Latest news from Naked Security (2019/02/15)

Apple fighting pirate app developers, will insist on 2FA for coders

Are you an Apple developer? Care about security? Using 2FA? You will be soon…

Judge won’t unseal legal docs in fight to break Messenger encryption

The Feds tried—and failed—to force Facebook to break its encryption so investigators could listen in on suspected MS-13 gang conversations.

Should we profit from the sale of our personal data?

Don’t spend that 30 cents all in one place!

Chinese facial recognition database exposes 2.5m people

A company operating a facial recognition system in China has exposed millions of residents’ personal information online.

Photography site 500px resets 14.8 million passwords after data breach

Photography website 500px has become the latest site to admit suffering a serious data breach.

Inside a GandCrab targeted ransomware attack on a hospital

A recent attack on a US hospital gives us a colourful picture of both how a targeted ransomware attack happens, and how it can be stopped.

Latest news from Naked Security (2019/02/14)

What’s behind this 1,000-character phishing URL?

Bleeping Computer learned of a strange phishing campaign which uses an unusually long URL – but why?

Apple App Store stuffed with hardcore porn and gambling apps

The apps, which violate content policies, got in there via the same Enterprise Certificate program that Facebook and Google exploited.

Google paid out $3.4m in bug bounties last year

317 researchers from 78 countries turned 2018 into a worldwide bug-crunching spree.

Update now! Microsoft and Adobe’s February 2019 Patch Tuesday is here

Internet Explorer (IE) may have launched way back in 1995 but nearly a quarter of a century later it’s still creating work for Microsoft and Windows users.

Top tips for Valentine’s Day – and the rest of the year! [VIDEO]

Our top tips for Valentine’s Day and beyond – all in just 5 minutes. Enjoy!

Latest news from Naked Security (2019/02/13)

Another flaw found in macOS Mojave’s privacy protection

Ever since Apple announced enhanced privacy protection for macOS Mojave 10.14 last September, a dedicated band of researchers has been poking away at it looking for security flaws. Here’s another.

Evil USB O.MG Cable opens up Wi-Fi to remote attacks

… and enables de-authenticaton attacks that could knock targeted systems off the Wi-Fi and onto one of these nefarious cables.

Ep. 019 – Android holes, iOS screengrabbing and USB poo [PODCAST]

Here’s the latest Naked Security podcast – enjoy!

620 million records from 16 websites listed for sale on the Dark Web

Some of the breaches are new, while some were reported last year. The sites include MyFitnessPal, MyHeritage, Whitepages and more.

Security firm beats Adobe by patching reader flaw first

Adobe has patched a flaw that enabled attackers to slurp a user’s network authentication details – but not before someone else patched it first.