Apple Gives Hackers a Special iPhone—And a Bigger Bug Bounty
Credit to Author: Andy Greenberg| Date: Thu, 08 Aug 2019 21:57:21 +0000
The company’s sometimes rocky relationship with security researchers just got a whole lot smoother.
Read MoreComputer Security Articles
RSS Reader for Computer Security Articles
Security
How a 10-Year-Old Desk Phone Bug Came Back From the Dead
Credit to Author: Lily Hay Newman| Date: Thu, 08 Aug 2019 20:14:54 +0000
Avaya patched a problem hackers could exploit in phones. But the bad code never went away.
Read MoreApple announces a new iPhone (and you can’t have it)
Credit to Author: Jonny Evans| Date: Fri, 09 Aug 2019 06:55:00 -0700
Apple has announced a new iPhone for 2020, but it will only be made available to a select group of security researchers – along with huge bounties to anyone informing the company of a new OS vulnerability.
Probably the world’s most exclusive iPhone
Ivan Krstić, Apple’s head of security engineering provided big insights into Apple’s platform security during his presentation at Black Hat U.S. 2019.
Hidden Algorithm Flaws Expose Websites to DoS Attacks
Credit to Author: Lily Hay Newman| Date: Thu, 08 Aug 2019 18:26:42 +0000
Why throw a bunch of junk traffic at a service when all it takes to stall it out is just a few bytes?
Read MoreHackers Can Break Into an iPhone Just by Sending a Text
Credit to Author: Lily Hay Newman| Date: Wed, 07 Aug 2019 21:07:26 +0000
You don’t even have to click anything.
Read MoreHow AT&T Insiders Were Bribed to ‘Unlock’ Millions of Phones
Credit to Author: Louise Matsakis| Date: Wed, 07 Aug 2019 20:51:25 +0000
One cybersecurity threat that’s proven difficult for wireless carriers to combat? Their own employees.
Read MoreWhy XDR Is A Big Deal, and Is Different from SIEM and Platforms
Credit to Author: Greg Young (Vice President for Cybersecurity)| Date: Thu, 08 Aug 2019 14:30:36 +0000
In Jon Clay’s post, he does a great job of explaining the evolution from EDR to XDR. In short, he explained that Endpoint Detection and Response (EDR) is great, but that having sources of information beyond endpoint is better. The ‘X’ in XDR is essentially ‘many’ or whatever we can add to provide a broader,…
The post Why XDR Is A Big Deal, and Is Different from SIEM and Platforms appeared first on .
Read MoreMany VPN apps on Apple’s App store can’t be trusted, researcher warns
Credit to Author: Jonny Evans| Date: Thu, 08 Aug 2019 05:50:00 -0700
I’m told Apple is at last looking into the privacy and security of free VPN apps made available across its platforms, following a report from researcher, Simon Migliano.
Who owns your VPN service?
The researcher has flagged up several concerns that really should be recognized by anyone choosing a VPN service from both the Apple and Google App Stores:
- Ownership: Migliano claims that almost 60 percent of the most popular VPN apps are actually owned (sometimes opaquely) by Chinese companies.
- Privacy: The researcher also found that as many as 77% of these VPN apps may have what he calls “serious privacy flaws”,including no privacy policy at all, generic policies with no mention of VPN or no detailed logging policy.
- Data protection: Migliano claims Apple is not enforcing its third-party data-sharing ban against VPN apps, with 80 percent of the top free VPN apps “in breach of the rules”, he said. Many are sharing data with third parties, he claims.
That last allegation is particularly concerning.