IOS Hacking Websites Also Targeted Android and Windows

From DCTVpedia
Revision as of 22:52, 30 September 2019 by WScottis1 (talk | contribs) (Created page with ".932 {{Infobox Episode| title = iOS Hacking Websites Also Targeted Android and Windows | number = 932 | date = SEPTEMBER 2,...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
iOS Hacking Websites Also Targeted Android and Windows
Number 932
Broadcast Date SEPTEMBER 2, 2019
Episode Length 5:56
Hosts Rich Stroffolino

The websites reported by Google’s Project Zero as installing malware on iOS devices also targeted Windows and Android, US tariffs on China go into effect on some tech goods, and the face swapping app Zao blows up in China.

Headlines

Last week, we mentioned that Google's Project Zero disclosed websites that were able to install malware on iOS devices just by visiting the site. Now Forbes reports that, according to sources, those sites were also targeting Google's Android and Microsoft's Windows OSs. TechCrunch and Forbes both cite sources that these efforts were designed to target the Chinese Uyghur minority community. Since these sites were indexed by Google, some non-Uygurs users also installed the malware on devices, prompting the FBI to reportedly ask Google to remove the sites from its index.
On September 1st, the Trump administration placed 15% tariffs on $112 billion worth of Chinese imports, including agricultural goods, clothing, and some tech products. Smartwatches, ecigarettes, cameras, TVs, and lithium-ion batteries would all be subject to the tariff. China responded with a roll out of $75 billion in tariffs on US goods, including a resumption of a 25% duty on US cars set to go into effect December 15th. The US cited unfair trade practices from China as the reason for the tariffs.
Politico and Bloomberg both cite an anonymous source saying Google has agreed to pay the US FTC between $150 and $200 million following an investigation of claims that YouTube violated the Children’s Online Privacy Protection Act by collecting personal information about minors and using it for targeted ads without getting consent from parents. The FTC voted 3-2 to approve a settlement, which now goes to the Justice Department to review.
The iOS app Zao was published to China's App Store on August 30th, and quickly became the most downloaded app on the store by September 1st. The app allows users to do deepfake-style face swaps with a variety of video clips of celebrities and sports stars using images captured on a smartphone. The apps user agreement sparked privacy concerns as it allows Zao to use a users image for marketing purposes and surrenders the intellectual property rights to their face.
On June 20, Apple announced a voluntary recall of 2015 MacBook Pros with Retina Display due to a fire risk from overheating batteries. The recall covers some, but not all, MacBook pros sold between September 2015 and February 2017. This week airlines started to take notice. Virgin Australia announced that all 15-inch MacBook pros, regardless of model number must not be put in checked luggage. Qantas said its policy further requires the laptop to be switched off during flight. Thai Airways and Singapore Airlines will not allow the laptops on flights at all until the battery has been verified safe or replaced. And TUI Group Airlines, Thomas Cook Airlines, Air Italy, and Air Transat have prohibited affected laptops as well.
Apple announced a new screen replacement program for Apple Watch Series 2 and 3. The company said that "under very rare circumstances", a crack can form on the rounded corner of aluminum models, that slowly continues around the device. Owners can get new screens from an Apple store or authorized service provider for 1 year from the start of the program or up to three years from purchase, whichever is longer.
A new feature rolling out in Google's G Suite and Hangouts Chat will warn users when someone they're sending an email to is away or on vacation. A banner will appear at the bottom of the compose panel or chat window to let senders know when there's an out of office time block on their calendar, and will also note when the recipient will be back.
AMD Senior Vice President Forrest Norrod said that the company's Secure Encrypted Virtualization, or SEV, on its EPYC server platform was derived from AMD's work on semicustom silicon for the PS4 and Xbox One. SEV uses an Arm secure co-processor embedded within the X86 chip to cryptographically isolate virtual machines from themselves and the hypervisor, theoretically allowing a user to trust a cloud hosted VM cannot be accessed by the cloud provider. AMD's semi-custom silicon for game consoles used 16 keys in a cryptographic isolation to prevent piracy without impacting performance, while current generation EPYC chips support up to 509 keys on the co-processor.
Twitter CEO Jack Dorsey's Twitter account was hacked on the afternoon of August 30th, sending out tweets for roughly ten minutes before being taken down, with Twitter confirming the hack at 4:05pm ET, and advising that it had been resecured. The group behind the effort appears to be the same group that targeted YouTube celebrities on Twitter last week. The compromised tweets came from Cloudhopper, a company acquired by Twitter in 2010, that allows you to send tweets by texting 404-04 from the number linked to your Twitter account. Twitter's official account later stated: “the phone number associated with the account was compromised due to security oversight by the mobile provider.”
A study by Counterpoint Research found that since Q3 2018, Nokia led all Android OEMs with 96% of phones sold either running or updated to Android 9 Pie. Nokia was also cited as the fastest to issue software updates, with 94% of phones updated within a year of the latest Android launch. Samsung came in second with 89% of devices update, followed by Xiaomi with 84% and Huawei with 82%. Lenovo is a distant fifth with just 43% of devices running Android 9, while LG ran the latest version of Android on just 16% of devices sold.

Links



Preceded by:
"Week in Review for the Week of 8/26/19"
IOS Hacking Websites Also Targeted Android and Windows
Followed by:
"Deep Sleep Tracking Coming to Apple Watch?"