An iOS bug in AirDrop let anyone temporarily lock-up nearby iPhones

Apple has fixed a bug in iOS 13.3, out today, which let anyone temporarily lock users out of their iPhones and iPads by forcing their devices into an inescapable loop. Kishan Bagaria found a bug in AirDrop, which lets users share files from one iOS device to another. He found the bug let him repeatedly…

Is your startup protected against insider threats?

Employees are one of your biggest assets, but human beings are the weakest link in the security chain Zack Whittaker @zackwhittaker / 8 hours We’ve talked about securing your startup, the need to understand phishing risks and how not to handle a data breach. But we haven’t yet discussed one of the more damaging threats that…

‘Plundervolt’ attack breaches chip security with a shock to the system

Today’s devices have been secured against innumerable software attacks, but a new exploit called Plundervolt uses distinctly physical means to compromise a chip’s security. By fiddling with the actual amount of electricity being fed to the chip, an attacker can trick it into giving up its innermost secrets. It should be noted at the outset…

Over 750,000 applications for US birth certificate copies exposed online

An online company that allows users to obtain a copy of their birth and death certificates from U.S. state governments has exposed a massive cache of applications — including their personal information. More than 752,000 applications for copies of birth certificates were found on an Amazon Web Services (AWS) storage bucket. (The bucket also had…

RaySecur, a mailroom security startup, raises $3M in seed funding

Raysecur says at least ten times a day someone sends a suspicious package containing powder, liquid, or some other kind of hazard. The Boston, Mass.-based startup says its desktop-sized 3D real-time scanning technology, dubbed MailSecur, can intercept and detect threats in the mailroom before they ever make it onto the office floor. Mailroom security may…

Reddit links UK-US trade talk leak to Russian influence campaign

Reddit has linked account activity involving the leak and amplification of sensitive UK-US trade talks on its platform during the ongoing UK election campaign to a suspected Russian political influence operation. Or, to put it more plainly, the social network suspects that Russian operatives are behind the leak of sensitive trade data — likely with…

After criticism, Homeland Security drops plans to expand airport face recognition scans to US citizens

Homeland Security has confirmed it will not expand face recognition scans to U.S. citizens arriving and departing the country, days after it emerged the agency proposed making the scans for citizens mandatory. The department, whose responsibility is border protection and immigration checks, said in a government filing that it it wanted to “amend the regulations to…

Apple says its ultra wideband technology is why newer iPhones appear to share location data, even when the setting is disabled

This week, security reporter Brian Krebs asked why the newest iPhone 11 Pro appeared to be sending out a user’s location even when the user disabled Location Services in their phone’s settings, in conflict with Apple’s privacy policy and the express wishes of the user. Apple told Krebs it was “expected behavior” and that there…

Justice Dept. charges Russian hacker behind the Dridex malware

U.S. prosecutors have brought computer hacking and fraud charges against a Russian citizen, Maksim Yakubets, who is accused of developing and distributing Dridex, a notorious banking malware used to allegedly steal more than $100 million from hundreds of banks over a multi-year operation. Per the unsealed 10-count indictment, Yakubets is accused of leading and overseeing…

Most of the largest US voting districts are vulnerable to email spoofing

Only 5% of the largest voting counties in the U.S. are protected against email impersonation and phishing attacks, seen as a key attack method by hackers who officials say want to disrupt the upcoming presidential election. The findings come less than a year before millions of Americans are set to go to the polls to…