security.thejoshmeister.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
URL:
https://security.thejoshmeister.com/
Submission: On November 09 via automatic, source certstream-suspicious — Scanned from NL
Submission: On November 09 via automatic, source certstream-suspicious — Scanned from NL
Form analysis 1 forms found in the DOM
https://security.thejoshmeister.com/search
<form action="https://security.thejoshmeister.com/search" class="gsc-search-box" target="_top">
<table cellpadding="0" cellspacing="0" class="gsc-search-box">
<tbody>
<tr>
<td class="gsc-input">
<input autocomplete="off" class="gsc-input" name="q" size="10" title="search" type="text" value="">
</td>
<td class="gsc-search-button">
<input class="gsc-search-button" title="search" type="submit" value="Search">
</td>
</tr>
</tbody>
</table>
</form>Text Content
skip to main | skip to sidebar
THE JOSHMEISTER ON SECURITY
Research and musings on malware and other facets of computer and online security
SATURDAY, JUNE 15, 2019
PODCASTS ON FACEBOOK, GOOGLE, AND APPLE PRIVACY AND SECURITY, AND MORE
It's time to catch up on sharing episodes of the Intego Mac Podcast that I've
co-hosted since my last big update on the JoshMeister on Security, in reverse
chronological order.
Please subscribe for free to the weekly podcast (via Apple Podcasts or
elsewhere) to make sure you don't miss any future episodes!
Click on the episode titles below for show notes and MP3 download links. Each
episode is about 30 minutes long.
* Jun 14, 2019 — 87: Privacy policies more complicated than Kant's Critique of
Pure Reason
* Jun 7, 2019 — 86: New security and privacy features in macOS Catalina and
iOS 13
* May 31, 2019 — 85: Deep dive: Software updates on Mac and iOS
* May 24, 2019 — 84: Google may know everything you've bought
* May 17, 2019 — 83: Epic disasters: ZombieLoad, WhatsApp, Google 2FA keys,
Microsoft RDP
* May 10, 2019 — 82: How we use Facebook
* May 3, 2019 — 81: Malicious profiles threaten iOS
* Apr 26, 2019 — 80: When should you upgrade your Mac?
* Apr 19, 2019 — 79: Should Apple make a foldable phone?
* Apr 12, 2019 — 78: Is Apple breaking up iTunes?
* Apr 5, 2019 — 77: The one about the iPad
* Mar 29, 2019 — 76: Apple's new services (with guest Chuck Joiner)
* Mar 22, 2019 — 75: Porn scams use a brain hack
* Mar 15, 2019 — 74: SPOILER (attack) alert
* Mar 8, 2019 — 73: Maintain your privacy when browsing the Web
* Mar 1, 2019 — 72: Marzipan and the iOSification of macOS (note: at WWDC in
Jun 2019, Apple renamed Project Marzipan to Catalyst)
* Feb 22, 2019 — 71: How to securely dispose of hard drives
* Feb 15, 2019 — 70: How to avoid getting hacked after data breaches
* Feb 8, 2019 — 69: Why doesn't Apple have a Mac bug bounty program?
* Feb 1, 2019 — 68: FaceTime, Facebook, Google, Shortcuts, steganography, and
more
* Jan 25, 2019 — 67: The biggest data breach ever; is your data included?
* Jan 18, 2019 — 66: Routers, tweets and privacy, bugs, and more
* Jan 11, 2019 — 65: Apple: it's all about the ecosystem, baby
* Jan 4, 2019 — 64: New year's resolutions to secure your Mac and iOS devices
* Dec 28, 2018 — 63: The year in Mac and iOS security
* Dec 21, 2018 — 62: How mobile apps track your location
* Dec 14, 2018 — 61: How to set up a new Mac
* Dec 7, 2018 — 60: How to choose the Mac you need
* Nov 30, 2018 — 59: Is Apple changing from a hardware company to a software
company?
* Nov 23, 2018 — 58: New security features in iOS 12 and macOS Mojave
* Nov 16, 2018 — 57: The advantages of using a VPN, with CyberGhost
* Nov 9, 2018 — 56: How to shop securely (and save money) on Black Friday
* Nov 2, 2018 — 55: Apple brings out new Mac and iPads
* Oct 26, 2018 — 54: How to spot fake online product reviews
* Oct 19, 2018 — 53: Security deep dive: digital certificates
* Oct 12, 2018 — 52: Bloomberg alleges China planted rice grain-sized chips in
U.S. hardware
* Oct 5, 2018 — 51: Facebook blunders, sloppy Russian hackers, and more
* Sep 28, 2018 — 50: macOS Mojave is here
* Sep 21, 2018 — 49: What iOS 12 means for you
* Sep 14, 2018 — 48: Is the Mac App Store really safe? Browser
history-exfiltrating apps found
* Sep 7, 2018 — 47: Coming soon from Apple: App Store mandatory privacy
policies, and more
* Aug 31, 2018 — 46: Advanced persistent threats by nation-state caliber threat
actors
* Aug 24, 2018 — 45: Can you prevent Google from tracking your movements?
* Aug 17, 2018 — 44: What's a botnet, and how do they work?
* Aug 10, 2018 — 43: Should you be concerned about porn blackmail e-mails?
* Aug 3, 2018 — 42: Security software deep dive: How Intego NetBarrier firewall
works
* Jul 27, 2018 — 41: Malware (OSX/Calisto) masquerades as an Intego software
installer
* Jul 20, 2018 — 40: How to protect your digital legacy
* Jul 13, 2018 — 39: Security software deep dive: How antivirus works
* Jul 6, 2018 — 38: How to make sure your Mac's software is working smoothly
* Jun 29, 2018 — 37: How to make sure your Mac's hardware is working properly
* Jun 22, 2018 — 36: Lock down and secure your router
* Jun 15, 2018 — 35: Where's the best place to buy Mac apps?
* Jun 8, 2018 — 34: iOS 12, macOS Mojave: features and security, privacy
enhancements
* Jun 1, 2018 — 33: Cryptojacking, Russian router malware, and parental
controls
* May 25, 2018 — 32: Browser cookies and private browsing
* May 18, 2018 — 31: Delete your social media history
* May 11, 2018 — 30: What is a firewall, and how does it work?
* May 4, 2018 — 29: Social engineering scams to beware of, and digital spring
cleaning tips
* Apr 27, 2018 — 28: Beware of trustjacking
* Apr 20, 2018 — 27: How to securely sell your old Mac, iPhone, or iPad
* Apr 11, 2018 — 26: Facebook, DNS, Apple privacy, new Mac Pro next year, and
more
* Apr 4, 2018 — 25: How to not get scammed online
* Mar 28, 2018 — 24: Facebook, privacy, and logins
* Mar 21, 2018 — 23: Which hard drive is best for your Mac?
* Mar 14, 2018 — 22: Passwords in the cloud
* Mar 7, 2018 — 21: Changes coming to macOS Server
* Feb 28, 2018 — 20: To beta or not to beta…
* Feb 21, 2018 — 19: Do you really want an AI listening to you all the time?
* Feb 14, 2018 — 18: The year in Mac security, and tips for backing up your Mac
* Feb 7, 2018 — 17: Ad blocking: the good, the bad, the ugly, and the ethics
* Jan 31, 2018 — 16: Malware and security lingo: What do those words mean?
* Jan 24, 2018 — 15: What's a VPN, and why should you use one?
* Jan 17, 2018 — 14: What's up with my iPhone's battery?
* Jan 10, 2018 — 13: Is my computer's CPU secure? (Meltdown and Spectre)
* Jan 3, 2018 — 12: What to do if you've been hacked
* Dec 27, 2017 — 11: Handcuffs made of tissue paper: Apple's differential
privacy stinks
* Dec 20, 2017 — 10: Tom Cruise is in every Starbucks
* Dec 13, 2017 — 9: This is Potemkin security: iCloud backups and more
* Dec 6, 2017 — 8: I have root ("I Am Root" macOS vulnerability)
* Nov 29, 2017 — 7: Tom Cruise is in the row behind you: Trojans (FakeAV/Flash)
and more
* Nov 22, 2017 — 6: Passwords are hard (correct horse battery staple)
For more from the JoshMeister on Security, please subscribe via e-mail or RSS,
and follow me on Twitter and LinkedIn.
Posted by Josh Long at 6:56 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: antivirus, apple, facebook, google, howto, iphone, itunes, mac, malware,
microsoft, podcast, privacy, vulnerabilities
ARTICLES WRITTEN FROM OCTOBER 2017 TO MARCH 2019
It's catch-up time again! Here's a list of articles I've written since my last
post on the JoshMeister on Security, in reverse chronological order. Unless
otherwise noted, these articles were published at Intego's The Mac Security
Blog.
Articles highlighted in bold are either particularly interesting or are
important and still relevant.
* Mar 15, 2019 — RSA Conference 2019 highlights: a Mac perspective
* Feb 22, 2019 — iOS Safari flaw allows deceptive news headlines in Messages
(still not fixed as of Jun 2019)
* Feb 1, 2019 — Are iOS Shortcuts safe? Reports of risks surface
* Jan 31, 2019 — Facebook, Google caught deploying invasive apps; Apple shuts
them down (co-authored with Kirk McElhearn)
* Jan 29, 2019 — VeryMal Mac attack hides data within a picture
* Jan 29, 2019 — Everything you need to know about the FaceTime spying bug
* Jan 18, 2019 — Collection #1 (and #2–5) are the latest massive password
dumps
* Jan 18, 2019 — How to avoid getting hacked after data breaches
* Dec 4, 2018 — Did Instagram leak your password?
* Nov 30, 2018 — Privacy Exodus: spam delivers Mac spyware
* Nov 14, 2018 — Ad-injecting Mac malware rediscovered:
SearchPageInjector/SearchAwesome
* Sep 11, 2018 — How safe is the Mac App Store? Privacy-violating apps
uncovered
* Aug 27, 2018 — Operation AppleJeus and OSX/Lazarus: Rise of a Mac APT
* Aug 17, 2018 — Intego exclusive: HP leaves Mac users vulnerable to fax hacks
* Jul 26, 2018 — OSX/Calisto Mac malware masquerades as Intego software
* Jul 20, 2018 — Apple's Quick Look reveals your darkest secrets
* Jul 14, 2018 — Anti-hack feature comes to iOS 11.4.1… but is it good enough?
* Jul 6, 2018 — New Mac malware targets cryptocoin 'dummies'
* Jun 6, 2018 — macOS Mojave: What's new in security and privacy features
* Jun 5, 2018 — Why iOS 12 is huge for security and privacy
* Apr 19, 2018 — iOS trustjacking: How attackers can hijack your iPhone
* Apr 17, 2018 — Month in review: Apple security in March 2018
* Apr 4, 2018 — Sorry, it's a myth that Macs are more secure than PCs (ITSP
Magazine; co-authored with/ghostwriting for Steve Kelly)
* Mar 21, 2018 — Unwanted cryptomining debuts (briefly) in Mac App Store
* Mar 6, 2018 — Month in review: Apple security in February 2018
* Mar 5, 2018 — OSX/Coldroot and the RAT Invasion
* Feb 21, 2018 — OSX/Shlayer: New Mac malware comes out of its shell
* Feb 7, 2018 — Month in review: Apple security in January 2018
* Jan 31, 2018 — A look back at the top Mac security stories of 2017
* Jan 15, 2018 — ¡Ay, MaMi! New DNS-hijacking Mac malware discovered
* Jan 9, 2018 — Month in review: Apple security in December 2017
* Jan 8, 2018 — Meltdown and Spectre: What Apple users need to know
* Dec 4, 2017 — "I Am Root": a retrospective on a severe Mac vulnerability
* Dec 4, 2017 — Month in review: Apple security in November 2017
* Nov 22, 2017 — Caution! These Black Friday "deals" may be bad for your
security
* Nov 1, 2017 — Month in review: Apple security in October 2017
For more from the JoshMeister on Security, please subscribe via e-mail or RSS,
and follow me on Twitter and LinkedIn.
Posted by Josh Long at 3:34 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: apple, facebook, google, howto, iphone, mac, malware, privacy, safari,
spam, vulnerabilities
MONDAY, NOVEMBER 20, 2017
PODCASTS ON FACE ID, KRACK, AMAZON KEY, 2FA, CRYPTOJACKING, IOS APP PRIVACY,
RSAC 2017, AND MORE
It's time to catch up on sharing podcast episodes that I've co-hosted recently
or published earlier this year.
Click on the episode titles for more complete show notes and MP3 download links.
* November 15, 2017 — Intego Mac Podcast #5: Two-Factor Authentication; Should
You Be Worried about Bitcoin?
* Topics include:
* Why multifactor authentication is important
* including why SMS text messages are not an ideal "something you
have" second factor
* What is cryptojacking, and what can you do to avoid it?
* including a brief overview of Bitcoin and cryptocurrency in general
* November 8, 2017 — Intego Mac Podcast #4: iOS Apps and Privacy; Amazon Wants
to Open Your Front Door
* Topics include:
* iOS apps can access your cameras whenever they're in the foreground,
without notifying you, if you've ever authorized them once in the past
* including how to prevent unwanted use of the cameras on your own
iPhone, iPad, or iPod touch
* What is Amazon Key, and could it really be safe to trust Amazon to let
people enter your home unattended?
* November 1, 2017 — Intego Mac Podcast #3: KRACK Wi-Fi Attacks, and Apple's
New APFS File System
* Topics include:
* What are Wi-Fi "KRACK attacks," and how might your Apple devices be
affected by KRACK's collection of vulnerabilities?
* What you should know about Apple's new APFS file system in macOS High
Sierra
* October 23, 2017 — Intego Mac Podcast #2: A Look at Apple's Face ID, and
Intego Turns 20
* Topics include:
* Discussion of the new Face ID authentication method in Apple's iPhone X
smartphone
* Intego's 20th anniversary: reflection on the early years with Serge Kameni
* October 5, 2017 — Intego Mac Podcast #1: Apple Privacy, and Secure Enclave
* Topics include:
* What does Apple claim about itself on its Privacy page?
* What is Apple's "Secure Enclave," and does it matter that the Secure
Enclave Processor firmware has allegedly been decrypted?
* November 20, 2017 — RSAC 2017: Robert Graham on Mirai and IoT Botnet Security
* Recorded at RSA Conference USA in February 2017 (with permission from the
speaker)
* Robert Graham discusses:
* the Mirai botnet that took down Dyn and a significant portion of the
Internet on October 21, 2016
* his experience with obtaining an "Internet of Things" security camera
from China via Amazon, and watching it get infected just 98 seconds
after being connected to the Internet
* March 23, 2017 — RSAC 2017: Amit Serper on OSX Pirrit and Why You Should Care
about Malicious Mac Adware
* Recorded at RSA Conference USA in February 2017 (with permission from the
speaker)
* Amit Serper discusses:
* why some Mac adware can be particularly harmful
* how he followed the rabbit trail to identify the perpetrators behind
OSX.Pirrit
* March 20, 2017 — RSAC 2017: Patrick Wardle's Meet and Greet with the macOS
Malware Class of 2016
* Recorded at RSA Conference USA in February 2017 (with permission from the
speaker)
* Patrick Wardle discusses:
* the Mac malware of 2016
* Mac malware mitigations, including generic detection methods and tools
Please subscribe to the Intego Mac Podcast via the button below, and if you
enjoy the show, please write us a 5-star review on iTunes! Every subscription
and every review make a difference.
Also, in case you missed it…
Be sure to check out my Apple Security Month in Review article for October 2017,
along with the video version (and be sure to subscribe on YouTube):
For more from the JoshMeister on Security, please subscribe via e-mail or RSS,
and follow me on Twitter and Google+.
Posted by Josh Long at 9:23 PM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: apple, howto, interview, iphone, mac, malware, podcast, privacy,
vulnerabilities, youtube
THURSDAY, OCTOBER 26, 2017
NEW APPLE SECURITY YOUTUBE VIDEO SERIES AND AUDIO PODCAST
I have two exciting announcements!
YouTube Video Series – Month in Review
First, I'm producing and starring in a brand new monthly YouTube video series
featuring highlights from my Apple security month-in-review column. You can
subscribe via Intego's YouTube channel, and be sure to click on the 🔔bell icon
to get notified whenever a new video is released:
Check out the first episode by clicking here:
Audio Podcast – Weekly Apple Discussion
Second, I'm co-hosting a brand new weekly audio podcast focusing on Apple topics
including Mac and iOS security. Check out the homepage for the new Intego Mac
Podcast, which features Kirk McElhearn and me as hosts:
Please subscribe via the button below, and if you enjoy the show, please write
us a 5-star review on iTunes! Every subscription and every review make a
difference.
Please share!
Please share both of these new shows with your friends, family, coworkers, and
social media pals to help others stay safe online.
I look forward to sharing security news with you in these new and exciting
ways! Thanks to Intego for providing the opportunity and means to create these
new shows.
For more from the JoshMeister on Security, please subscribe via e-mail or RSS,
and follow me on Twitter and Google+.
Posted by Josh Long at 2:29 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: apple, mac, podcast, youtube
ARTICLES WRITTEN FROM DECEMBER 2016 TO SEPTEMBER 2017
It's catch-up time! Here's a list of articles I've written since my last post
on the JoshMeister on Security (in reverse chronological order):
* October 3, 2017 — Month in Review: Apple Security in September 2017
* Featured stories include:
* Apple releases macOS 10.13 High Sierra, iOS 11, tvOS 11, and watchOS 4
* Patrick Wardle's SKEL and Keychain vulnerability discoveries
* DolphinAttack
* September 22, 2017 — What is BlueBorne? An Apple Device FAQ
* Discussing BlueBorne, a Bluetooth vulnerability that affects some iPhone,
iPad, iPod touch, and Apple TV models that Apple is no longer updating
* August 30, 2017 — Month in Review: Apple Security in August 2017
* Featured stories include:
* Touch ID Secure Enclave Processor firmware allegedly decrypted
* New Mac malware: Pwnet malware distributed via supposed hack
for Counter-Strike game
* New Mac malware: Mughthesec and other Mac adware installers
* July 31, 2017 — Month in Review: Apple Security in July 2017
* Featured stories include:
* New Mac malware: OSX/FruitFly.B, a variant of spy malware discovered in
January
* New Mac malware: OSX/FlashyComposer.A, a variant of OSX/Leverage
backdoor malware from way back in 2013
* DevilRobber Mac malware makes a comeback
* June 29, 2017 — Month in Review: Apple Security in June 2017
* Featured stories include:
* Mac ransomware and spyware as a service
* New Mac malware: OSX/OceanLotus returns with new variant
* Scam software in iOS App Store
* May 31, 2017 — Month in Review: Apple Security in May 2017
* Featured stories include:
* New Mac malware: OSX/Dok distributed via phishing
* New Mac malware: OSX/Proton.B distributed via compromised Handbrake
download server
* New Mac malware: Snake gets ported from Windows
* May 25, 2017 — WannaCry and the State of Mac Ransomware
* Windows systems worldwide were hit by a serious SMB vulnerability called
EternalBlue; Macs that run Windows could be affected
* A summary of recent macOS-targeted ransomware is also discussed
* April 27, 2017 — Month in Review: Apple Security in April 2017
* Featured stories include:
* Apple introduces security (and, oops… insecurity) updates
* SMS phishing scams targeting iPhone users
* Find My Mac can be disabled by anyone with physical access
* Unofficial app store hidden in an App Store app
* Proof-of-concept fake apple.com site revealed a Unicode implementation
issue in major browsers (Chrome, Opera, Firefox) that could have
facilitated phishing
* April 20, 2017 — Windows Vista is Dead; Should You Switch to Apple?
* Microsoft is no longer releasing security updates for Windows Vista, and
the upgrade path to Windows 10 is rather bumpy; is this a good time for
users of a legacy Windows operating system to switch to a Mac or iPad?
* March 24, 2017 — Month in Review: Apple Security in March 2017
* Featured stories:
* Mac hackers get root at Pwn2Own
* WikiLeaks' Vault 7 and DarkMatter disclosures highlight previously
patched iOS and Mac vulnerabilities
* March 20, 2017 — RSA Conference 2017 Highlights
* An extensive article featuring my coverage and highlights from RSA
Conference (USA) 2017, including authorized audio recordings of these
presentations:
* Patrick Wardle: 🔊Meet the macOS Malware Class of 2016
* Amit Serper: 🔊OSX Pirrit and Why Care About Mac Adware
* Robert Graham: 🔊Mirai and IoT Botnet Analysis
* February 24, 2017 — Month in Review: Apple Security in February 2017
* Featured stories:
* New Mac malware: Filecoder/Findzip ransomware
* New Mac malware: Sofacy XAgent
* New Mac malware: iKitten
* New Mac malware: EmPyre Word macro
* New Mac malware: PROTON RAT
* iCloud was storing "deleted" Safari history
* Alleged nude celebrity photo leak blamed on "iCloud hack" but devoid of
evidence
* January 25, 2017 — Month in Review: Apple Security in January 2017
* Featured stories:
* New Mac malware: ClientCapture/Fruitfly/Quimitchin
* Scam site launched DoS attack against unpatched Macs
* December 15, 2016 — What to Do if Your Mac Can't Run macOS Sierra
* Apple released a major new operating system, and it isn't compatible with
some Macs that could run previous versions of OS X; this article includes
ideas for users of older Mac hardware (note: macOS High Sierra, released
in late 2017, has the same system requirements as Sierra)
For more from the JoshMeister on Security, please subscribe via e-mail or RSS,
and follow me on Twitter and Google+.
Posted by Josh Long at 1:17 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: apple, chrome, firefox, iphone, mac, malicious sites, malware,
microsoft, opera, podcast, vulnerabilities
SATURDAY, MARCH 19, 2016
ARTICLES WRITTEN FROM MAY 2014 TO FEBRUARY 2016
It has been a while since I've posted links on this site to my external
articles.
Here's a list of articles I've written since my last post on the JoshMeister on
Security (in reverse chronological order):
* February 29, 2016 — The Evolution of iOS Security and Privacy Features
* Discussing notable security improvements in each major iOS release, from
the first iPhone OS (which Apple originally called "OS X") through the
upcoming iOS 9.3
* February 17, 2016 — The Evolution of Mac OS X Security and Privacy Features
* Discussing notable security improvements in OS X over the past decade,
from Mac OS X 10.4 Tiger (released in April 2005) through OS X 10.11 El
Capitan (released in September 2015)
* April 6, 2015 — TrueCrypt Has Been Audited! Should You Use It?
* Discussing findings from the two phases of the audit, whether TrueCrypt is
still safe to use, and alternative solutions VeraCrypt, CipherShed, and
FileVault 2
* January 27, 2015 — The 3 Hottest Physical Security Products at CES 2015
* Featured interesting products (not paid endorsements/reviews):
* Vysk QS1 Quantum Security Case for iPhone
* FŪZ Designs Noke (Bluetooth Padlock)
* EyeLock myris (Biometric Iris Scanner)
* January 21, 2015 — OS X Market Share Statistics: 1 in 5 Macs Still
Unsupported
* 20% of Macs are running a version of OS X that is no longer getting
security updates
* January 13, 2015 — Apple Security: 2014 Year In Review
* Featured stories include:
* iCloud celebrity photo leak
* New Mac malware threats
* Heartbleed, Shellshock, POODLE, and NTP vulnerabilities
* November 4, 2014 — What to Do if Your Mac Can’t Run OS X Yosemite
* A list of Macs capable of running OS X 10.10 Yosemite, the problems
inherent in continuing to use a Mac that can't run the latest OS, and what
users can do about it
* June 2, 2014 — TrueCrypt is Dead; What Does This Mean for Mac Users?
* The development of whole-disk encryption software TrueCrypt has suddenly
ceased, with a note on the developer's site: "WARNING: Using TrueCrypt is
not secure as it may contain unfixed security issues"
* May 28, 2014 — Month in Review, Part 2: Vulnerabilities and Patches
* Featured stories:
* Multiple Adobe Updates - And Lack Thereof for Shockwave
* Windows XP Zero-day Vulnerabilities
* iOS 7.1.1 Reportedly Not Encrypting E-mail Attachments
* Multiple Apple Updates
* Heartbleed Still Affects 300,000 Servers
* May 27, 2014 — Month in Review, Part 1: Database Breaches, Compromised
Passwords
* Featured stories:
* Apple Developer and Employee Contact Info Leaked
* AOL User Database Breach Confirmed - Password Change Needed
* Bitly Account Credentials Compromised - Password Change Needed
* eBay User Database Compromised - Password Change Needed
For more from the JoshMeister on Security, please subscribe via e-mail or RSS,
or follow me on Twitter or Google+.
Posted by Josh Long at 8:50 PM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: adobe, aol, apple, encryption, filevault, iphone, mac, malware,
microsoft, privacy, truecrypt, vulnerabilities
Older Posts Home
Subscribe to: Posts (Atom)
ABOUT ME
the JoshMeister Joshua Long ("the JoshMeister") is a computer security
researcher from California. He currently works as the Chief Security Analyst for
an international cybersecurity firm. Josh has a Master of IT degree
concentrating in Internet Security, and he has taken doctorate-level coursework
studying Computer and Information Security.
Josh has been doing security research for more than 20 years. Apple has publicly
acknowledged Josh for discovering a password validation vulnerability. His
research has been featured by many fine publications such as CNET, CBS News,
ZDNet UK, Lifehacker, CIO, Macworld, The Register, MacTech Magazine, Naked
Security, and The Mac Security Blog.
To contact Josh, send him a direct message on Twitter. For confidentiality, you
may encrypt your message with Josh's PGP key.
SUBSCRIBE TO
Posts
Atom
Posts
All Comments
Atom
All Comments
SEARCH THIS SITE
TOPICS
adobe antivirus aol apple bing chrome chrome os encryption event facebook
filevault firefox firesheep fraud fuzzing google howto humor internet services
interview iphone itunes java javascript mac malicious sites malware microsoft
norton opera podcast privacy proof of concept review safari social engineering
social networking spam truecrypt twitter vulnerabilities xss yahoo youtube
BLOG ARCHIVE
* ▼ 2019 (2)
* ▼ June (2)
* Podcasts on Facebook, Google, and Apple privacy an...
* Articles written from October 2017 to March 2019
* ► 2017 (3)
* ► November (1)
* ► October (2)
* ► 2016 (1)
* ► March (1)
* ► 2014 (3)
* ► May (3)
* ► 2013 (9)
* ► August (1)
* ► June (2)
* ► April (1)
* ► March (1)
* ► February (1)
* ► January (3)
* ► 2012 (11)
* ► November (1)
* ► September (1)
* ► August (1)
* ► July (4)
* ► June (1)
* ► May (2)
* ► March (1)
* ► 2011 (14)
* ► December (1)
* ► November (1)
* ► October (1)
* ► September (1)
* ► August (1)
* ► July (1)
* ► June (2)
* ► May (1)
* ► April (1)
* ► March (2)
* ► February (1)
* ► January (1)
* ► 2010 (17)
* ► December (1)
* ► November (2)
* ► October (2)
* ► September (2)
* ► August (1)
* ► July (1)
* ► June (1)
* ► May (1)
* ► April (2)
* ► March (1)
* ► February (1)
* ► January (2)
* ► 2009 (19)
* ► December (1)
* ► November (4)
* ► October (1)
* ► September (4)
* ► August (1)
* ► July (1)
* ► June (1)
* ► May (1)
* ► April (5)
SECURITY BLOGROLL
* The Register - Security
Wells Fargo, Zelle slammed by Liz Warren over rampant online banking fraud -
Customers 'more than twice' as likely to be hit by scams, says Dem Senator
Wells Fargo customers who use Zelle to send and request payments suffer more
th...
41 minutes ago
* Sophos Naked Security
Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days! - In
all the excitement, we kind of lost track ourselves. Were there six 0-days,
or only four?
3 hours ago
* ZDNet Security News
Google Chrome: Apply new security update now to fix these six 'high severity'
bugs - A total of 10 security vulnerabilities have been addressed in the
latest Google Chrome update, some of which could remote attackers to crash
your PC.
5 hours ago
* Graham Cluley
Having refused to pay ransom, health insurer Medibank sees customer data
posted online by hackers - A ransomware gang has begun to publish data on the
dark web stolen from Australia's largest health insurer Medibank. Curiously,
the hackers have released d...
5 hours ago
* Schneier on Security
Defeating Phishing-Resistant Multifactor Authentication - CISA is now pushing
phishing-resistant multifactor authentication. Roger Grimes has an excellent
post reminding everyone that “phishing-resistant” is not...
9 hours ago
* Security Now!
SN 896: Something for Everyone - Dropbox breach, cyber bank heists, Russia
goes Linux, OpenSSL flaw update - - Picture of the Week. - A minor Dropbox
breach. - OpenSSL follow-up. - FTC sued and settled with a repeated offender.
- $1.2 billion...
19 hours ago
* Krebs on Security
Patch Tuesday, November 2022 Election Edition - Let's face it: Having “2022
election” in the headline above is probably the only reason anyone might read
this story today. Still, while most of us here in...
20 hours ago
* The Mac Security Blog
9 Things You Can Do With an Old Mac - If you've got an old Mac, you might be
able to repurpose it to make it useful again. Here are several ideas on how
you can put your old Macs to good use....
1 day ago
* Malwarebytes Labs
LinkedIn introduces new security features to combat fake accounts -
Categories: News Tags: fake accounts Tags: social media platform Tags:
LinkedIn Tags: AI Tags: deep learning Tags: reporting After a deluge of fake
...
1 week ago
* Softpedia News - Security
PayPal Officially Announces Support for Passkeys - PayPal has officially
announced the support of passkeys, as the company wants to increase the
security of user accounts and therefore provide customers wit...
2 weeks ago
* US-CERT Current Activity
Zoho Releases Security Advisory for ManageEngine Desktop Central and Desktop
Central MSP - Original release date: December 6, 2021 Zoho has released a
security advisory to address an authentication bypass vulnerability in
ManageEngine Desktop Cen...
11 months ago
Deze site gebruikt cookies van Google om services te leveren en verkeer te
analyseren. Je IP-adres en user-agent worden met Google gedeeld, samen met
prestatie- en beveiligingsstatistieken om servicekwaliteit te garanderen,
gebruiksstatistieken te genereren, misbruik te detecteren en maatregelen te
treffen.Meer informatieOK