Unpatchable bug in millions of iOS devices exploited, developer claims
Enlarge / Devices as recent as the iPhone X, based on Apple’s A11 chip, are claimed to be vulnerable to a new boot ROM attack revealed today.
SOPA Images / Getty Images
…
News
DoorDash hack spills loads of data for 4.9 million people
A hack on food-delivery service DoorDash leaked the personal data of 4.9 million customers, delivery workers, and merchants, the company revealed on Thursday.
The breach took place on May 4, …
Vimeo collected detailed facial scans without consent, lawsuit alleges
Vimeo is collecting and storing thousands of people’s facial biometrics without their permission or knowledge, a recently filed lawsuit alleges.
The “highly detailed geometric” facial maps, according to a complaint, …
AT&T vows to keep DirecTV despite losing millions of subscribers
AT&T doesn’t intend to sell DirecTV despite internal discussions about whether to offload the struggling satellite TV business, The Wall Street Journal reported Tuesday.
“DirecTV is an important part …
Google Play apps laden with ad malware were downloaded by millions of users
Enlarge / Malicious apps discovered by Symantec Threat Intelligence popped up full screen ads, and hid the app title even in the App Switcher view—making it difficult for users to know where they were coming from.
…
No, it wasn’t a virus; it was Chrome that stopped Macs from booting
On Monday night, Variety reported that film editors around Los Angeles who had Avid Media Composer software installed were suddenly finding that their Macs were unable to reboot. The publication …
High-severity vulnerability in vBulletin is being actively exploited
Attackers are mass-exploiting an anonymously disclosed vulnerability that makes it possible to take control of servers running vBulletin, one of the Internet’s most popular applications for website comments. Sites running …
Fake veteran hiring site downloads spyware instead of jobs
Enlarge / This site will not make America safer.
A “threat group” previously identified as being behind a set of attacks on IT providers in Saudi Arabia has now been …
Magecart skimmers seen targeting routers for customer Wi-Fi networks
Enlarge / That captive portal may be more captive than you know.
John Moore / Getty Images
Threat researchers at IBM X-Force IRIS have spotted activity by a known group …
Inside the campaign that tried to compromise Tibetans’ iOS and Android phones
Attackers from a group dubbed Poison Carp used one-click exploits and convincing social engineering to target iOS and Android phones belonging to Tibetan groups in a six-month campaign, researchers said. …