Apple Corp. introduced the latest versions of its iPhone mobile phone yesterday to great fanfare, though the fever pitch that was common during the reign of Steve Jobs was noticeably absent. There were a flurry of articles and opinion pieces like this one, wondering whether Apple had lost its mojo, were common. And it goes without saying that if the headline is wondering whether you’ve lost your mojo, then you most certainly have. Still, Apple didn’t disappoint with its iPhone and iOS updates, particularly in the security arena. Indeed, the long-rumored addition of a finger print reader may have been the most prominent new feature in an update where the most prominent changes (a faster, 64-bit processor, higher resolution camera, etc. ) were transparent to the user. So what do you need to know about the new iPhone and its biometric authentication feature? And how will the new iPhone 5S […]
Tag: Mobile Threats
With Settlement, FTC Issues Warning On IP-Enabled Cameras
The U.S. Federal Trade Commission (FTC) made one of its strongest statements to date on the issue of consumer privacy in the fast-emerging market for “smart” electronics: settling a complaint with the maker of SecurView, a line of home surveillance cameras that, it turned out, were just as easily used to spy into the homes of SecurView customers. In a statement on Wednesday, the FTC said that it settled a complaint against TRENDnet, the maker of the SecurView home security cameras. The FTC had charged the Torrance, California company with misrepresenting the security of its products. TRENDnet sold “faulty software that left (the cameras) open to online viewing” by anyone who knew the device’s IP address. Under the terms of its settlement with the Commission, TRENDnet must stop misrepresenting the “security, privacy, confidentiality, or integrity of the information that its cameras or other devices transmit,” as well as “the extent […]
Podcast: Made In China, Secured In The U.S.
We’ve written a lot about the threat posed by nation-state sponsored hackers to U.S. corporations and the economy. So-called “advanced persistent threat” (or APT) style attacks against corporate and government networks have been linked to the theft of sensitive data and intellectual property. Difficult as it is to stop APT attacks against networks, it’s even more challenging to identify threats one-step removed from direct attacks. Lately, attention has shifted to vulnerabilities in the supply chain of companies selling networking gear, servers and other critical IT components. Concerns about corrupted products from foreign suppliers were enough to prompt the U.S. Congress to hold hearings focused on the threat posed to government agencies by Chinese networking equipment makers like Huawei and ZTE. In this week’s podcast, The Security Ledger talks with Jerry Caponera, of Cyberpoint International. Cyberpoint is a Baltimore, Maryland firm that sells Prescient, a service that verifies where true vulnerabilities exist […]
New Mobile Malware Taps Ad Networks To Spread
It was only a couple weeks back that we wrote about new research from the folks at WhiteHat Security that posited a way for mobile ad networks to be gamed and used to distribute malicious code. Now it looks as if the bad guys were one step ahead, as researchers at Palo Alto Networks reveal new type of malicious Android malware that uses mobile ad networks to infect vulnerable devices. Palo Alto described the new, malicious mobile software, dubbed “Dplug,” in a blog post on Monday. The company said the malware authors appear to be leveraging second tier mobile ad networks, mostly in Russia and the former Soviet Republics), to distribute their wares. The Dplug malware takes advantage of the deep integration between mobile applications and mobile advertising networks to gain a foothold on infected devices, then send out messages to premium SMS services to generate money for the fraudsters, according […]
U.S. Cyber Chief Says “Trust Us” On NSA Spying
The head of the U.S. Cyber Command, Four-Star General Keith Alexander, told an audience of skeptical and sometimes hostile security experts and hackers that they should have faith that the U.S. National Security Agency (NSA) isn’t abusing its access to cell phone meta data and other online communications in its pursuit of terrorists who “live among us.” Speaking before a packed audience that included some of the country’s top computer security and privacy experts, Alexander spoke in measured tones about PRISM, the omnibus data collection program that was exposed in documents leaked by a former Booz Allen Hamilton contractor, Edward Snowden, saying that it had directly led to the disruption of 53 of 54 discrete “terrorist related activities” in the U.S., Europe, Asia and Africa since the September 11, 2001 terrorist attacks on New York and Washington, D.C. Adopting images and a tone common in the years immediately following 9/11, […]
