The $100,000 bug in Sign in with Apple May 31, 2020 | sento In the month of April, I found a zero-day in Sign in with Apple that affected third-party applications which were using it and didn’t implement their own additional security measures. This bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid… Read More
$350 USB Stick That Claims to Block 5G Is Actually a $6 Generic Thumb Drive May 29, 2020 | sento Security firm Pen Test Partners ordered the 5GBioShield, and found that it’s just a cheap unbranded USB stick likely made in Shenzhen, China. PCMag editors select and review products independently. We may earn affiliate commissions from buying links, which help support our testing. Learn more. No, 5G won’t give you coronavirus. But that isn’t stopping… Read More
eBay port scans visitors’ computers for remote access programs May 25, 2020 | sento When visiting the eBay.com site, a script will run that performs a localport scan of your computer todetect remote support and remote management applications. Many of these ports are related to remote access/remote support tools such as the Windows Remote Desktop, VNC, TeamViewer, Ammy Admin, and more. After learning about this, BleepingComputer conducted a test… Read More
Police in China, Dubai, and Italy are using these surveillance helmets to scan people for COVID-19 fever as they walk past and it may be our future normal May 17, 2020 | sento Temperature-scanning $7,000 helmets can catch people running a fever. But experts are skeptical about how helpful temperature scanning will really be. Chinese police, health staff, and transport workers have been using smart helmets to monitor people for high temperatures in the fight against COVID-19. The helmets are made by Chinese firm KC Wearable and use… Read More
Malicious tweets targeting epilepsy charity trigger seizures May 16, 2020 | sento At least two people had seizures after viewing malicious tweets featuring flashing gifs that deliberately targeted the Epilepsy Society. Thames Valley police said it was investigating the tweets as a hate incident, after at least 200 seemingly coordinated messages were sent to the charity and its supporters in recent days. A number of other people… Read More
Huge, mysterious list appears online of where people met, personal information and more of tens of millions May 15, 2020 | sento A huge data dump includes the personal information of tens of millions of people and where they have met – and its origin is a mystery. The breach includes almost 90GB of people’s personal data, including details of where they have been and met people. But there is no clue where the information has actually… Read More
Mitch McConnell is pushing the Senate to pass a measure that would let the FBI collect Americans’ web-browsing history without a warrant May 14, 2020 | sento Another amendment blocking the FBI surveillance failed by just one vote Wednesday, bringing McConnell’s proposal one step closer to becoming law. The Senate is expected to vote Wednesday to renew the 2001 Patriot Act, and Mitch McConnell is pushing an amendment to the law that would expand the FBI’s surveillance powers. An amendment proposed by… Read More
The Original Cookie specification from 1997 was GDPR compliant May 8, 2020 | sento Cookies today are doing all kinds of bad things, but did you know that the original creators wanted to stop that? I had a discussion the other day about GDPR, ePrivacy and all those problems for publishers, and I pointed out that the way we think about this is wrong. We were never supposed to… Read More
For 8 years, a hacker operated a massive IoT botnet just to download Anime videos May 8, 2020 | sento For 8 years, a hacker operated a massive IoT botnet just to download Anime videos The botnet consisted solely of D-Link NAS and NVR devices and the botnet peaked at 10,000 bots in 2015. Named Cereals and first spotted in 2012, the botnet reached its peak in 2015 when it amassed more than 10,000 bots.… Read More
Samsung patches 0-click vulnerability impacting all smartphones sold since 2014 May 7, 2020 | sento Samsung patches 0-click vulnerability impacting all smartphones sold since 2014 Samsung patched this month a critical bug discovered by Google security researchers. South Korean smartphone vendor Samsung released this week a security update to fix a critical vulnerability impacting all smartphones sold since 2014. The security flaw resides in how the Android OS flavor running… Read More