45 posts tagged ‘Security’
ShredOS is an entire OS just for destroying data
Boing Boing,
Want to utterly wipe a drive? ShredOS will do it for you. Install it to a USB stick, boot from said stick, and let it annihilate all those ones and zeroes. READ BOING BOING AD-FREE! ShredOS is a USB bootable (BIOS or UEFI) small linux distribution with the sole purpose of securely erasing the entire contents of your disks using the program nwipe. — Read the rest The post ShredOS is an entire OS just for destroying data appeared first on Boing Boing.
Chinese government hackers reportedly targeted US Treasury’s sanctions office during December cyberattack
TechCrunch,
Chinese government hackers targeted the U.S. Treasury’s highly sensitive sanctions office during a December cyberattack, according to reports. According to The Washington Post, the state-sponsored hackers targeted the Office of Foreign Assets Control (OFAC), a government department that imposes economic and trade sanctions against countries and individuals, to potentially access information on Chinese organizations that […] © 2024 TechCrunch. All rights reserved. For personal use only.
Meta’s iOS Interoperability Requests
mjtsai,
Juli Clover: Apple today said that Meta has made 15 interoperability requests under the Digital Markets Act (DMA) in the European Union, which is more than any other company.In a statement provided to Reuters, Apple said that Meta is asking for changes that could compromise user security and privacy.[…]In response to Apple’s comments on Meta’s […]
WhatsApp v. NSO Group
Reuters (via Hacker News, Court Listener): U.S. judge ruled on Friday in favor of Meta Platforms’, WhatsApp in a lawsuit accusing Israel’s NSO Group of exploiting a bug in the messaging app to install spy software allowing unauthorized surveillance.[…]WhatsApp in 2019 sued NSO seeking an injunction and damages, accusing it of accessing WhatsApp servers without […]
Retrofitting Spatial Safety to Hundreds of Millions of Lines of C++
Google Security: Based on an analysis of in-the-wild exploits tracked by Google’s Project Zero, spatial safety vulnerabilities represent 40% of in-the-wild memory safety exploits over the past decade[…][…]A key element of our strategy focuses on Safe Coding and using memory-safe languages in new code.[…]However, this transition will take multiple years as we adapt our development […]
iPhones Mysteriously Rebooting Themselves
Juli Clover: Law enforcement officials in Detroit, Michigan are warning other police officers about an alleged iPhone change that causes Apple devices stored for forensic examination to spontaneously restart, reports 404 Media.iPhones that are undergoing examination have apparently been rebooting, which makes them harder to unlock with brute force methods, and Michigan police think that […]
Security Research on Private Cloud Compute
Apple (tweet, Hacker News, MacRumors): In the weeks after we announced Apple Intelligence and PCC, we provided third-party auditors and select security researchers early access to the resources we created to enable this inspection, including the PCC Virtual Research Environment (VRE). Today we’re making these resources publicly available to invite all security and privacy researchers […]
TCC and Gatekeeper Bypasses
Wojciech Reguła (September 2021, tweet): I was looking for code injection opportunities that may allow reaching TCC bypasses. My simple shell script discovered a potential victim - /System/Library/CoreServices/Applications/Directory Utility.app. It had (and has) the following private TCC entitlement[…] This entitlement allows the Directory Utility to modify the user’s records stored in the /var/db/dslocal/nodes directory. […] […]