US rozzers are being warned to avoid looking at iPhones with Face ID in case they get locked out of the device, much like Craig Federighi at the iPhone X launch event. Apple’s mug-scanning Face ID tech, found on the iPhone X and iPhone XS, attempts to authenticate a face up to five times before the feature is disabled and the user’s potentially harder-to-obtain passcode is required to unlock the smartphone. Because of this, forensics outfit Elcomsoft is warning US law enforcement not to gawp at iPhones involved in investigations as failed attempts would render Apple’s Face ID useless, meaning a suspect can no longer be forced to unlock their own phone.
Scammers are creating fake Android cryptocurrency mining apps and promoting them on the Google Store. The kicker is that these apps claim to mine cryptocurrency that can’t be mined in the first place. Fortinet discovered these apps on the Google Play Store when they saw that the apps were being promoted as miners for Ripple (XRP), Cardano (ADA), and Tether. As these are cryptocurrencies that are not possible to mine, the apps only pretend to mine and instead display advertisements.
A malicious app called “Album by Google Photos” was found in the Microsoft Store today that pretends to be from Google. This app pretends to be part of Google Photos, but is actually an ad clicker that repeatedly opens hidden advertisements in Windows 10. This free Album by Google Photos app claims to be created by Google LLC and has a description of “Finally, a photos app that’s as smart as you.”. You can see an image of its Microsoft Store page below.
The threat landscape is radically different in a connected, digital world. Critical infrastructures, from smart metres to payment systems, are no longer constrained by geography. Personal digital assets, such as identity and online behaviour data, are increasingly globalised. Threats to these aren’t nearly as easy to monitor or defend against – and governments’ ability to deal with them is being eroded. Industries and businesses are now finding themselves on the front line, safeguarding the digital economy against a series of emerging systemic risks – most notably cyber.
Just like clockwork, another weekend is over and Monday is here again. To lighten the load, El Reg is offering you the latest instalment of Who, Me?, our weekly sysadmin confessional column. This time we meet “Romeo”, who was working at a large music company in London at the time in question. It was his first job for a big multinational and the firm had just been hit by the I Love You virus that crippled systems all over Europe back in 2000.