Latest News

2019/09/23

Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica

Facebook said it has suspended tens of thousands of apps as part of its ongoing investigation into how third-party apps on its platform collect, handle and utilize users’ personal data. The results of the investigation, launched in March 2018 in response to Facebook’s infamous Cambridge Analytica incident, sharpen the spotlight on the social media platform’s data collection policies.

The tens of thousands of apps, associated with about 400 developers, have either been suspended or banned completely. Facebook said that several of the apps in question have inappropriately shared data obtained from its platform, made data publicly available without protecting people’s identity or something else “that was in clear violation of our policies.”
2019/09/16

Simjacker – Next Generation Spying Over Mobile

The attack begins when a SMS - that we term the Simjacker ‘Attack Message’ - is sent to the targeted handset. This Simjacker Attack Message, sent from another handset, a GSM Modem or a SMS sending account connected to an A2P account, contains a series of SIM Toolkit (STK) instructions, and is specifically crafted to be passed on to the UICC/eUICC (SIM Card) within the device. In order for these instructions to work, the attack exploits the presence of a particular piece of software, called the S@T Browser - that is on the UICC.
2019/09/16

iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts

An iPhone lock screen bypass has been discovered that could enable an attacker to access victims’ address books, including their contacts’ names, email addresses, phone numbers, mailing addresses and more.

The hack was first discovered by researcher Jose Rodriguez, an Apple enthusiast based in Spain who has found a slew of previous iPhone bypasses. This latest one could enable someone with physical access to a vulnerable iPhone to bypass the passcode authorization screen, and exists in the beta version of Apple’s soon-to-be-released mobile operating system, iOS 13.
2019/09/09

Android OTA Bug May Have Hit One Billion Users

Security researchers are warning of a new Android vulnerability in the way certain handsets receive over-the-air (OTA) updates, allowing hackers to potentially craft convincing SMS phishing attacks.

Check Point revealed the flaw, which has now been patched by some handset manufacturers, earlier this week.

It claimed that the industry standard for OTA provisioning, the Open Mobile Alliance Client Provisioning (OMA CP), only features limited authentication. As a result, remote agents could exploit this to impersonate network operators in spoof OMA CP messages to users, it claimed
2019/09/09

IoT Security Challenges in a 5G Era: Expert Advice

Experts from Nokia, iboss and Sectigo talk 5G mobile security for internet of things (IoT) devices in this webinar replay.

When it comes to what we can expect with 5G mobile networks, they promise a more IoT friendly ecosystem, with vast improvements over the current capabilities of the 4G. Providing ultra low-latency and exponentially faster throughput (along with sensors that will boast a 10-year battery life) 5G paves the way for new enterprise use cases and applications, including remote telesurgery, self-driving cars, electricity on-demand and more.