Tag Archive for: Alarm

Google finds a devastating iPhone security flaw, FireEye hack sends alarm bells ringing – TechCrunch

/in


In case you missed it: A ransomware attack saw patient data stolen from one of the largest U.S. fertility networks; the Supreme Court began hearing a case that may change how millions of Americans use computers and the internet; and lawmakers in Massachusetts have voted to ban police from using facial recognition across the state.

In this week’s Decrypted, we’re deep-diving into two stories beyond the headlines, including why the breach at cybersecurity giant FireEye has the cybersecurity industry in shock.

THE BIG PICTURE

Google researcher finds a major iPhone security bug, now fixed

What happens when you leave one of the best security researchers alone for six months? You get one of the most devastating vulnerabilities ever found in an iPhone — a bug so damaging that it can be exploited over-the-air and requires no interaction on the user’s part.

The AWDL bug under attack using a proof-of-concept exploit developed by a Google researcher. Image Credits: Ian Beer/Google Project Zero

The vulnerability was found in Apple Wireless Direct Link (AWDL), an important part of the iPhone’s software that among other things allows users to share files and photos over Wi-Fi through Apple’s AirDrop feature.

“AWDL is enabled by default, exposing a large and complex attack surface to everyone in radio proximity,” wrote Google’s Ian Beer in a tweet, who found the vulnerability in November and disclosed it to Apple, which pushed out a fix for iPhones and Macs in January.

But exploiting the bug allowed Beer to gain access to the underlying iPhone software using Wi-Fi to gain control of a vulnerable device — including the messages, emails and photos — as well as the camera and microphone — without alerting the user. Beer said that the bug could be exploited over “hundreds of meters or more,” depending on the hardware used to carry out the attack. But the good news is that there’s no evidence that malicious hackers have actively tried to exploit the bug.

News of the bug drew immediate attention, though Apple didn’t comment. NSA’s Rob Joyce said the bug find is “quite an accomplishment,” given that most iOS bugs require chaining multiple vulnerabilities…

Source…

Google shouldn’t give up on alarm systems like Nest Secure

/in


Earlier this month, Google brutally pulled the plug on Nest Secure, its 3-year-old alarm system that doesn’t have a successor of any kind in sight. While that product won’t be fully left out to dry anytime soon, Google has been completely silent regarding a new alarm system. Here’s why they shouldn’t give up on it.

Cameras are great, but alarm systems give peace of mind

The cornerstone of the Nest brand is cameras and, admittedly, they’rep an excellent way to keep an eye on your home. But as far as security is concerned, they aren’t foolproof. Cameras have blind spots, they can be blocked, they can lose power. A proper alarm system like Nest Secure, though, is a lot harder to trip up.

Generally speaking, it’s hard to beat an alarm system. The Nest Guard hub is the only way for a potential intruder to disarm the system — assuming they haven’t stolen your phone that is. Before they reach that Guard, they have to get in a door or window that’s connected to the Guard with a Detect sensor. That sensor immediately sets off the alarm countdown when opening the door or window and, should that fail for some reason, there’s also a motion sensor that will go off. The alarm as a whole can even be tied to a professional monitoring system which can alert the local authorities.

The Nest Guard hub is a central point for an entire home security system, and importantly it’s also the most reliable. If it loses power, it continues to sense motion and opening doors even once the cameras go out by using a battery backup. The sensors themselves, too, run on battery power all of the time which means they can be used in more places compared to Google’s wired cameras.

Nest Guard actually made Nest Cams easier to use

Beyond the very real security benefits that Nest Secure delivers, Google’s decision to pull the plug on its alarm systems has further implications for the company’s cameras. For quite some time, Nest has offered “Home” and “Away” presets. These can be used to automatically adjust various settings on your cameras, thermostats, and other Nest products.

With a Nest Guard hub installed in your home, this feature becomes far more powerful. Instead of…

Source…

U.S. raises second alarm over foreign hacking [Video]

/in


U.S. agencies have again accused Russian-sponsored hackers of trying to break into dozens of U.S. government computer networks, and in two instances they were successful.

It’s the second major warning over foreign hacking in as many days, and comes less than two weeks before the U.S. election.

FBI and Homeland Security officials said on Thursday (October 22) that since at least September, Russia state hackers had broken into an unspecified number of state and local computer networks, as well as aviation networks.

In two cases they stole data, but the FBI gave no further details and did not disclose the names of the targeted governments.

In a statement, the FBI said it was, ‘shining a spotlight on Russia’s nefarious behaviour.’

When asked for a comment, the Russian embassy in Washington pointed to recent remarks by Kremlin spokesman Dmitry Peskov:

“The accusations come every day, all of them have no grounds, they are not based on anything. Most likely, it is a tribute to internal political processes linked to the upcoming election.”

This week’s previous accusation came from the U.S. Director of National Intelligence, John Ratcliffe, who said that Russia and Iran have both tried to interfere with this year’s presidential election.

“First, we have confirmed that some voter registration information has been obtained by Iran and separately by Russia. This data can be used by foreign actors to attempt to communicate false information to registered voters that they hope will cause confusion, sow chaos and undermine your confidence in American democracy.”

Many in the U.S. are worried about a potential repeat of 2016 when hackers alleged to be working for Russia stole and released emails belonging to prominent U.S. Democrats.

Video Transcript

US agencies have again accused Russian-sponsored hackers of trying to break into dozens of US government computer networks. And in two instances, they were successful. It’s the second major warning over foreign hacking in as many days, and comes less than two weeks before the US election. FBI and Homeland Security officials said on Thursday that since at least September, the hackers have broken into an unspecified number of networks from state to local…

Source…

A false hijacking alarm brought Amsterdam’s Schiphol airport to standstill – CNN

/in
  1. A false hijacking alarm brought Amsterdam’s Schiphol airport to standstill  CNN
  2. False alarm triggers hijacking protocol at Amsterdam Airport Schiphol  The Points Guy
  3. Schiphol airport: Pilot sparks hijack security alert in Amsterdam  BBC News
  4. False Hijacking Alarm Causes Panic in Amsterdam Airport  The National Interest Online
  5. Schiphol Airport locked down after plane hijack button ‘pressed by mistake’  Mirror Online
  6. View full coverage on read more

“HTTPS hijacking” – read more