Your Android’s accelerometer could be used to eavesdrop on your calls

Credit to Author: Danny Bradbury| Date: Tue, 23 Jul 2019 10:13:08 +0000

Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/XizfSFAizIQ” height=”1″ width=”1″ alt=””/>

Read more

Android P in depth: An up-close look at what's new with security

Credit to Author: JR Raphael| Date: Thu, 08 Mar 2018 08:58:00 -0800

Google is slowly pulling back the curtains on its next-gen Android P release. Yesterday, we got our first glimpse at a work-in-progress, developer-focused preview of the software — and today, we’re getting a closer look at what exactly is new when it comes to Android P and the ever-evolving subject of Android security.

I had the chance to chat with Xiaowen Xin, Google’s Android platform security product manager, about some of the significant changes on the way with Android P. Here’s the inside scoop on what you can expect:

To read this article in full, please click here

Read more

Why Linux is better than Windows or macOS for security

Credit to Author: Dave Taylor| Date: Tue, 06 Feb 2018 03:31:00 -0800

Enterprises invest a lot of time, effort and money in keeping their systems secure. The most security-conscious might have a security operations center. They of course use firewalls and antivirus tools. They probably spend a lot of time monitoring their networks, looking for telltale anomalies that could indicate a breach. What with IDS, SIEM and NGFWs, they deploy a veritable alphabet of defenses.

But how many have given much thought to one of the cornerstones of their digital operations: the operating systems deployed on the workforce’s PCs? Was security even a factor when the desktop OS was selected?

This raises a question that every IT person should be able to answer: Which operating system is the most secure for general deployment?

To read this article in full, please click here

Read more

Apple apologizes, issues Mac login security patch

Credit to Author: Jonny Evans| Date: Wed, 29 Nov 2017 09:33:00 -0800

With great apology, Apple has rushed to respond to the appalling macOS High Sierra security flaw, issuing a software update that has been made immediately available for download and will be automatically installed in existing Macs.

‘We greatly regret’

Apple has shared the following statement:

“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

“When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra. 

To read this article in full, please click here

Read more

What to do about Apple’s shameful Mac security flaw (updated)

Credit to Author: Jonny Evans| Date: Wed, 29 Nov 2017 04:13:00 -0800

Complacency and incompetence are the biggest computer security threats, and Apple’s latest Mac security flaw seems to combine both of these. The flaw means anyone with physical access to your Mac can get inside the machine and tinker with it.

UPDATE (29 November  9:30am PDT): Apple has issued an apology and a patch to rectify this problem, more details here.

What’s the problem with macOS High Sierra?

The problem (which first got disclosed here) was first revealed in a Tweet by Lemi Orhan Ergin, who wrote:

To read this article in full, please click here

Read more

What to do about Apple’s shameful Mac security flaw

Credit to Author: Jonny Evans| Date: Wed, 29 Nov 2017 04:13:00 -0800

Complacency and incompetence are the biggest computer security threats, and Apple’s latest Mac security flaw seems to combine both of these. The flaw means anyone with physical access to your Mac can get inside the machine and tinker with it.

What’s the problem?

The problem (which first got disclosed here) was first revealed in a Tweet by Lemi Orhan Ergin, who wrote:

Read more

IDG Contributor Network: September Patch Tuesday brings critical updates for Window, Edge and .NET

Credit to Author: Greg Lambert| Date: Wed, 13 Sep 2017 11:00:00 -0700

September brings a relatively large patch profile for Microsoft with 76 reported vulnerabilities, three public disclosures (thank you, Google) and unfortunately one zero day exploit. You used to be worried about browsers and Flash, now we have a publicly exploited vulnerability for augmented reality (AR) with a fix for Microsoft’s HoloLens headset.

For this September Patch Tuesday, Microsoft is only shipping security updates with patches to the following product groups:

Read more

8 steps to install Windows 10 patches like a pro

Credit to Author: Woody Leonhard| Date: Wed, 16 Aug 2017 12:07:00 -0700

Read more