A security research called Trevor Spiniolas has just published information about a bug he claims has existed in Apple’s iOS operating system since at least version 14.7. The bug affects the Home app, Apple’s home automation software that lets you control home devices – webcams, doorbells, thermostats, light bulbs, and so on – that support Apple’s HomeKit ecosystem. Spiniolas has dubbed the […]

Prevent and Detect Lateral Movement Security and Privacy Preserving for IoT and 5G Networks: Techniques, Challenges, and New Directions 

I specialize in cybersecurity not mental health, so I can’t comment on how this intimacy with a device affects our well-being. But I can say that we must secure any platform that’s always connected, always on, and almost always within inches of our bodies. Let’s take a look at the six threats F-Secure’s Tactical Defense Unit sees most […]

Researchers have demonstrated that someone could use a stolen, unlocked iPhone to pay for thousands of dollars of goods or services, no authentication needed. An attacker who steals a locked iPhone can use a stored Visa card to make contactless payments worth up to thousands of dollars without unlocking the phone, researchers are warning. The […]

If you’ve already listened to this week’s Naked Security Podcast you’ll know that we had finally concluded that iOS 12, the version before the version before the latest-and-greatest iOS 15, which arrived this Monday… …had been dumped forever by Apple. Apple notoriously won’t tell you anything about the security situation in its products unless and until it […]

A user’s personal data can be anything from their user name and email address to their telephone name and physical address. Less obvious forms of sensitive data include IP addresses, log data and any information gathered through cookies, as well as users’ biometric data. Any business whose mobile app collects personal information from users is […]

Their Security Is Awful’ A 21-year-old American said he used an unprotected router to access millions of customer records in the mobile carrier’s latest breach The hacker who is taking responsibility for breaking into T-Mobile US Inc.’s TMUS -1.63% systems said the wireless company’s lax security eased his path into a cache of records with personal details on more than 50 […]

About a month ago, a security researcher revealed what turned out to be zero-day bug in Apple’s Wi-Fi software, apparently without meaning to: Carl Schou, founder of an informal hacker collective known as Secret Club, “created originally as a gag between friends who are passionate about technical subjects”, seems to have been doing what bug-hunters do… […]

By 2027, the global online casino market is predicted to be worth $127.3 billion, growing at a CAGR of 11.5%. The increase in market size is largely due to the growing popularity of not just smartphones and mobile gaming, but also of social platforms that are transforming online games. Already, providers like Tapinator are developing more social casino […]

Last month, my wife was contacted by a phisher, mascaraing as someone from social security. This threat actor made an attempt to obtain her social security number using the threat of fraud investigation to verify her social security number. Because of my background in security, I was able to act quickly to prevent her from […]

Despite thieves regularly finding ways to boost cars by exploiting vulnerabilities in modern keyless locking systems and researchers demonstrating how attackers could fiddle with car settings, the infotainment system, the break system, the steering system, and so on, we’re yet to witness actual safety attacks that resulted in hackers disabling brakes or turning the steering wheel. One of the reasons must surely […]

The Washington Post has published a long story on the unlocking of the San Bernardino Terrorist’s iPhone 5C in 2016. We all thought it was an Israeli company called Cellebrite. It was actually an Australian company called Azimuth Security. Azimuth specialized in finding significant vulnerabilities. Dowd, a former IBM X-Force researcher whom one peer called “the Mozart of exploit […]

COVID-19 has impacted everything over the past year, and mobile app security is no exception. The Synopsys Cybersecurity Research Center (CyRC) took an in-depth look at application security, and discovered just how vulnerable apps that use open source code really are. According to the report, 98% of apps use open source code, and 63% of those apps […]

This isn’t a case of secretive nation-state phone interception methodologies (or spying, as it is often called). It’s not a tale of cybercriminals deliberately trying to listen in to your business discussions so they can divert massive invoice payments or implant ransomware with multi-million dollar blackmail demands. That’s the good news. The bug in this case, discovered by Indian cybersecurity researcher Anand Prakash, […]

Normal day-to-day life was brought to a halt by the COVID-19 pandemic, which greatly impacted the lives of virtually all people worldwide in unprecedented fashion. As people have stayed home and isolated themselves to avoid contracting and spreading the virus, there has been increased reliance on virtual connectivity due to a sharp increase in remote […]

These special ‘research’ iPhones will come with specific, custom-built iOS software with features that ordinary iPhones don’t have. Starting today, the company will start loaning these special research iPhones to skilled and vetted researchers that meet the program’s eligibility. Source: Apple starts giving ‘hacker-friendly’ iPhones to top bug hunters Apple Offering $1 Million Bounty If […]

A researcher has discovered a serious vulnerability in Xiaomi electric scooters. Exploiting the flaw could allow remote attacks on it causing sudden breaks. Source: Vulnerability In Xiaomi Electric Scooters Could Allow Remote Attacks IoT Security DISC InfoSec 🔒 securing the business 🔒 Cyber Security Awareness ↑ Grab this Headline Animator

Metro Bank has become the first major bank to disclose SS7 attacks against its customers, but experts believe it isn’t an isolated case. Source: Metro Bank is the first bank that disclosed SS7 attacks DISC InfoSec 🔒 securing the business 🔒 Mobile network hacking ↑ Grab this Headline Animator

Motherboard has identified a specific UK bank that has fallen victim to so-called SS7 attacks, and sources say the issue is wider than previously reported. Source: Criminals Are Tapping into the Phone Network Backbone to Empty Bank Accounts Mobile Phone Security DISC InfoSec Store