Don’t panic, but a bug has been found in FaceTime that could allow someone to spy on your conversation - and even see through your iPhone’s front-facing camera - before you answer an incoming call.
Archive | Mobile
Twitter exposed some Android users’ protected tweets, and didn’t notice for over four years
Twitter has owned up to a privacy goof that exposed some Android users’ private tweets.
Earn $2,000,000 by remotely jailbreaking an iPhone
Will anyone come up with a zero-day remote exploitation of iOS 12.x without user interaction?
The sad truth is that we may never know for sure… but intelligence agencies might.
Unlocking Android phones with a 3D-printed head
Forbes journalist Thomas Brewster wanted to find out just how well a variety of Android phones and a top-of-the-range Apple iPhone would fare against a determined attempt to break facial recognition. And he did that by having a 3D-model printed of his head.
Read more in my article on the Tripwire State of Security blog.
Fitness-tracking apps caught misusing Touch ID to steal money from iPhone users
Two iOS fitness apps have been found exploiting a sneaky user interface trick to fool users into making unwanted in-app purchases with Touch ID.
More details on One Planet York app vulnerability don’t paint council in a good light
New information has come to light which makes it more difficult to defend York city council’s actions and communications in response to being told about a vulnerability in its One Planet York app.
Did UK city council over-react to a vulnerability report in its recycling app or not?
Some in the computer security community feel that the council over-reacted by reporting the incident to the police.
I’m not so sure.
SIM swap! Man charged after million dollar cryptocurrency theft
Prosecutors believe 21-year-old Manhattan resident Nicholas Truglia targeted the cellphones of Silicon Valley executives in “SIM-swapping” attacks.
Read more in my article on the Tripwire State of Security blog.
PODCASTSmashing Security #103: An Instagram nightmare, crazy iPhone deaths, and election hack claims
One travel blogger finds you don’t have to be Kylie Jenner to be targeted by an Instagram hacker. When 40 iPhones at a hospital mysteriously die, what could be the explanation? And, surprise surprise, political parties in the USA are throwing around hacking accusations.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Naked Security’s Mark Stockley.
Police crack encrypted chat service IronChat and read 258,000 messages from suspected criminals
Dutch police have revealed that they were able to spy on the communications of more than 100 suspected criminals, watching live as over a quarter of a million chat messages were exchanged.
Read more in my article on the Hot for Security blog.
Yes, you should update your iPhone to iOS 12.1, but its lock screen is *still* unsafe
The latest iOS passcode bypass bug appears to have been introduced by Apple’s new Group Facetime feature.
Read more in my article on the Hot for Security blog.
000000 is Kanye West’s iPhone passcode
You can bet mischievous hackers are right now trying to crack into Kanye West’s online accounts with equally diabolical passwords.
Even with the latest iOS 12 update, your iPhone’s lockscreen is unsafe
Once again, a way of bypassing the iPhone’s passcode lock to expose users’ photos and contacts has been discovered.
Read more in my article on the Hot for Security blog.
How to crash and restart an iPhone with a CSS-based web attack
A security researcher has revealed a method of crashing and restarting iPhones and iPads, with just a few lines of code that could be added to any webpage.
Read more in my article on the Hot for Security blog.
Air Canada admits app data breach included customers’ passport details
All 1.7 million users of Air Canada’s mobile app have had their passwords reset by the company following a security breach which saw hackers compromise up to 20,000 accounts last week.
Read more in my article on the Hot for Security blog.
Fortnite fury over how Google handled its security hole
Epic Games isn’t happy about how Google handled the disclosure of the serious security vulnerability in Fortnite.
