Apple Credit Card: Not So Secure, nor Private
Apple Card is here. It boasts anti-fraud security features and interesting privacy promises. But is there much that’s new here? Probably not ... Read More
Implanted Medical Devices Can Be Hacked Wirelessly, Warns U.S. Gov’t
Implantable cardioverter defibrillators (ICDs) made by Medtronic are insecure, says the Dept. of Homeland Security. Exploitation is trivial, possible outcomes include the death of the patient. And Medtronic knew about the problem for over a year ... Read More
Did Uber Use Spyware on Rival Taxi Firm? Yes (and No)
“Ride sharing” company stands accused of using spyware to damage a competitor’s business: An Australian taxi startup says Uber poached its drivers by spying on their movements. Uber blames one rogue employee. But some commentators allege it’s not the first time the company’s used dirty tricks to boost its business ... Read More
Ransomware Fighter Lives in Fear for his Life
This hacker hacks the hackers. He reverse-engineers ransomware so that victims can decrypt their files without paying money to criminals. But the polar bear-loving Fabian Wosar lives in hiding at an undisclosed location. It’s all thanks to the threats and abuse he receives from ransomware gangs, which he describes as “the ... Read More
Android Security is a Hot Mess (yet Again)
Google’s Android smartphone platform is under fire again. Hundreds of “legitimate” apps have been infected with malicious third-party libraries—and not for the first time. These apps account for more than 320 million downloads. The so-called SimBad and Operation Sheep SDKs are malicious, according to researchers. They’re able to phish, steal data ... Read More
Citrix Systems Breached ‘for 10 Years by Iran,’ Claims Unknown Infosec Firm
Citrix Systems’ networks were infested with hackers, who stole terabytes of data. So says a security service provider that nobody’s heard of—and which seems to have popped out of nowhere. It was Iran, alleges the dubitable company. And so the mainstream media rush to parrot the unfound finding. But where’s the ... Read More
Chrome Zero-Day RCE: Exploit in the Wild – Patch Now
Google is warning Chrome users to update their browser installations immediately. Previous versions have a nasty security bug that allows remote code execution. And it’s not theoretical: It turns out that this vulnerability was already being exploited before the patch was available. Google is being super-cagey about the exact nature of ... Read More
Uproar Over Facebook 2FA Privacy Violation
Facebook has been caught red-handed again—so say privacy wonks. They accuse Zuckerberg’s crew of misusing phone numbers given to it for use in two-factor authentication. Said wonks say Facebook is sharing the data with Instagram and WhatsApp to secretly link your profiles together. And that it lets miscreants look you ... Read More
