Security

A new rule from the U.S. Department of Commerce prohibits the sale or export of cybersecurity-related software and hardware to specific countries. Citing national security and anti-terrorism reasons, the rule bans exports to governments the U.S. deems "authoritarian," including China and Russia.

With a relatively simple but faked YouTube livestream for Apple's MacBook Pro launch event, ruthless crypto scammers targeted impatient Apple fans and their valuable bitcoins.

A "white hat" has reportedly jailbroken an iPhone 13-series unit in what might be record time and to the highest level of access. Furthermore, this exploit was apparently done remotely, and allowed the hacker in question to access and delete photos and other files on the phone. This allegedly involved entry points found in numerous aspects of iOS 15.

Acer's Indian servers have been breached by the hacker group Desorden, who claim to have access to 60 GB of sensitive corporate information and financial data. The group also claimed to release data of millions of Acer customers for a fee. Acer said that the breach has been reported to local law enforcement, and that it will have no impact on business continuity.

The Financial Crimes Enforcement Network stated that so far in 2021, crypto exchange and financial institutions have reported nearly US$600 million in transactions to pay ransomware attackers. This is signifcantly higher than 2020’s entire-year figure of US$416 million.

A hacking group named APT35 has been targeting important US citizens and institutions since 2017. The group was involved in targeting former US President Donald Trump's election campaign staff during the 2020 elections. Google's Threat Analysis Group continues to monitor APT35 and 270 other independent and government-backed hacking groups.

Google’s AI department was recently hit by a class-action lawsuit in the UK, because of possible irregularities in the way that it received and handled the data of over 1.6 million NHS patients from the Royal Free London NHS Foundation Trust.

Microsoft has declared in a blog post on October 11 that an Azure customer was hit with a 2.4 Tbps DDoS attack during August. The attack was recorded as the highest DDoS event ever on the Azure platform beating last year’s 1 Tbps attack. This attack was also the second highest documented event, coming second to Google’s attack with 2.5 Tbps in 2017.

Google disclosed security updates on October 8 in response to a month of phishing targeted attempts purportedly by Russian-linked group, APT28. The company estimates 14,000 Gmail accounts were warned and protected.

Samsung has started to release the October Android update for many Galaxy smartphones and tablets. The update resolves numerous security issues which is why owners of compatible devices are advised to install the update in a timely manner.

Besides the Vapour platform, the leaked source files also reveal something called VapeWorld that is built on the Unity engine and looks like a VR chat game with 3D Twitch chat emotes. Additionally, the existence of a “metaverse” folder could suggest Amazon's plans to integrate NFT and other crypto tokens with Vapour.

A 125GB torrent containing the entirety of streaming site Twitch.tv has been posted online. It allegedly includes the website's source code, information about streamer revenue and mentions of Amazon's unreleased digital storefront. Twitch has not publicly acknowledged the breach yet.

The new version of Google Chrome 94.0.4606.71 released on September 30 for Windows, Linux and Mac platforms addressed pressing security flaws including two highly-rated exploits.

The insidious malware has sneaked into the Google Play Store via legitimate looking apps and has apparently caused significant financial damage for millions of Android users. But a little bit of caution is all that is necessary to thwart the plans of the malicious GriftHorse trojan.

Although a security researcher apparently notified the iPhone maker of several security issues, Apple has recently released its iOS 15 update without fixing these vulnerabilities, which is why the anonymous tipster is now publicly criticizing the company.

Older Apple smartphones and tablets that are not compatible with the latest and greatest iOS 15 have been at risk of being compromised through two apparently dangerous security vulnerabilities. Apple has now fixed these security issues in a recent update for its mobile operating system.

Xiaomi appears to be shipping some phones in Europe with a feature that potentially allows the detection and censoring of anti-Chinese Communist Party phrases. The feature is, of course, turned off but that's unlikely to assuage doubts.

Reolink's latest home security camera has go-to specs such as spotlights, two-way audio, microSD card support and the option of truly-wireless battery power. However, it also has something new to this brand: dual lenses. They enable the device to guard a wide-angle field of view in up to 2K or color night vision.

The property-tracking tech-maker Tile must have taken a knock on the launch of Apple AirTags. However, the OEM still insists it is going strong, with robust revenue growth in 2021 and hundreds of thousands of paid subscriptions sold. Now, Tile has also announced that it has attained a major round of funding from an investment group.

Microsoft has commenced rolling out its new passwordless accounts feature. Over the coming weeks, users will be able to sign in using its Authenticator app which also dramatically increases user account security.

Xiaomi has reportedly stated that users affected by the recent bout of remote phone locking can now start using their devices again. Apparently, the locking of Xiaomi, Redmi, and POCO phones out of the blue in prohibited countries such as Cuba and Iran was carried out as part of an investigation into grey market practices.

The overall eighth major update for iOS 14 and iPadOS 14 fixes two security flaws in the iPhone's operating system, which is why the download and installation of the update is highly recommended for all users of Apple's smartphones and tablets.

Reports of Xiaomi locking Mi and Redmi-branded phones at an increasing rate have been shared online. It seems the Chinese OEM is targeting devices that have been bought or used in prohibited countries and territories. Xiaomi smartphones are popular in these sanctioned states but increased compliance with US policies indicates a likely expansion plan.

RedMagic has made its 2021 flagship refresh official today (September 6, 2021). The 6S Pro may have the same basic build as its immediate predecessor; nevertheless, the OEM has crammed some new features a gaming-phone fan might enjoy into the updated device. They include an advanced ICE 7.0 cooling system, not to mention some potentially next-gen biometrics.

According to a report, Apple is working to bring more advanced Face ID features to its next iPhones. A new leak about the name of Apple's upcoming iPhones has been given the nod by people in the know, too.

The EliteBook 850 G8 is the latest business laptop from HP. It features a 1000-nit screen, 5G modem, smart card reader and an NFC chip. The HP laptop looks and feels very premium.

The hacker who found the critical security flaw in Steam's payment process promptly reported the exploit to Valve and has since been rewarded for his honesty.

Apple released details on the controversial steps it will take to fight child abuse in the United States. Privacy advocates strongly criticized Apple's plans, even though other tech companies have been using similar technologies for many years.

As part of the company's efforts to keep Android users safe, Google has decided to no longer allow sign-in on services like Gmail, Maps, or YouTube for devices still stuck with versions up to 2.3.7 of its mobile operating system. Fortunately, devices on Android 3.0 and later will remain on the safe side.

Microsoft's Program Manager Aria Carley has confirmed that it would not be possible to bypass Windows 11's TPM 2.0 and Secure Boot requirements once the OS launches some time in October. Insider builds can currently be installed on a wider range of Intel and AMD CPUs, but the OS will support only Intel 8th gen and above and AMD Ryzen 2000 and above consumer processors at launch with no way to bypass these enforcements.

Hackers have managed to get Xiaomi’s MIUI 11 Android skin running on an Apple iPhone SE by utilizing the known checkm8 exploit. A couple of video clips have been shared showing that MIUI 11 had been successfully installed onto the iPhone SE, although it’s unclear how well the Apple phone runs on the Xiaomi software.

When it became clear that the fight against the malicious software called Trickbot could not be won remotely, Microsoft resorted to drastic measures and sent employees from door to door in order to manually take infected networking hardware offline.

Hisense has announced that a version of its smart TV UI, VIDAA, is the world's first to pass the requirements for a TÜV Rheinland Privacy by Design Certification. This badge is based on European Telecommunication Standards Institute (ETSI) standards of resistance to malicious tactics such as DDoS attacks, remote user device control and data-theft.

Microsoft has provided more background on the rationale behind its decisions regarding chip support for Windows 11. In an interview with TechRepublic, Microsoft’s Director of OS Security, David Weston, has pointed to compromises between security, performance and battery life as the drivers of the choices it has made.

Apparently, it's not just the announcement of Windows 11 that has been keeping Microsoft on its toes lately. According to reports, an employee of Microsoft's Xbox division managed to exploit a security flaw which allowed him to steal Xbox gift cards worth an absurd amount of money.

Xiaomi's newest software feature will bring an extra layer of security to owners of their devices. This feature is currently only available on the latest version of Xiaomi's Chinese software but will make its way over to the global market when MIUI 13 is released at the latest.

Mozilla, the organization behind the popular Firefox browser, has taken some pot-shots at popular tech gadgets for being “super creepy”. The Amazon Echo Dot smart speaker, Ring doorbells and cameras, and the Samsung Galaxy Watch 3 were singled out for specific criticism due to concerns with data privacy and data collection.

Following the security incident at CD Projekt Red, it appears that Electronic Arts is dealing with the aftermath of a data breach. Hackers have reportedly made away with nearly 1 Terabyte of sensitive data, including the source code for the Frostbite engine.

Someone has posted a 100 GB TXT file to a hacker forum that contains up to 82 billion passwords. According to a report, the number of unique entries may only be 8.4 billion, but it still significantly increases the risk of password dictionary attacks. All passwords in RockYou2021 are between 6 and 20 characters long.

On paper, HP Sure View sounds great with its ability to limit viewing angles with just a press of a button. In practice, however, the feature entails a host of other disadvantages that potential owners should be aware of.

According to a new leak, OnePlus is about to join the growing number of smartphone OEMs with its own smart tag. The report asserts that the company has registered a relevant trademark, alongside others for pre-existing products. Therefore, a product to go with that name might launch soon.

Marvell has announced that its latest line of SSD controllers has upgraded to PCIe 5.0 and NVMe 1.4b support. These specs render the Bravera SC5 series compatible with up-to-date cloud-related demands, or so the OEM asserts. They are also rated to offer advanced security and response-time features.

Check Point Software Technologies, a security research firm, reports that 23 apps on the Google Play Store may have exposed the personal data of over 100 million users. The data leaks are the result of poor practices with regard to data management and syncing with cloud databases.

The United Kingdom released a report stating that it tracked the location of 10% of cell phone users without notifying them or receiving their consent. The tracking was used to determine how willing citizens were to spend time away from home after the distribution of COVID-19 vaccines.

According to Apple’s software chief Craig Federighi, the company's computers are less secure than iOS devices due to the fact that app stores on the Mac are regularly exploited. This sometimes leads to malware infections, but Federighi also said that "a Mac can be operated safely" despite this problem.

EZVIZ introduces the C8C as its inaugural outdoor wireless home security camera capable of panning and tilting within its globe-shaped exterior glass shell. Its sensor is rated for FHD recording, as well as night vision in color and AI-powered intruder detection. The new IP65 surveillance accessory is available at Walmart with a special introductory price for its launch.

A German security researcher who goes by the alias "stacksmashing" posted a YouTube video detailing how he was able to dump the firmware of an Apple AirTag. Furthermore, he was able to inject a custom firmware that changed the AirTag's "Lost Mode" function. This could open the door to more malicious jailbreaks of AirTags in the future.

The Qualcomm mobile station modem (MSM) series is part of 3G to 5G connectivity for millions of Android phones worldwide. The Check Point security research group now claims that it can be exploited in a way that might allow a hacker to read a user's messages and even listen in on phonecalls. This flaw involves an interface found on up to 30% of all phones worldwide.