Deep Dive — Critical Android Base-Band Vulnerabilities❗ TL;DR: this is bad — remote code execution without user interaction over the cellular network, combined with the usual level of security confusion that goes with Android’s model. Unless your Android device is on the list of known-patched devices, or unless your vendor has explicitly announced that they […]
Continue readingTag: vulnerabilities
Security Bits — 5 Feb 2023
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Anker admits that Eufy cameras were never encrypted — appleinsider.com/… Apple have released their support for hardware Fido tokens for iCloud 2FA — sixcolors.com/… Editorial by Bart: remember that this feature comes with a […]
Continue readingSecurity Bits — 25 September 2022
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 Google have gotten SEC approval to pilot their controversial political ad spam by-pass feature with a limited number of campaigns in this year’s US mid-term elections — appleinsider.com/… 🇺🇸 The recent revelations of […]
Continue readingSecurity Bits — 3 August 2022
❗ Action Alerts Calls to action, if any stories in this section are relevant to you there is some action you should take. SAMBA have patched a critical bug in their open source implementation of Microsoft’s Active Directory, if you use SAMBA, patch ASAP! — nakedsecurity.sophos.com/… The commonly used open source crypto library GnuTLS has […]
Continue reading
NC #890 Choosing a VPN, Security Bits with Bart Busschots
Hi, this is Allison Sheridan of the NosillaCast Apple Podcast, hosted at Podfeet.com, a technology geek podcast with an EVER so slight Apple bias. Today is Sunday, May 29, 2022, and this is show number 890. mp3 download June 6th is the WWDC Keynote, and as always, Steve and I will be in the live […]
Continue readingSecurity Bits — 9 January 2022
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Log4Shell (Log4J): Log4Shell-like security hole found in popular Java SQL database engine H2 — nakedsecurity.sophos.com/… 🇺🇸 FTC threatens “legal action” over unpatched Log4j and other vulns — nakedsecurity.sophos.com/… 🇬🇧 Meta (né Facebook) have decided […]
Continue readingSecurity Bits — 1 October 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇫🇷 Pegasus spyware found on 5 French cabinet members’ phones — www.intego.com/… Social Media Developments: Facebook pauses Instagram Kids development following widespread concerns — www.imore.com/… YouTube Is Banning Prominent Anti-Vaccine Activists and Blocking All […]
Continue readingSecurity Bits — 11 July 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. The Western Digital story from last time has continued to evolve: More devices are affected: Another 0-Day Looms for Many Western Digital Users – Krebs on Security — krebsonsecurity.com/… But there have also been […]
Continue readingSecurity Bits — 21 March 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. An interesting timeline of the Microsoft Exchange mega-attack discussed last time (Editorial by Bart: it really begs the question ‘what took Microsoft so long?’) — krebsonsecurity.com/… Bloomberg Report that when Parler (the social media […]
Continue readingSecurity Bits — 6 December 2020
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Social Media companies continue to work to curb abuses on their platforms: Twitter will soon show a warning when you try to like a misleading tweet — www.imore.com/… 🇰🇷 Facebook continues to run afoul […]
Continue reading