Deep Dive — You Probably Want to Avoid Microsoft Recall, at Least for Now! At their recent Build developers conference Microsoft announced a new line of ARM-based laptops with built-in AI chips branded as Copilot+ PCs, with one of the headline features being Recall. The idea is that Recall will constantly monitor everything you do […]
Continue readingMore TagCategory: Security Bits
Security Bits — 2024 May 26
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Attackers are continuing to compromise Google ads, and they’re now targeting apps in the news as well as developer & sysadmin tools: Arc browser’s Windows launch targeted by Google ads malvertising — www.bleepingcomputer.com/… Ransomware […]
Continue readingMore TagSecurity Bits — 12 May 2024
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇪🇺 Quick Digital Markets Act update: The first 3rd-party iOS app store in the EU has gone live – AltStore PAL by Riley Testut — rileytestut.com/… EU Labels iPadOS as a Gatekeeper and Orders […]
Continue readingMore TagSecurity Bits — 28 April 2024
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Glen Fleishmann outlines some ways in which Google’s Find My Device network is actually a little more privacy-preserving than Apple’s Find My network (and one nasty sting in the tail that makes it a […]
Continue readingMore TagSecurity Bits — 14 April 2024
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. An excellent writeup detailing the fascinating story of the XZUtils compromise we discussed last time — arstechnica.com/… (Editorial by Bart: Definitely one of the nearest misses we’ve had in the supply chain for some […]
Continue readingMore TagSecurity Bits — 31 March 2024
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Watering hole attacks targeting Python developers are continuing, with attacks targeting the PyPi package repo getting so bad the site has temporarily suspended new account signups — www.bleepingcomputer.com/… Attackers are continuing to succeed in […]
Continue readingMore TagSecurity Bits — 17 March 2024 ☘️
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Ransomeware-related developments: The apparent return of the BlackCat ransomeware gang after their recent law enforcement take-down appears to have been short-lived, with the group collapsing with an apparent exit scam: BlackCat Ransomware Group Implodes […]
Continue readingMore TagSecurity Bits — 3 March 2024
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Another defeat for the NSO group: 🇺🇸 U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp — thehackernews.com/… 🇺🇸 Microsoft have finally followed through on their promise to the US […]
Continue readingMore TagSecurity Bits — 18 February 2024
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. It’s not just in Google Search Results that malicious ads are getting through ATM: Facebook ads push new Ov3r_Stealer password-stealing malware — www.bleepingcomputer.com/… (The lure is different though, job ads with malicious PDF downloads, […]
Continue readingMore TagSecurity Bits — 4 February 2024
<li>## Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Apple have released iOS 17.3, which includes the new Stolen Device Protection mode designed to thwart the recent spike in iPhone thefts by thieves who have observed or socially engineered passcodes allowing them […]
Continue readingMore Tag