Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Another defeat for the NSO group: πΊπΈ U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp β thehackernews.com/β¦ πΊπΈ Microsoft have finally followed through on their promise to the US […]
Continue readingCategory: Security Bits
Security Bits β 18 February 2024
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. It’s not just in Google Search Results that malicious ads are getting through ATM: Facebook ads push new Ov3r_Stealer password-stealing malware β www.bleepingcomputer.com/β¦ (The lure is different though, job ads with malicious PDF downloads, […]
Continue readingSecurity Bits β 4 February 2024
<li>## Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Apple have released iOS 17.3, which includes the new Stolen Device Protection mode designed to thwart the recent spike in iPhone thefts by thieves who have observed or socially engineered passcodes allowing them […]
Continue readingSecurity Bits β 21 January 2024
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. We warned about this then-unpatched flaw a few weeks ago, now there’s a fix: Apple patches security flaw that allowed Magic Keyboard Bluetooth connections to be faked β appleinsider.com/β¦ Kaspersky have developed and released […]
Continue readingSecurity Bits β 3 January 2024 (Bart & Jill from the North Woods)
Deep Dive β Operation Triangulation TL;DR β Kaspersky labs have discovered that they, and Russian government officials, were targeted by very advanced iOS malware that completely took over iOS devices for the last 4 years. Apple have patched all the exploited vulnerabilities, regular users were not targeted, and Kaspersky say there is not enough evidence […]
Continue readingSecurity Bits β 26 November 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. The recent wave of malicious Google ads targeting software downloads continues, this time it’s malicious versions of the popular Secure FTP client WinSCP β thehackernews.com/β¦ β Action Alerts Calls to action, if any stories […]
Continue readingSecurity Bits β 12 November 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Attackers continue to succeed in getting Google to host their malicious ads: Google ads push malicious CPU-Z app from fake Windows news site β www.bleepingcomputer.com/β¦ A final twist in the SolarWinds mega-hack saga: SEC […]
Continue readingSecurity Bits β 29 October 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Passkeys continue to roll out: Google Adopts Passkeys as Default Sign-in Method for All Users β thehackernews.com/β¦ Amazon adds passkey support as new passwordless login option β www.bleepingcomputer.com/β¦ Deep Dive 1 β iLeakage TL;DR […]
Continue readingSecurity Bits β 17 September 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. UK backs down from nonsensical law after threats from Apple, WhatsApp β appleinsider.com/β¦ (in a dishonest way, but better than nothing) Deep Dive β LastPass Vaults are Being Cracked (Follow the Money!) It was […]
Continue readingSecurity Bits β 3 September 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. An excellent overview of the NightOwl saga we mentioned last time: Did the NightOwl app really join Macs to a botnet army? β www.intego.com/β¦ A fresh campaign has been launched to try pressure Apple […]
Continue reading