Posted by: David Harley | October 3, 2018

News update: October 3rd

Filip Truta for Bitdefender: Researchers use Android password managers to make phishing attacks more practical
“Simone Aonzo, Alessio Merlo, and Giulio Tavella from the University of Genoa and Yanick Fratantonio from EURECOM found that certain Android password managers can be tricked into entering valid login credentials into phishing apps. The trick even works with Google’s try-before-you-buy Instant Apps, which allows users to take apps for a spin without actually installing their contents on the device.”

Graham Cluley, also for Bitdefender: Even with the latest iOS 12 update, your iPhone’s lockscreen is unsafe
“Jose Rodriguez, who has uncovered vulnerabilities in iOS’s lock screen security on a number of occasionsin the past, has produced a video demonstrating an (admittedly convoluted) way of accessing information on locked iOS devices that really should be out of bounds.”

Lawrence Abrams for Bleeping Computer: Roaming Mantis Group Testing Coinhive Miner Redirects on iPhones
Kaspersky has discovered that [Roaming Mantis Group] is testing a new monetization scheme by redirecting iOS users to pages that contain the Coinhive in-browser mining script rather than the normal Apple phishing page.

Pierluigi Paganini: Expert demonstrated how to access contacts and photos from a locked iPhone XS
“…Jose Rodriguez has discovered a passcode bypass vulnerability in Apple’s new iOS version 12 that could be exploited …  (with physical access to the iPhone) to access photos, contacts on a locked iPhone XS and other devices.

The hack works on the latest iOS 12 beta and iOS 12 operating systems, as demonstrated by Rodriguez in a couple of videos he published on YouTube (Videosdebarraquito).”

Zeljka Zorz for HelpNet: How to minimize the negative effect of mobile device loss or theft

David Harley


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: