WikiLeaks vows to share CIA ‘cyberweapons’ so tech firms can fix holes

By

Wikileaks'
Wikileaks' "Vault 7" data dump allegedly reveals CIA hacking tools used to compromise iPhones, Android phones and other devices.
Image: Gordon Johnson/Pixabay

WikiLeaks founder Julian Assange has vowed to give technology firms like Apple access to the CIA’s “cyberweapons” arsenal so they can develop fixes that make our devices more secure.

Earlier this week, thousands of leaked documents and files revealed the full extent of the CIA’s cyber attacks on smartphones, computers and even smart TVs. WikiLeaks says the spy agency has lost control of it all in a “historic act of devastating incompetence.”

Popular iOS apps vulnerable to spilling your sensitive data

By

iPhone 7 front
Be wary when using Wi-Fi.
Photo: Ste Smith/Cult of Mac

Chrome browser bug makes movie piracy even easier

By

Screen Shot 2016-06-24 at 19.06.08
Stealing movies is simple with Chrome.
Photo: David Livshits/Alexandra Mikityuk

A worrying flaw uncovered in Google Chrome makes it even easier for pirates to download movies and TV shows from the web. Google was made aware of the issue a month ago, but the company is yet to release an update that fixes it.

In-app purchases flaw exposes developers to costly hacks

By

App Store icon
With 2 million apps, the App Store is almost too big.
Photo: PhotoAtelier/Flickr

Sloppy coding in some popular iOS games allows hackers to give themselves and others thousands of dollars’ worth of in-app purchases for free.

The hole was discovered by developers at DigiDNA, creator of a backup tool called iMazing that allows iPhone and iPad users to access their devices’ hidden file systems. The developers found that the app backup/restore feature in iMazing 1.3 exposes weaknesses in the way games like Angry Birds 2 and Tetris Free handle in-app purchases.

To demonstrate how easy it is to hack in-app purchases using this method, the DigiDNA team tweaked Angry Birds 2 to start the game with 999,999,999 gems — the equivalent of $10,000 of in-game credits.

Serious OS X vulnerability isn’t fixed after all

By

Tim Cook addresses the White House Summit on Cybersecurity and Consumer Protection. Photo: White House
Tim Cook addresses the White House Summit on Cybersecurity and Consumer Protection. Photo: White House

A significant security flaw affecting OS X Yosemite hasn’t been fixed as previously thought, according to a former NSA staffer.

The flaw, known as Rootpipe, is said to have existed since 2011, and could allow an attacker to gain full control of another user’s Mac without requiring authentication.

Why you really want to update iOS now (it’s not emojis)

By

Artist's impression of the people potentially behind iOS vulnerability. Photo: Hackers, United Artists
Artist's impression of the people potentially behind iOS vulnerability. Photo: Hackers, United Artists

With reports that it can break elements of Touch ID, there are plenty of reasons to consider not upgrading to iOS 8.3, the latest version of Apple’s mobile OS.

But here’s a very good reason to: according to security researchers, the update fixes a vulnerability which has the potential to render your iPhone almost useless.

1Password Proves It Can Stand Up To Password Crackers

By

1Password goes head-to-head with password cracker and shows why complex passwords are important.
1Password goes head-to-head with a password cracker and shows why complex passwords are important.

 

1Password by AgileBits is a an incredible tool for keeping your data safe. More than just a password manager, 1Password allows you to encrypt and organize a wide range of data (website passwords, non-web digital accounts, credit/debit card numbers and financial account details, software licenses, and files containing confidential information.

Those features are all well and good, but the biggest feature is 1Password’s ability to keep all that data secure in the face of brute force attacks – the kind of attacks where a piece of software simply tries combination after combination of possible passwords. Password cracking software that rely on such attacks can easily try thousands of potential passwords each second.

To find out whether or not 1Password can withstand such attacks, AgileBits tested one 1Password against John the Ripper, one of the most well-known password cracking tools.