Security researchers recently discovered multiple vulnerabilities within certain Amazon domains that could have allowed an attacker to access sensitive Alexa data, including voice histories and personal data, before they were fixed. A hacker would have also been able to install and remove skills from a targeted...Read more...
If you own a Samsung Galaxy handset that was released in the past six years, do yourself a solid and check for an over-the-air (OTA) software update. Left unpatched, every Galaxy phone dating back to 2014 is vulnerable to a so-called 'zero-click' bug related to Android's handling of the custom Qmage image format...Read more...
Google's Android operating system is the most populous in the world, and is used by hundreds of different smartphone OEMs. That large ecosystem along with OEMs that have varying timetables, resources, and "desire" to keep smartphones updates has led to fragmentation. It's why we see new devices still be announced in...Read more...
For what feels like the umpteenth time this has happened, a string of specific text is causing iOS devices to crash when received, including iPhones, iPads, and Apple Watches. The malicious text is going viral, and as of this writing, has not been addressed with an iOS update (we imagine one will arrive soon). Even...Read more...
Earlier this week, it was reported that a zero-day exploit has been running in the wild that targets the iOS Mail app. First discovered by the researchers at ZecOps, the vulnerability has been labeled as "zero-click" because it allegedly needs no intervention from the user to attack an iPhone or iPad running even the...Read more...
If you're an Apple iPhone or iPad owner that uses the native Mail app for emailing purposes (and that probably includes a marjory of iOS users), we have a word of caution for you. The folks over at ZecOps have uncovered a vulnerability in the app that is currently active in the wild, pending a fix from...Read more...
iPhone users should be aware that there is an unpatched security vulnerability that impacts iOS 13.3.1 and later versions of the operating system (including the newly released iOS 13.4). This unpatched security vulnerability prevents VPN networks from encrypting all traffic and can cause some Internet connections to...Read more...
Earlier this week, we reported that Avast was under fire for its data privacy policies (or lack thereof) for its free antivirus software. Through its subsidiary Jumpshot, Avast sold vast amounts of user data to big name customers like Google and Microsoft (among others).
Although Avast claimed that the data that it...Read more...
In the United Arab Emirates (UAE), popular messaging services that might be used in other parts of the world, like Skype and WhatsApp, are restricted. A homegrown alternative called ToTok was designed and released to the public. It was heavily downloaded in the Middle East and eventually by people all around the world...Read more...
Our homes are increasingly becoming "smarter" with deices like smart speakers, connected light switches, and security cameras that can monitor every inch of your premises. Arlo is looking to give customers a little more piece of mind with home (and package) security with the release of the Arlo Video Doorbell.
The...Read more...
On the same day Apple released an incremental update to iOS 13, the company also issued a notice warning millions of iPhone and iPad users of a security issue that has not yet been resolved. The issue affects third-party keyboard apps in iOS 13 and iOS 13.1, on iPhone, iPad, and iPad touch devices.
"Third-party...Read more...
Many people have been talking about the upcoming iPhone 11’s trypophobia-triggering cameras, but the device’s insides are the real attention grabber. The iPhone 11 will ship with Apple’s new U1 chip. Although the U1 chip’s Ultra Wideband technology will initially be used in a limited capacity, it could potentially...Read more...
Apple apparently has a bit of work to do before it rolls out iOS 13 to the public later this month. The beta release has been available for quite some time now, and a security researcher has discovered a vulnerability on iOS 13 that could potentially expose a user's entire contact information, without ever having to...Read more...
It seems as though we can't escape a single week without hearing about a new widespread security exploit that puts us all at risk. This week, the newly detailed attack taking center stage is called Simjacker, and it was revealed by the folks at AdaptiveMobile Security.
As its name implies, Simjacker works primarily...Read more...
A week ago, Google disclosed findings from its Project Zero Threat Analysis Group, which discovered 14 vulnerability in iOS that were used across five exploit chains. According to Google, the exploits were used over a period of more than two years in a "sustained effort to hack the users of iPhones" by monitoring...Read more...
There are plenty of vulnerabilities in the biometrics that are commonly used for unlocking devices today, including fingerprint readers and Apple's Face ID. Researchers at the Black Hat USA 2019 conference this week demonstrated a new attack that allowed them to bypass a victim's Face ID and login to the user's phone...Read more...
Apple has traditionally been very protective of its iPhone devices and the mechanisms surrounding iOS—just ask the Federal Bureau of Investigation, which has butted heads with the Cupertino company over encryption. Be that as it may, Apple is reportedly set to hand out special iPhone models to security researchers in...Read more...
Love it or hate it, Apple has a tendency of waiting longer than some of its competition to roll out bleeding edge features. One of those is an in-display fingerprint sensor. While the technology is found on some Android devices, analyst Ming-Chi Kuo believes Apple will finally introduce the feature on its iPhone...Read more...
Apple has announced that it has disabled the Apple Watch Walkie Talkie app due to a recently discovered security and privacy vulnerability in the app. Apple didn't give any specifics on the vulnerability, only stating that the flaw could allow a person to listen on another customer's conversation without consent...Read more...
AMD has begun pushing out a firmware fix for its EPYC server processors that addresses the way the chips provide Secure Encrypted Virtualization (SEV). Left unpatched, an attacker could leverage the vulnerability to recover a secure key, which could then be used to access an isolated virtual machine (VM) on a targeted...Read more...
Houston, we have a security issue (you thought we were going to say "problem," didn't you?). Actually, NASA's Jet Propulsion Laboratory (JPL) has several security issues, according to an audit by the Office of Inspector General. Among other things, an examination of JPL's network security controls found that the...Read more...
The revelation that practically every processor made in the past couple of decades is affected by at least one variant of Meltdown and Spectre, the names given to multiple versions of the same general execution vulnerability, shook the tech industry pretty hard. It also led to further discoveries of similar bugs. The...Read more...