Thousands of GM workers are on strike, a bug exposed the popular password manager LastPass, and the Air Force is daring hackers to take down an orbiting satellite.You can sign up right here to make sure you get the news delivered fresh to your inbox every weekday!
"If you want to compromise an iPhone, these are the best ways to do it," says independent security researcher Linus Henze of the two apps.
But that is exactly what happened this week , when a father of this era of automated vehicle technology, the former Uber and Waymo engineer Anthony Levandowski, was indicted on federal charges of trade secret theft.
The idea is to that, like the old Beetles enthusiasts turned into dune buggies, today’s electrics can become just about anything.“In the 1960s people took the Beetle and built onto it, including most famously dune buggies like the Meyers Manx.”.
A Voracious Vineyard-Killer, Apple's Siri Snoopers, and More News. An invasive bug is destroying vineyards at an alarming rate, Apple contractors are listening to your Siri conversations, and we've got the earbuds for your next workout.
The effects have been devastating for the Pennsylvania wine industry , where some growers have reported a 90 percent grape loss due to lanternfly damage.
A Critical Device Hack, China's Social Credit, and More News. A bug is allowing hackers remote access to medical devices, China's social credit score is not actually that dystopian, and we've got a fun robot for kids.
According to Cavallarin, Apple said it would fix the problem by mid-May. When the company still hadn’t done so by the time a standard 90-day disclosure deadline had passed, Cavallarin went public, publishing a full description and proof-of-concept code on May 24.
Security News This Week: Hackers Used Two Firefox Zero Days to Hit a Crypto Exchange. The first zero-day made headlines midweek when Mozilla confirmed that it had patched a bug which would allowed hackers to gain remote access to a Firefox browser and execute code.
But 12-year-old Joshua Hill didn't have an iMac. To take advantage of all the new connectivity from his parents' mid-'90s Mac Performa, he needed a modem that would plug into the computer through one of its chunky "serial" ports.
When security researcher Rob Graham scanned the entire public internet for BlueKeep-vulnerable machines on Monday, using a tool he built, he found that 923,671 machines hadn't been patched, and were thus still exposed to any potential worm.
It happened again: Google announced today that it's the latest tech giant to have accidentally stored user passwords unprotected in plaintext. But a bug in G Suite's password recovery feature for administrators caused unprotected passwords to be stored in the infrastructure of a control panel, called the admin console.
It just got even harder: On Thursday, following a report by Krebs on Security, Facebook acknowledged a bug in its password management systems that caused hundreds of millions of user passwords for Facebook, Facebook Lite , and Instagram to be stored as plaintext in an internal platform.
But Toshin points out that attackers could also use the bug to gain inappropriate device access by tricking users into clicking a malicious link that would then open through Android's Instant App feature.
So like clockwork, 94 days after Google alerted Apple to a bug in its MacOS operating system that could allow malware to inject data into the most privileged code running on its computers, Mountain View's hackers are revealing that fresh zero-day vulnerability to the world.
This Viral Therapy Could Help Us Survive the Superbug Era Dennis Kunkel/Science Source In November 2015, infectious disease epidemiologist Steffanie Strathdee and her husband, evolutionary psychologist Tom Patterson, were spending the week of Thanksgiving exploring pyramids and pharaoh’s tombs in Egypt when Patterson came down with what seemed like a nasty bout of food poisoning aboard their cruise ship.
When security threatens that, then it becomes a priority, so win-win." "It seems inexcusable that Apple allows this and many other bugs to make it into production code." Patrick Wardle, Digita Security The bug stemmed from a logic issue with FaceTime's group calling feature, which Apple introduced at the end of 2018 as part of launching its new iOS 12 mobile operating system.
President Trump's son caught flack from the internet last week for referring to Saturday Night Live as "S&L." Drew Angerer/Getty Images OK, where to begin? What Happened: Donald Trump Jr. maybe doesn't know what Saturday Night Live is, or at least maybe doesn't fully understand the name of the NBC show.
Apple Takes Drastic Measures to Stop a Nasty FaceTime Bug Group FaceTime chats let people eavesdrop on whoever they called, a bug so bad that Apple pulled the plug until it comes up with a fix.
While a hacker gaining access to bank account numbers and unencrypted passwords would certainly qualify, privacy lawyers say that photos exposed through an API to developers seems like legitimately murkier territory."There’s a lot of anger and finger pointing and frustration about how do we still have security bugs and privacy bugs, and how are these things still happening?"Alex Rice, HackerOneMeanwhile, Facebook has yet to fully resolve the issue.
Facebook wanted to make it clear that researchers shouldn't breach user data in the process of finding problems, but they should submit more nuanced types of data misuse reports whenever it was possible to document these complex interactions safely.Striking this balance is more challenging than it may initially seem, according to Alex Rice, CTO of the bug bounty development organization HackerOne. Rice consulted on Facebook's bug bounty when it launched in 2011, and says he was impressed to see it expand to accept privacy and third-party reports this year.
And while the company's response to this Google+ exposure was quick and thorough, Google has had ample practice on privacy incident response this year alone."This didn't impact passwords or financial data, but it did give the ability to extract large amounts of information like email addresses and profile data," says David Kennedy, CEO of the penetration testing and incident response consultancy TrustedSec.