -0800
Google is slowly pulling back the curtains on its next-gen Android P release. Yesterday, we got our first glimpse at a work-in-progress, developer-focused preview of the software — and today, we’re getting a closer look at what exactly is new when it comes to Android P and the ever-evolving subject of Android security.
I had the chance to chat with Xiaowen Xin, Google’s Android platform security product manager, about some of the significant changes on the way with Android P. Here’s the inside scoop on what you can expect:
Credit to Author: Dave Taylor| Date: Tue, 06 Feb 2018 03:31:00 -0800
Enterprises invest a lot of time, effort and money in keeping their systems secure. The most security-conscious might have a security operations center. They of course use firewalls and antivirus tools. They probably spend a lot of time monitoring their networks, looking for telltale anomalies that could indicate a breach. What with IDS, SIEM and NGFWs, they deploy a veritable alphabet of defenses.
But how many have given much thought to one of the cornerstones of their digital operations: the operating systems deployed on the workforce’s PCs? Was security even a factor when the desktop OS was selected?
This raises a question that every IT person should be able to answer: Which operating system is the most secure for general deployment?
Credit to Author: Jonny Evans| Date: Wed, 29 Nov 2017 09:33:00 -0800
With great apology, Apple has rushed to respond to the appalling macOS High Sierra security flaw, issuing a software update that has been made immediately available for download and will be automatically installed in existing Macs.
Apple has shared the following statement:
“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
“When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
Credit to Author: Jonny Evans| Date: Wed, 29 Nov 2017 04:13:00 -0800
Complacency and incompetence are the biggest computer security threats, and Apple’s latest Mac security flaw seems to combine both of these. The flaw means anyone with physical access to your Mac can get inside the machine and tinker with it.
UPDATE (29 November 9:30am PDT): Apple has issued an apology and a patch to rectify this problem, more details here.
The problem (which first got disclosed here) was first revealed in a Tweet by Lemi Orhan Ergin, who wrote:
Credit to Author: Jonny Evans| Date: Wed, 29 Nov 2017 04:13:00 -0800
Complacency and incompetence are the biggest computer security threats, and Apple’s latest Mac security flaw seems to combine both of these. The flaw means anyone with physical access to your Mac can get inside the machine and tinker with it.
The problem (which first got disclosed here) was first revealed in a Tweet by Lemi Orhan Ergin, who wrote:
Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as “root” with empty password after clicking on login button several times. Are you aware of it @Apple?
Credit to Author: Greg Lambert| Date: Wed, 13 Sep 2017 11:00:00 -0700
September brings a relatively large patch profile for Microsoft with 76 reported vulnerabilities, three public disclosures (thank you, Google) and unfortunately one zero day exploit. You used to be worried about browsers and Flash, now we have a publicly exploited vulnerability for augmented reality (AR) with a fix for Microsoft’s HoloLens headset.
For this September Patch Tuesday, Microsoft is only shipping security updates with patches to the following product groups:
Browsers (IE and Edge)
To read this article in full or to leave a comment, please click here
Credit to Author: Woody Leonhard| Date: Wed, 16 Aug 2017 12:07:00 -0700
