Apple
Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones
Richi Jennings | | 2fa, 2FA bypass, 2FA Flaws, 2FA phishing, 2FA solution, 2FA/MFA, Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iCloud, Apple ID, Apple ID failure, Apple iOS, Apple iPad, Apple iPhone, bypass 2FA, MFA, MFA Bombing, mfa fatigue, MFA hacks, mfa protection, mfasecurity, Multi-Factor Authentication (MFA), OTP, OTP circumvention bot, OTP interception bot, phishing-resistant MFA, push otp, SB Blogwatch, TOTP, two-factor-authentication.2fa
Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support ...
Security Boulevard
Hardware Vulnerability in Apple’s M-Series Chips
It’s yet another hardware side-channel attack: The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access ...
Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys
Richi Jennings | | Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iOS, Apple iPad, ARM, cache, dmp, GoFetch, iPad, M1, M2, M3, Macintosh, macos, SB Blogwatch
GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads ...
Security Boulevard
Apple Smashes Ban Hammer on Beeper iMessage Users
Richi Jennings | | android, Apple, Beeper, E2EE, encryption, end-to-end encryption, Eric Migicovsky, imessage, Privacy, RCS, SB Blogwatch, secure messaging
Empire strikes back: It was only a matter of time. But is this what Eric wanted all along? ...
Security Boulevard
Ohio’s New Social Media Law, Meta’s Link History Feature, 175 Million Passcode Guesses
Tom Eston | | Apple, brute-force attack, children, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, facebook, Information Security, Infosec, Instagram, iPhone, Link History, Meta, Ohio, Ohio Social Media Law, Ottawa, passcode, Passcodes, Podcast, Podcasts, Privacy, security, social media, technology, Teenagers, Weekly Edition
In episode 312, Tom and Scott discuss the implications of a new law in Ohio that may require parental consent for children under 16 using social media, including the pros and cons ...
China Cracks Apple Private Protocol — AirDrop Pwned
Richi Jennings | | Airdrop, Apple, Beijing Wangshendongjian, china, Chinese, Chinese Communists, Chinese drive-by attack, chinese government, Great Firewall of China, hash, hash algorithms, hash function, hash functions, hash generation, hashes, Peoples Republic of China, rainbow table, SB Blogwatch
AirDrop hashing is weaksauce: Chinese citizens using peer-to-peer wireless comms “must be identified.” ...
Security Boulevard
Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App
Tom Eston | | api, Apple, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, Exploit, google, Google Privacy Lawsuit, Information Security, Infosec, ios, iPhone, iPhone Exploit, Journal, Journaling, Mobile, Mobile App, New Year, Podcast, Podcasts, Privacy, security, technology, Weekly Edition
In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The ...
NSA iPhone Backdoor? Apple Avoids Russian Blame Game
Richi Jennings | | Apple, back door, backdoor, CVE-2023-32434, CVE-2023-32435, CVE-2023-32439, CVE-2023-38606, CVE-2023-41990, FSB, imessage, ios, iPhone, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, spyware, triangulation, Zero Click Attack, Zero-Click Exploit
“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard
Password Security for the Elderly: Tips and Best Practices
Tom Eston | | Apple, Cyber Security, Cybersecurity, Data Privacy, death, Digital Legacy, Digital Privacy, Elderly, Episodes, Information Security, Infosec, ios, legacy, Notebook, Password, passwords, Podcast, Podcasts, Privacy, security, Senior Citizen, Seniors, technology, Weekly Edition, Writting
In episode 308, we discuss the often overlooked topic of password management for the elderly. Addressing the commonly held belief that writing down passwords is a bad idea, we discuss the nuances ...
Apple Bops Beeper, but iMessage Android Whac-A-Mole Ensues
Richi Jennings | | android, Apple, Beeper, E2EE, encryption, end-to-end encryption, Eric Migicovsky, imessage, Privacy, RCS, SB Blogwatch, secure messaging
A new hope: Beeper’s reverse engineered iMessage integration, once killed by Tim’s crew, rises phœnix like ...
Security Boulevard