Even with all Apple’s expertise and investment in cybersecurity, there are some security problems that are so intractable the tech titan will require a whole lot more time and money to come up with a fix. Such an issue has been uncovered by Don A. Bailey, founder of Lab Mouse Security, who described to Forbes a hack that, whilst not catastrophic, exploits iOS devices’ trust in Internet of Things devices like connected toasters and TVs. And, as he describes the attack, it can turn Apple’s own chips into “skeleton keys.”
A new spam campaign designed to infect victims with GandCrab ransomware has surged over the past few days, as the criminals behind the scheme look to infect as many victims as possible. Analysis by researchers at security company Fortinet found that three new samples of GandCrab 2.1 are being distributed as the payload in a single mass spam campaign.
A new in-development ransomware was discovered that has an interesting characteristic. Instead of the distributed executable performing the ransomware functionality, the executables compiles an embedded encrypted C# program at runtime and launches it directly into memory.
A vulnerability in the Outage app of electricity network provider Vector may have exposed the personal information of more than 35,000 customers in New Zealand. Following the severe storm which battered the country earlier this month, the company was “made aware” of an API vulnerability within its application. As a result, the glitch has allowed users with an understanding of web applications to identify the vulnerability and potentially exploit it to see information about other application users. The provider first reported that as many as 24,000 users may have had name, phone number and address details accessed, before updating the number to 35,000.