Malware installs Signal as part of scheme to steal Mac users’ banking credentials

The new OSX/Dok Mac malware is mysteriously pushing the Signal private-messaging app onto victims’ mobile devices as part of a scheme to steal their banking credentials.

David Bisson reports.

Smashing Security podcast #032: The iPhone 8, a data breach at the AA, and a mystery no show

The iPhone 8 is on its way and may use 3D facial recognition rather than a fingerprint sensor to lock out intruders, and the UK’s Automobile Association claims it hasn’t leaked any credit card data, so why is it getting so upset about security researchers publishing screenshots of leaked data?

All this and more is discussed in the latest edition of the “Smashing Security” podcast. Check it out now!

Google and Apple should do more to fight phone scammers, says researcher

Technology companies like Google and Apple should be doing more to protect users against phone scammers, says one security researcher.

Remember to always exercise caution around text messages and phone calls delivered from unknown numbers.

David Bisson reports.

Watch out! Scammers are making a fortune in the iOS App Store

Just how much money can a scammy iPhone app make in the iOS App Store?

You may be surprised. After all, how does $80,000 per month sound to you?

Read more in my article on the Hot for Security blog.

Fraud ring that resold customers’ Apple data busted by Chinese police

Chinese authorities have busted up a fraud ring accused of stealing customers’ Apple information and selling it online.

David Bisson reports.

How to remove all your cookies, cached data, and browsing history from Safari

David Bisson explains how Safari users can clear their caches, browsing history, and cookies for better privacy.

Apple users advised to update their software now, as new security patches released

Welcome to the post-WannaCry world, where every computer user understands the importance of creating secure backups and applying security patches in a timely fashion.

Read more in my article on the We Live Security blog.

Chrome, Firefox, and Opera users vulnerable to Unicode domain phishing attacks

Attackers can evade a security mechanism and abuse Unicode domains to phish for the login credentials of Chrome, Firefox, and Opera users.

David Bisson reports.

Scareware scammers lock iOS Safari to extort ransom from users

Extortionists have locked iPhone users’ browsers with infinite pop-ups in an attempt to scare users into paying up.

David Bisson reports.

Apple underwhelmed by latest CIA exploits revealed by WikiLeaks

WikiLeaks’s revelations about security vulnerabilities in Apple products appear to be a damp squib.

Read more in my article on the We Live Security blog.

Apple: If hackers have our customers’ passwords, they didn’t steal them from us

Apple reassures worried customers that it has not suffered a security breach, as hackers threaten to remotely wipe users’ devices.

Read more in my article on the Hot for Security blog.

Hackers claim they will wipe iPhones and iCloud accounts unless Apple pays ransom

A group of hackers are allegedly threatening to remotely wipe millions of iPhones and iCloud accounts, unless Apple agrees to pay a ransom by April 7th.

Read more in my article on the Hot for Security blog.

Proof-of-concept confirms Nintendo Switch videogame console vulnerable to WebKit exploit

A researcher has published a proof-of-concept (POC) confirming that the Nintendo Switch system is vulnerable to an exploit that could allow the playing of pirated games and homebrew projects.

David Bisson reports.

Movie night? Nope. It’s a fake iTunes receipt from phishers targeting Apple users

Beware fake iTunes receipts for movies you haven’t purchased. When you try to dispute the purchase, you might find you’re handing online criminals your personal information.

David Bisson reports.

Barely 1% of Android users are running Nougat, as Apple shows how to update devices properly

In a world where we are increasingly using our smartphones to do business, make purchases and communicate with our friends and family it’s important to recognise that sensible security doesn’t start and end on your desk – it begins in your pocket.

Read more in my article on the Hot for Security blog.

Smashing Security podcast: Macs and malware

Check out the latest special “splinter” episode of the “Smashing Security” podcast – where Vanja Svajcer, Carole Theriault and I discuss Mac malware. Take a listen, and let me know what you think.