/ Security Assessments News /

It has been a week since the release of Checkra1n, the world’s first jailbreak for devices running Apple’s iOS 13. Because jailbreaks are so powerful and by definition disable a host of protections built into the OS, many people have rightly been eyeing Checkra1n—and the Checkm8 exploit it relies on—cautiously. What follows is a list …

/ Security Assessments News /

Enlarge / The US House of Representatives. On Wednesday, Republican lawmakers committed a major breach of security guidelines when they carried cell phones as they tried to force their way into a secure room where a closed-door impeachment hearing with a Defense Department official was taking place. At least one House member, Rep. Matt Gaetz …

/ Security Assessments News /

When you visit a new website, your computer probably submits a request to the domain name system (DNS) to translate the domain name (like arstechnica.com) to an IP address. Currently, most DNS queries are unencrypted, which raises privacy and security concerns. Google and Mozilla are trying to address these concerns by adding support in their browsers …

/ Security Assessments News /

Joshua Lott/Bloomberg via Getty Images For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle. Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine’s national grid operator, Ukrenergo. Just before midnight, they used it to open every …

/ Security Assessments News /

Shenzhen i365 Tech An estimated 600,000 GPS trackers for monitoring the location of kids, seniors, and pets contain vulnerabilities that open users up to a host of creepy attacks, researchers from security firm Avast have found. The $25 to $50 devices are small enough to wear on a necklace or stash in a pocket or …

/ Security Assessments News /

The perils of Google Play are once again on display with the discovery of an app with 100 million downloads that contained a malicious component that downloaded secret payloads onto infected Android devices. Throughout most of its life, CamScanner was a legitimate app that provided useful functions for scanning and managing documents, researchers from antivirus …

/ Security Assessments News /

Collin Mulliner Developing and maintaining secure firmware for tablets, cars, and IoT devices is hard. Often, the firmware is initially developed by a third party rather than in-house. And it can be tough as projects move from inception and prototyping to full-force engineering and finally to deployment and production. Now, an engineer at self-driving car …

/ Security Assessments News /

Enlarge / An AT&T store in New Jersey. Michael Brochstein/SOPA Images/LightRocket via Getty Images When Michael Terpin’s smartphone suddenly stopped working in June 2017, he knew it wasn’t a good sign. He called his cellular provider, AT&T, and learned that a hacker had gained control of his phone number. The stakes were high because Terpin …

/ Security Assessments News /

Enlarge / Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California. Elijah Nouvelage | Getty Images US Attorney General William Barr today launched a new front in the feds’ ongoing fight against consumer encryption, railing against the common …

/ Security Assessments News /

Apple said it has pushed a silent macOS update that removes the undocumented webserver that was installed by the Zoom conferencing app for Mac. The webserver accepts connections from any device connected to the same local network, a security researcher disclosed on Monday. The server continues to run even when a Mac user uninstalls Zoom. …