Apple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should Know

source: wired.com | image: pexels.com

 

The iPhone maker has detected spyware attacks against people in more than 150 countries. Knowing if your device is infected can be tricky—but there are a few steps you can take to protect yourself.

 

In April, Apple sent notifications to iPhone users in 92 countries, warning them they’d been targeted with spyware. “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID,” the notification reads.

Users quickly took to social media sites including X, trying to work out what the notification meant. Many of those targeted were based in India, but others in Europe also reported receiving Apple’s warning.

Weeks later, little is still known about the latest iPhone attacks. Former smartphone giant Blackberry, now a security firm, has released research indicating they are linked to a Chinese spyware campaign dubbed “LightSpy,” but Apple spokesperson Shane Bauer says this is inaccurate, and researchers at security firm Huntress say the variant Blackberry analyzed was a macOS version, not iOS. Continue reading “Apple’s iPhone Spyware Problem Is Getting Worse”

Brute Force Password Cracking Takes Longer, But Celebration May Be Premature

source: technewsworld.com | image: pexels.com

 

Brute force cracking of passwords takes longer now than in the past, but the good news is not a cause for celebration, according to the latest annual audit of password cracking times released Tuesday by Hive Systems.

Depending on the length of the password and its composition — the mix of numbers, letters, and special characters — a password can be cracked instantly or take half a dozen eons to decipher.

For example, four-, five-, or six-number-only passwords can be cracked instantly with today’s computers, while an 18-character password consisting of numbers, upper- and lower-case letters, and symbols would take 19 quintillion years to break.

Last year, Hive’s research found that some 11-character passwords could be cracked instantaneously using brute force. This year’s findings revealed the effectiveness of newer industry-standard password hashing algorithms — like bcrypt — for encrypting passwords in databases. Now, that same 11-character password takes 10 hours to crack.

Continue reading “Brute Force Password Cracking Takes Longer, But Celebration May Be Premature”

How to fix the military’s software SNAFU

source: defenseone.com  |  image: pexels.com

 

Too many of its apps are built on code riddled with vulnerabilities—and distributed by the Pentagon itself.

The only institution more mired in acronyms than the U.S. military is, in my experience, the software industry. The former’s thorough embrace of the latter is reflected, for example, in this recent piece by serious commentators that includes a four-page glossary. To be sure, software’s ability to supercharge military operations make this alphabet soup palatable—but it also conceals a dangerous security SNAFU.  

If software is to be more of a benefit than a liability, its inevitable flaws must be spotted and fixed before they can be exploited by China, Russia, and other adversaries. Unfortunately, in an analysis I conducted of popular open source software made available by the Pentagon for its units and contractors to use, there is strong evidence that the U.S. military is shipping software that is insecure and contains many known software vulnerabilities—CVEs, in software-speak.

Continue reading “How to fix the military’s software SNAFU”

Majority of Consumers Feel Safe With DIY Home Security: Parks Study

 

source: technewsworld.com  |  image:  pexels.com

 

Some 60% of consumers believe their self-monitoring home security systems keep them just as safe as monitoring provided by security pros, according to research released by Parks Associates.

“Consumers view self-monitoring as a way to be notified of what’s going on in their homes. For many of them, that can provide the peace-of-mind that’s safe enough for certain households,” Parks President and CEO Elizabeth Parks told TechNewsWorld.

Based on a survey of 8,000 U.S. internet households, the research also found that the major reason for canceling professional monitoring systems was cost, with 25% of consumers citing “fees too high” as their reason for terminating their monitoring services.

Also mentioned as reasons for cutting professional monitoring were an increased sense of neighborhood safety and a realization that the household doesn’t use its system enough.

While many consumers feel their self-monitoring systems keep them safe, professional monitoring services remain popular.

Continue reading “Majority of Consumers Feel Safe With DIY Home Security: Parks Study”

NSA shares zero-trust guidance to limit adversaries on the network

source: bleepingcomputer.com (contributed by FAN, Steve Page)  |  image: nsa.gov

 

The National Security Agency is sharing new guidance to help organizations limit an adversary’s movement on the internal network by adopting zero-trust framework principles.

A zero-trust security architecture requires strict controls for accessing resources on the network, be they inside or outside the physical perimeter, to minimize the impact of a breach.

Compared to the traditional IT security model, which presumes that everything and everyone on the network is trusted, the zero-trust design assumes that a threat already exists and does not allow free rein inside the network. 

Continue reading “NSA shares zero-trust guidance to limit adversaries on the network”

SpaceX Launched Military Satellites Designed to Track

Hypersonic Missiles

source: wired.com  |  image: pexels.com

 
The prototype satellites hitched a ride on a Falcon 9 rocket.

 

Two prototype satellites for the Missile Defense Agency and four missile-tracking satellites for the US Space Force rode a SpaceX Falcon 9 rocket into orbit Wednesday from Florida’s Space Coast.

These satellites are part of a new generation of spacecraft designed to track hypersonic missiles launched by China or Russia and perhaps emerging missile threats from Iran or North Korea, which are developing their own hypersonic weapons.

Continue reading “SpaceX Launched Military Satellites Designed to Track Hypersonic Missiles”

China had “persistent” access to U.S. critical infrastructure

source: https://www.axios.com, contributed by FAN, Steve Page  |  image: pexels.com

 

China-backed hackers have had access to some major U.S. critical infrastructure for “at least five years,” according to an intelligence advisory released Wednesday.

Why it matters: The hacking campaign laid out in the report marks a sharp escalation in China’s willingness to seize U.S. infrastructure — going beyond the typical effort to steal state secrets.

  • The advisory provides the fullest picture to-date of how a key China hacking group has gained and maintained access to some U.S. critical infrastructure.

Details: The U.S. Cybersecurity and Infrastructure Security Agency, the National Security Agency and the Federal Bureau of Investigation released an advisory Wednesday to warn critical infrastructure operators about China’s ongoing hacking interests.

Continue reading “China had “persistent” access to U.S. critical infrastructure”

Behind the Curtain: U.S. not ready for robotic, AI world wars

 

source: Axios.com (contributed by Bill Amshey)  | image: Pexels.com

 

America’s ability to remain the world’s most lethal military hinges on two interrelated — and vexing — mysteries, Jim VandeHei and Mike Allen write.

  • Can soon-to-retire four-star generals truly foresee the awesome power of artificial intelligence in time to break generation-old habits and shift warfare theories?
  • If they do, can they convince the brightest coding minds to chuck lucrative gigs at Google to build AI-powered systems for America faster or better than their rivals in China?

Why it matters: Future wars will be won with Stanford nerds, faster chips, superior computing power and precision robotics on land, sea and air. Experts tell us that because of a lethal combination of congressional myopia and constipated Pentagon buying rules, America isn’t mobilizing fast enough to prevail on future battlefields. Continue reading “Behind the Curtain: U.S. not ready for robotic, AI world wars”

This Cryptomining Tool Is Stealing Secrets

 

source: wired.com  |  image: pexels.com

 

As the Israel-Hamas war raged on this week and Israel expanded its ground invasion of the Gaza Strip, the territory’s compromised internet infrastructure and access to connectivity went fully dark on Friday, leaving Palestinians without access to ground or mobile data connections. Meanwhile, researchers are bracing for the fallout if Hamas makes good on its threats to distribute hostage execution videos online. And TikTokkers are using a niche livestreaming feature and exploiting the Israeli-Hamas conflict to collect virtual gifts from viewers, a portion of which goes to the social media company as a fee.

As the worst mass shooting in Maine’s history unfolded this week and the gunman remained at large, disinformation about the situation and the suspect flooded social media, adding to the already chaotic and horrific situation. Elon Musk, the owner of X (formerly Twitter) posted remarks earlier this month mocking Ukrainian president Vlodymr Zelensky that were met with a flood of support and enthusiasm from Russian trolls and accounts distributing pro-Russia propaganda.

Continue reading “This Cryptomining Tool Is Stealing Secrets”

The Best Password Managers to Secure Your Digital Life

 

source: wired.com  |  image: pexels.com

 

PASSWORD MANAGERS ARE the vegetables of the internet. We know they’re good for us, but most of us are happier snacking on the password equivalent of junk food. For nearly a decade, that’s been “123456” and “password”—the two most commonly used passwords on the web. The problem is, most of us don’t know what makes a good password and aren’t able to remember hundreds of them anyway.

The safest (if craziest) way to store your passwords is to memorize them all. (Make sure they are long, strong, and secure!) Just kidding. That might work for Memory Grand Master Ed Cooke, but most of us are not capable of such fantastic feats. We need to offload that work to password managers, which offer secure vaults that can stand in for our memory.

A password manager offers convenience and, more importantly, helps you create better passwords, which makes your online existence less vulnerable to password-based attacks. Read our guide to VPN providers for more ideas on how you can upgrade your security, as well as our guide to backing up your data to make sure you don’t lose anything if the unexpected happens.