In-brief: Apple is urging iPhone and iPad users to upgrade to the latest version of iOS amid published claims by Israeli firm Cellebrite that its engineers can unlock basically any iPhone model, including those running the new iOS 11. Apple again finds itself at the center of controversy surrounding the ability to hack into iPhones to extract protected user information. The company is urging iPhone users to upgrade their devices to the latest version of iOS amid claims by an Israeli mobile-device surveillance firm that its engineers can unlock virtually any iPhone model in the world. However, the Cupertino, Calif.-based company is remaining mum on what, if anything, it might do now or in the future to resolve the issue. Citing anonymous sources, Forbes reported Monday that Cellebrite, based in Petah Tikva, Israel, is telling customers that its engineers already can bypass the security of devices running iOS 11, the […]
Researchers at the University of Southern California have developed a technology called a frequency comb that could pave the way for quantum-encryption technologies to be used to protect mobile data and digital currencies.
In-brief: As of May 2017, Kaspersky Lab researchers have observed more than 7,200 different samples of malware for IoT devices in honeypot activity—more than double the number from last year–demonstrating that IoT devices are becoming increasingly vulnerable on a number of fronts, including passwords, firmware, and telnet/SSH ports.
Wired reports on a team from Georgia Tech that has designed software that acts as an overlay on Android smartphones’ communication applications, encrypting communications to and from those apps, while mimicking their user interface. The researchers describe the technology as a “transparent window” over apps that prevents unencrypted messages from leaving the user’s device. “The window acts as a proxy between the user and the app. But the beauty of it is that users feel like they’re interacting with the original app without much, if any, change,” says Wenke Lee, the Georgia Tech professor who led the developers. “Our goal is to make security that’s as easy as air. You just breathe and don’t even think about it.” The researchers call their prototype Mimesis Aegis, or M-Aegis, Latin for “mimicry shield.” They plan to present their research at the Usenix Security conference this week. Read more via Wired: This Android Shield Could […]
One theme that frequently comes up in my conversations with experienced security veterans when we talk about security and “the Internet of Things” is the absence of what might be termed a “security culture.” That’s a hard term to define, but it basically describes a kind of organizational culture that anticipates and guards against online attacks. Certainly companies that have been selling software in any great number for any amount of time have had to develop their own security cultures – think about Microsoft’s transformation following Bill Gates Trustworthy Computing memo, or Adobe’s more recent about-face on product and software security. But that culture is lacking at many of the companies that have traditionally thought of themselves as ‘manufacturers’ – makers of “stuff,” but which now find themselves in the software business. Think General Electric (GE) or – even better – auto makers. A couple of months back, I had […]