Privacy

bitdefender.com

Hacking the iOS/macOS webcam – Apple pays out $75,000 to bug hunter

A vulnerability researcher has received a bug bounty after discovering security holes in Apple’s software that could allow malicious parties to hijack an iPhone or Mac user’s camera and spy upon them.

Read more in my article on the Hot for Security blog.

tripwire.com

Zoom promises to improve its security and privacy as usage (and concern) soars

Having suddenly found itself with a gigantic increase in usage, Zoom was facing a crisis. It risked losing a large amount of the goodwill it had received because of revelations about its less-than-perfect attitude towards security and privacy.

Lets hope it keeps to its word and begins to threat the safety of its users as a priority.

Read more in my article on the Tripwire State of Security blog.

Smashing Security #172: UncleF***Face

Carole details how companies are spying on their stay-at-home workers, Mikko Hyppönen discusses the trustworthiness of video chat apps, and Graham gets embarrassed when he admits he’s bought a Facebook Portal for his in-laws.

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with Graham Cluley and Carole Theriault.

The UK Cabinet is meeting on Zoom… here’s the meeting ID

In case you’ve lost the Zoom meeting ID for today’s UK Cabinet meeting, here it is.

bitdefender.com

Have you patched your IoT devices against the KrØØk Wi-Fi chip flaw?

Unpatched IoT gadgets, smartphones, tablets, laptops, Wi-Fi access points and routers with Broadcom chips are all at risk from the KrØØk vulnerability.

Read more in my article on the Bitdefender BOX blog.

Smashing Security #169: Burglaries, breaches, and bidets

How one guy’s exercise routine made him a burglary suspect, how multi-factor authentication can cause headaches as well as stop hacks, and how Virgin Media got itself in a pickle over its sloppy data security.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

bitdefender.com

Secret-sharing app Whisper failed to keep users’ fetishes and locations private

Security researchers raised the alarm after discovering that hundreds of millions of Whisper users’ intimate messages, tied to their locations, had been left publicly available since the app’s launch in 2012.

Read more in my article on the Hot for Security blog.

Comcast Xfinity published the contact details of 200,000 customers who paid for them to be kept private

Nearly 200,000 customers in the United States, who thought they were paying Comcast Xfinity to keep their information safely out of the public eye, have had their details exposed on the company’s online directory… putting their safety and privacy at risk.

ToTok chat app tells users to ignore Google’s spyware warning

Google is warning users that ToTok is unsafe. ToTok says that users shouldn’t trust Google’s warning…

Secure email service Tutanota complains it is being blocked by AT&T in parts of the United States

Some US users of the Tutanota have been unable to access the secure email service while out and about on their smartphones since the end of January.

The common demoninator? They all use AT&T for their internet access.

Smashing Security #165: Cheapfakes, deepfakes, and Ashley Madison

Wi-Fi hopping malware, the return of Ashley Madison extortion scams, and should social media be doing anything about cheapfakes?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.

Prison inmates’ sensitive data left exposed on leaky cloud bucket

A completely-avoidable data leak has exposed prescription records, mugshots, and other sensitive information related to an unknown number of prison inmates.

Wacom drawing tablets are spying on every app you open, and sending the data back to Wacom

Do you read the privacy policy for your mouse when you install it? Your keyboard? Your drawing board?

Maybe you should… because it might set you off on a journey where you’ll discover surprising things are happening with your private data.

tripwire.com

How your screen’s brightness could be leaking data from your air-gapped computer

It may not be the most efficient way to steal data from an organisation, let alone the most practical, but researchers at Ben-Gurion University in Israel have once again detailed an imaginative way to exfiltrate information from an air-gapped computer.

Read more in my article on the Tripwire State of Security blog.

Twitter security hole allowed state-sponsored hackers to match phone numbers to usernames

Twitter admits to a bug that might have put privacy-conscious users at risk – by revealing what phone numbers are associated with which Twitter accounts.

The autofill email goof that exposed vulnerable students and cost the University of East Anglia £140,000

“Please delete the email we just sent you without opening or reading…”

Yeah, like that’s going to work…