Followups The Reply All podcast released an episode about the Momo panic mentioned on the previous Security Bits — overcast.fm/… Security Medium — Facebook Accidentally Store Passwords in Plain Text Since 2012 Brian Krebs broke this story, and sourced it from “a senior Facebook employee who is familiar with the investigation and who spoke on […]
Continue readingMore TagCategory: Security Bits
Security Bits – 8 March 2019
Followups The on-going Spectre/Meltdown saga Google: Software is never going to be able to fix Spectre-type bugs — arstechnica.com 🇦🇺 Australia’s controversial anti-encryption law: Mozilla fears encryption law could turn its employees into insider threats — nakedsecurity.sophos.com/… FastMail Challenges Australia Encryption Law — www.macobserver.com/… Grey-hat iPhone hackers Cellebrite are back in the news as older […]
Continue readingMore TagSecurity Bits – 22 February 2019
Followup Last time we mentioned that leaks indicated that Microsoft would be doubling their support fee for Windows 7 each after it’s Extended Support Period ends next January, we now have the official details: www.techspot.com/… Extended Security Updates (ESUs) will only be available for business and education customers, and only for 3 years to January […]
Continue readingMore TagSecurity Bits – 8 Feb 2019
🇯🇵 A Correction — Japan is not the next Australia! Last time I briefly mentioned a story about the Japanese government working on proposals to subject foreign companies to their laws. I had only speed-read the article, and assumed it was about defeating users privacy, but I actually had it 180° reversed! Japan wants to […]
Continue readingMore TagSecurity Bits – 25 January 2019
Followups Australia’s controversial anti-encryption law has come into effect — www.macobserver.com/… Sprint to Stop Selling Location Data to Third Parties After Motherboard Investigation — motherboard.vice.com/…
Continue readingMore TagSecurity Bits – 11 January 2019
Followups CastHack Hackers hijack thousands of ChromeCasts to warn of latest security bug — techcrunch.com/… https://nakedsecurity.sophos.com/2019/01/04/dont-fall-victim-to-the-chromecast-hackers-heres-what-to-do/ — nakedsecurity.sophos.com/… Marriott now admits over 5 million passport numbers were stolen in their recent data breach — www.macobserver.com/… The first segment on episode 120 of the Checklist podcast by Secure Mac covers the convincing new phone scams targeting […]
Continue readingMore TagSecurity Bits – 3 Jan 2019
Notable Security Updates Microsoft released an emergency fix for an IE Zero-day — krebsonsecurity.com/… Logitech have released a critical security update for their Logitech Options app (used to configure some of their devices). Unfortunately the fix was two days too late, coming two days after Project Zero released details of the bug (time was up) […]
Continue readingMore TagSecurity Bits – 14 December 2018
Followup Bloomberg’s controversial The Big Hack story SuperMicro released the results of an independent audit which found no evidence of hardware or software tampering on its motherboards — www.reuters.com/… & arstechnica.com/… The Marriott Breach Marriott Data Breach Is Traced to Chinese Hackers as U.S. Readies Crackdown on Beijing — www.nytimes.com/… An interesting related opinion piece […]
Continue readingMore TagSecurity Bits – 24 November 2018
Notable Security Updates Adobe have issued an emergency patch for a critical bug in Flash — nakedsecurity.sophos.com/… Patch Skype for Business now or risk DoS via emoji kittens! — nakedsecurity.sophos.com/… Update now! Dangerous AMP for WordPress plugin fixed — nakedsecurity.sophos.com/… Microsoft pulls Office patches that are causing application crashes. Office365 users don’t need to take […]
Continue readingMore TagSecurity Bits – 15 November 2018
Followups 1 — The Windows 10 Fall 2018 has been Re-released After having to withdraw the update due to a bug that led to accidental file deletions in a very small number of edge cases, Microsoft have now released a fixed version — arstechnica.com/…
Continue readingMore Tag