This is theoretical research that shows it may be possible to run malware on an iPhone that is still active even when the phone is powered off, by abusing a lack of authentication in the Bluetooth system and the fact that the Bluetooth is used in the Apple “find my…” …
GitHub to require 2FA for all users by end of 2023!
GitHub is a valuable resource to software developers and so it is a key tool being used in many software supply chains. And we now know how vulnerable we all are to software supply chain hacking – look at this example. So my response when I saw this was the …
Continue reading “GitHub to require 2FA for all users by end of 2023!”
Too good to be true – You’ve won! Is it time you and your team got some training to combat social engineering?
It is the oldest and easiest bit of email social engineering – promise you something that is too good to be true. Your tempted and the hackers have got you. You think this would have gone the way of “princes offering to share millions with you, if you will just …
Cisco’s Webex app could leak audio data
Napier University’s Cyber Security department used Webex when I was studying there. Here is research that demonstrates that the software could leak audio even when muted. “Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps,” The research looked at many of the apps that have …
Crypto for the weekend
Bruce Schneier’s blog put me onto this article, which explains in some depth how with careful detective work, and open-source intelligence (OSINT) made anonymous cryptocurrency transactions not so anonymous. It is a long, but very interesting article but please note the content warning from the Wired website, and do not …