Latest news from Naked Security (2019/12/09)

Will the new iPhone 11 track you even if you tell it not to?

Does turning location access off for all your apps mean that location access is off altogether?

Networking attack gives hijackers VPN access

Researchers have discovered a flaw in macOS, Linux, and several other operating systems that could let attackers hijack VPN connections.

HackerOne pays $20,000 bounty after breach of own systems

In an embarrassing twist, bug bounty platform HackerOne has paid a $20,000 reward to a researcher who reported a security flaw inadvertently caused by one of its staff during… a bug submission.

Facebook suing ILikeAd for hijacking users’ ad accounts

Facebook says the company used celeb bait links to infect victims with malware and hijacked their ad accounts to sell diet pills.

$5m bounty set on the alleged head of Evil Corp banking Trojan group

Know where Maksim “Aqua” Yakubets is? Can you pry him out of Russia and his Lamborghinis? The biggest ever cybercrook reward awaits!

Monday review – the hot 22 stories of the week

Get up to date with the hot security stories from the past week – from fake Android apps to malware targeting Mac users.