Subscribe: Softpedia News - Security
Added By: Feedage Forager Feedage Grade B rated
Language: English
android  company  fappening  firmware  hackers  intel  meltdown spectre  meltdown  new  online  photos  security  spectre  updates 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Softpedia News - Security

Softpedia News / Security

Softpedia News / Security

Published: Tue, 20 Mar 2018 16:51:38 +0000

Last Build Date: Tue, 20 Mar 2018 16:51:38 +0000

Copyright: 2001 - 2014 Softpedia. All rights reserved.

The Fappening (2018): Hackers Leak Purported Meghan Markle Topless Video

Mon, 19 Mar 2018 11:06:00 +0000

A video allegedly showing Meghan Markle in a state of partial undress has been published online on a website previously known for posting content as part of the Fappening hacking saga. The same website posted what it claimed to be a preview of a photo hack last week, along with some mock demands for the UK government, threatening instead to leak the entire content should their demands not be met. The past weekend, however, the site posted an alleged video showing Prince Harry’s fiancé topless, though at this point, it’s impossible to confirm if the content is legit or not. The Kensington Palace is yet to release a statement on this new leak, though a spokesperson said last week that the claimed preview of the photo hack was fake. The hack There are two big questions that are pretty difficult to be answered right now...

Mozilla Firefox and Safari Browsers Hacked at Pwn2Own 2018

Fri, 16 Mar 2018 10:44:00 +0000

Microsoft Edge and Safari browsers were the preferred targets for white-hat hackers during the first day of Pwn2Own hacking competition, and only the latter remained in the crosshairs of the researchers for the second day of the event. Richard Zhu (fluorescence) was the one to start the fun with a Windows kernel Elevation of Privilege (EoP) exploit targeting Mozilla Firefox, breaching the browser on his first attempt. His exploit involved an out-of-bounds (OOB) write in the browser and an integer overflow in the Windows kernel, and breaching the browser brought him a $50,000 prize. Overall, Zhu received a $120,000 in this year’s edition of Pwn2Own. Apple’s Safari was the next target on the list, and this time Markus Gaasedelen (gaasedelen), Nick Burnett (itszn13), and Patrick Biernat of Ret2 Systems, Inc. managed to compromise the browser on the fo...

The Fappening (2018): Alleged Meghan Markle Nude Photo Leaks

Fri, 16 Mar 2018 08:34:00 +0000

UPDATE, March 19: Hackers have posted what they claim to be a video showing Meghan Markle in a state of partial undress. The content was allegedly stolen from her cloud account. Original story below. The Fappening saga continues in 2018 with new photo leaks published online every once in a while, and the most recent victim is none other than Meghan Markle, the soon-to-be Mrs. Prince Harry. A website known in the past for posting leaks as part of the Fappening hacking scandal has now published what it claims to be a preview of a new batch of stolen photos allegedly showing Megan Markle half-naked. The Blast writes that Markle is believed to be topless in one of...

PlayStation 4 (4.55) Public WebKit Exploit Now Works with Latest 5.50 Firmware

Mon, 12 Mar 2018 12:10:00 +0000

If you plan on hacking your PlayStation 4 gaming console running the latest 5.50 firmware to run Linux, you should know that someone recently rewrote the public WebKit exploit to work with PS4's most recent firmware. Last week we reported that you can now run Linux on your PlayStation 4 gaming console running firmware 4.05 or 4.55, thanks to the PS4 Linux Loader payload tool created by developer Valentin Breiz, which leverages IDC's kernel exploit. However, the hack only supported some PlayStation 4 models having a FAT filesystem. While Sony recently patched the kernel exploit with firmware 5.50, it looks like hacker qwertyoruiop has rewritten the public WebKit exploit to work on PlayStation 4 consoles upgraded to Sony's latest firmware. qwertyoruiop said on Twitter that his hack should be 100 percent reliable. ...

The Fappening: How to Protect Your Nude Photos from Hackers

Mon, 12 Mar 2018 12:02:00 +0000

Even though it took place in 2014, “The Fappening,” which is the biggest leak of celebrity photos in history, is still making the headlines these days, with hackers getting access to various accounts and stealing images and videos stored in the cloud. This is how the most recent nude photo leaks happened and more are likely to take place in the coming months and years, despite victims of these cyber-attacks having several ways to protect their data. In most of the cases, the hacks are based on either brute-forcing the passwords of the cloud accounts or phishing scams. While brute-forcing can’t compromise your security if you use a complex and hard-to-guess password, phishing scams are the ones that could expose your data if you don’t pay enough attention to some very basic info. No matter if you’re a celebrity or not, it’s critical to keep your files, be they nudes or not, secure from hackers who are looking for unauthorized access to accounts, and the easiest way...

Chinese Android OEM Leagoo Says Pre-Installed Malware Is False Virus Alert

Fri, 09 Mar 2018 07:28:00 +0000

Security vendor Dr. Web has recently published a research to reveal that more than 40 Android phones manufactured by companies based in China ship with pre-installed malware bundled into the firmware and which would facilitate data leaks to malicious actors. In a statement addressing the claims, the Chinese company explains that this was nothing that a “false virus alert,” adding that it contacted the security firm prior to the release of the research and discovered that the said malware was in fact “APK code intended for advertisements.” “Soon after that, LEAGOO software team updated LEAGOO OS and solved virus alert issues in an urgent manner. So far, we did not receive any complaint or critics regarding personal or bank info leakages due to the so called ‘virus alert,’” the company explains in a press statement (embedded below). Leagoo says ...

Hackers Breach Sauna Camera, Leak Nude Video of Dutch Women’s Handball Team

Thu, 08 Mar 2018 12:51:00 +0000

While the Fappening scandal has mostly involved celebrities whose iCloud accounts were hacked, a similar incident took place in the Netherlands and targeted the women handball team. According to local reports, hackers managed to breach the surveillance camera system in a dressing room of a sauna and then posted the recordings on adult websites last December. While it’s kind of odd that a camera system is being used in a dressing room (and this is one of the reasons they were banned in the country), sauna owner Erik van Ingen Schenau says the company suffered a breach in 2015 when hackers managed to infiltrate the network and steal private footage. Seven handball players appearing naked in the video The hackers contacted sauna workers and threatened to post the stolen videos online if the cameras weren’t shut down. "I received a mail containi...

The Fappening (2018): Nude Photos of Peter Andre and Wife Emily Leaked

Tue, 06 Mar 2018 08:42:00 +0000

The intimate photos of singer Peter Andre and wife Emily MacDonagh have reportedly been stolen and published online as part of a new episode from the Fappening saga. While very little details are available on this new leak, British newspaper The Sun writes that a total of three photos were stolen from the couple’s iCloud account, one of which “shows Emily in a state of undress.” Nothing has been said on how exactly the hackers got access to the iCloud account, but it was most likely the same scheme as always. Hackers typically send potential victims emails requesting for a password reset, with links that are pointing them to websites looking legitimate, but which are actually stored on third-party servers. Once credentials are provided on these pages, hackers take control of the accounts and can access any cont...

Android Phones Caught Selling with Pre-Installed Factory Malware

Mon, 05 Mar 2018 08:32:00 +0000

UPDATE, March 9: Leagoo has issued a statement to explain that this malware warnings are, in fact, "false virus alerts" coming from APK code for advertisements. Read the full statement here. Original story below. More than 40 Android phone models, most of them manufactured by companies in China, ship with pre-installed malware that was injected into the firmware straight from the factory. Security company Dr. Web says that it came across a new Trojan called Android.Triada.231 in the firmware of several Android devices back in mid-2017, and after an in-depth research, ...

The Fappening (2018): Jorgie Porter’s Nude Photos and Videos Leaked

Thu, 01 Mar 2018 08:20:00 +0000

English actress and model Jorgie Porter, best known for portraying Theresa McQueen in Channel 4’s Hollyoaks, is the latest victim of hackers, who managed to steal her intimate pictures and videos and post them online. Content belonging to the 30-year-old star was published on websites known for posting leaks as part of the Fappening saga, but also on adult sites. According to reports, Porter poses in sexual positions and even appears topless with former Hollyoaks co-star Stephanie Davis. It seems that the X-rated content was stolen from Porter’s iCloud account, as her photos and videos were uploaded to the cloud most likely for backup purposes. In the past, adult photos and videos belonging to several other celebrities were leaked to the web after their iCloud and Google accounts were hacked. In most of these cases, the hacks were based on phishing em...

Spectre and Meltdown Mitigations Now Available for FreeBSD and OpenBSD Systems

Thu, 22 Feb 2018 21:57:00 +0000

More than a month since their public discloser the nasty Meltdown and Spectre security vulnerability have now been fixed for various BSD operating systems including FreeBSD and OpenBSD. FreeBSD announced last month that it was made aware of the Spectre and Meltdown security vulnerabilities discovered by various researchers from Google's Project Zero, Graz University of Technology, Cyberus Technology, and others in late December 2017 to have time to fix them for their BSD-powered operating system. The project said that they are working with CPU vendors like Intel and AMD to mitigate both Spectre and Meltdown on FreeBSD, but did not give an estimated time of the publication of the patches. One and a half months later, the patches to mitigate Meltdown via PTI (Page Table Isolation) arrived, along with PCID optimization of PTI. Also, the FreeBSD project released a kernel update that includes the IBRS (Indirect Branch Restricted Speculation) feature to partially mitiga...

Intel Releases Spectre Patches for Kaby Lake and Coffee Lake Processors

Wed, 21 Feb 2018 12:11:00 +0000

Intel has just released revised Spectre fixes for more processors, after the company previously published them for Skylake chipsets earlier this month. The new updates are available for Skylake-X, Kaby Lake, and Coffee Lake CPUs, as well as for data center chips like Intel Xeon Scalable and Intel Xeon D. The company says that it’s now working with partners to include them in their firmware updates, so the next release for your device should include these fixes as well. Intel claims that additional fixes for Skylake are also included, following the original patches that were launched in February. “We have now released production microcode updates to our OEM customers and partners for Kaby Lake- and Coffee Lake-based platforms, plus additional Skylake-based platforms. The new microcode will be made available in most cases through OEM firmware updates. ...

The Best Antivirus Apps for Android

Wed, 21 Feb 2018 10:34:00 +0000

Given the continuous growth of Android malware, running antivirus software on a mobile device becomes a must-have, though keeping smartphones secure is also possible by following simple practices such as installing apps from trusted sources exclusively. However, for those who want to install third-party antivirus on an Android device, choosing the most effective app is much harder than you think, and this is why researches such as the one conducted by AV-TEST comes in so handy. The antivirus test organization has conducted a new study to determine the best antivirus apps for Android, and the results aren’t surprising at all. No less than nine security products received the maximum rating, including apps from Symantec, Tencent, AVG...

The Fappening (2018): Blac Chyna Sex Tape Leaked Online

Wed, 21 Feb 2018 08:42:00 +0000

American model and entrepreneur Blac Chyna is the latest victim of X-rated content being posted online, as a video that was published on Twitter earlier this week showed her engaged in oral sex with an unidentified man. While this is another case of adult content posted online without the owner’s consent, this isn’t the typical Fappening leak. The already-famous Fappening saga involved photos and videos stolen from hundreds of celebrities across the world after cybercriminals managed to breach their personal accounts, including iCloud and Gmail. This time, however, it’s not yet known how the video was obtained, but Blac Chyna’s lawyers say it’s most likely “revenge porn.” This means hacking wasn’t involved, though this remains to be clarified as part of a police investigation. “Revenge porn — posting explicit images without the consent of everyone in those images — is a crime, a civil wrong, and a form of domestic abuse,” Lisa Bloom, one of Chyna’s attorneys, said...

Intel Expands Its Bug Bounty Program for Spectre Security Flaws with New Awards

Thu, 15 Feb 2018 01:15:00 +0000

Intel announced on Wednesday that it would expand its bug bounty program for the Spectre security vulnerabilities until the end of the year, and will award hackers with up to $250,000 USD. The tech giant launched its bug bounty program last year in March to encourage hackers and security researchers to discover potential flaws in its processors, such as the recently unearthed Meltdown and Spectre vulnerabilities that affect all CPUs made in the last two decades. While Intel is still struggling to release updated microcode firmware for all of its processors, it announced that it wants to expand its bug bounty program until December 31, 2018, with a new offering that would help them discover better fixes for side channel vulnerabilities...

Telegram Zero-Day Vulnerability Lets Hackers Pwn Your PC to Mine Cryptocurrency

Tue, 13 Feb 2018 13:10:00 +0000

A zero-day vulnerability was discovered by Kaspersky Lab in the Telegram Desktop app that could let hackers pwn your computer to mine for cryptocurrencies like Zcash, Monero, Fantomcoin, and others. Kaspersky Lab's security researchers say the zero-day vulnerability can be used to deliver multi-purpose malware to computer users using the Telegram Desktop app, including backdoors and crypto-cash mining software. The security company also discovered that hackers had actively exploited the vulnerability in the Telegram Desktop app, which is based on the right-to-left override Unicode method, since March last year, but only to mine cryptocurrencies like Fantomcoin, Monero, and Zcash. Once the zero-day vulnerability was successfully exploited, hackers were able to install a backdoor on your computer using the Telegram API as both a command and control protocol, which means they could gain remote access to your PC. “We have found several scenarios of t...

The Fappening (2018): Guardians of the Galaxy Actress Mikaela Hoover Nudes Leak

Thu, 08 Feb 2018 10:38:00 +0000

The Fappening scandal continues even in 2018, and Guardians of the Galaxy actress Mikaela Hoover appears to be the most recent victim. Hoover’s iCloud account has recently been hacked and the attackers managed to steal no more, no less than 40,000 images, 119 of which were posted on websites known for publishing nude photos as part of the Fappening saga. The actress has already contacted the LAPD, according to a report from TMZ, and police investigators have collected two IP addresses to look into possible cyberattacks launched from computers using them to connect to the Internet. Search warrants to obtain information about IP holders have also been executed, the source notes, and bank data and other information have also been obtained. iCloud account breached by hackers Not much has been said about the hack itself, but in ...

Intel Releases New Spectre Updates for Skylake Processors

Thu, 08 Feb 2018 09:53:00 +0000

Intel has recently published a new set of updates for the Spectre vulnerability, but for the time being, only Skylake processors are getting them, with the other chipsets to be patched shortly. Intel originally rolled out Meltdown and Spectre updates in early January following Google’s public disclosure, but the security fixes for one of the Spectre vulnerabilities caused issues on a number of processors. While Intel initially said that Broadwell and Haswell CPUs were suffering from reboots, the company then explained that other chips are also affected, including Skylake and Kaby Lake. Today’s release is aimed at Skylake exclusively, and Intel says that it’s now working to make patches for the other chipsets available as soon as possible. “We expect to do the same for more platforms in the coming days. We also continue to release beta microcode updates so that customers and partners have the opportunity to conduct extensive testing before we move them into produc...

Google Says It Banned 700,000 Android Apps Last Year

Wed, 31 Jan 2018 09:24:00 +0000

Google removed more than 700,000 Android apps from the Google Play Store last year, according to statistics provided by Andrew Ahn, Product Manager, Google Play, and this represents an increase of 70% over 2016. Ahn says no less than 99% of the abusive apps were detected by the company’s own filters and were blocked before users were allowed to download them. “This was possible through significant improvements in our ability to detect abuse - such as impersonation, inappropriate content, or malware - through new machine learning models and techniques,” the Google engineer says. There were 100,000 developers that got banned last year, and Google says it identified three different types of applications that are trying to make it to the Play Store despite violating policies. Malicious apps First of all, it’s the copycats, which impersonate famo...

Alcatel Bombards Android Phones with Ads Pushed Though Its Own Free Apps

Tue, 30 Jan 2018 10:32:00 +0000

​Alcatel has unexpectedly started serving ads on its own Android devices using apps that come pre-installed on its very own phones and which were recently updated on the Google Play Store. As weird as that might sound for a company the size of Alcatel, it looks like several of its apps are now pushing the annoying advertisements, including even the launcher and the gallery. The latter, however, suffered a series of silent modifications that certainly raise questions as to how Alcatel handled this whole adware saga. First and foremost, as Android Police spotted, the Gallery app has been renamed to Candy Gallery on the Google Play Store, and it was updated automatically on all Alcatel’s devices running Android. The new app serves ads, and users have basically no way to pr...

Faulty Malwarebytes Update Causes High CPU Usage on Windows, Fix Available

Mon, 29 Jan 2018 06:37:00 +0000

A bad Malwarebytes updates released the last weekend caused the main process of the security product, mbamservice.exe, to experience high CPU usage on Windows systems, up to the point where computers were nearly impossible to use. Company officials quickly responded to the complaints posted online, and a fix is already available to address the bug. Users are recommended to install the most recent update and reboot computers – two system restarts might be required, Malwarebytes says, because stabilizing the system doesn’t always take place after the first one. Fix already available for consumers and endpoints As far as the cause of the bug is concerned, Malwarebytes says it was all because of a protection update shipped on Saturday morning. “As a side effect of the web protection blocks, the product also spiked memory usage and possibly caused a crash. We ...

Hawaii Governor Slow to Refute Missile Warning Due to Forgotten Twitter Password

Wed, 24 Jan 2018 10:29:00 +0000

Could this whole blunder get any worse? As if the simple fact that someone accidentally hit the wrong option and sent everyone in Hawaii a fake missile attack warning wasn’t enough, Governor David Ige now says he needed 17 minutes to post on Twitter because… he didn’t know his account password. As a summary, the Hawaii Emergency Management Agency submitted the fake ballistic missile threat at 8.07 am Pacific time on January 13, while Ige tweeted the four words, “there is NO missile threat,” at 8.24 am the same day. The second alert sent to phones landed 38 minutes after the false alarm. Ige told the Honolulu Star Advertiser that he configured Twitter on his phone to be able to post faster, though hopefully, he won’t need to refute another fake missile warning. “I have to confess that I don’t know my Twitter account log-ons and the passwords...

HP Pulls Spectre Security Update Due to Intel Bug

Wed, 24 Jan 2018 08:47:00 +0000

Intel has recently confirmed that its Spectre (Variant 2) patch could cause system reboots and other issues on computers installing it, and the company recommended against installing it until a workaround is provided. As a consequence, other companies that shipped firmware updates including Intel’s patches are now forced to suspend them as well in order to prevent these issues from hitting their devices. After Dell published an advisory to recommend users to avoid installing the latest BIOS updates and to downgrade to the previous release, HP does the same thing and announces that it pulled the latest patches because of the said issues. “Intel has updated their security advisory recommending to stop deployment of current versions of the MCU patch as they may introduce higher than expected reboots and other unpredictable system behavior,” HP says ...

Do No install Spectre BIOS Updates, Dell Says

Wed, 24 Jan 2018 06:22:00 +0000

Dell is the latest company to join the Meltdown and Spectre update fiasco, as it rolled out an advisory for its customers to recommend against installing the latest security patches that address the Spectre variant 2 vulnerability. In a tech document published on its website, Dell EMC explains that users who haven’t yet installed the latest BIOS updates are recommended to delay deployment, while those who already did it should try rolling back to the previous version. Dell says the problem resides in the security updates shipped by Intel and included in its own firmware updates, which could cause reboot issues and system freezes. The company has already pulled the affected BIOS updates, as it’s working on new versions to address the problems. “Intel has communicated new guidance regarding ‘reboot issues and unpredictable system behavior’ with the microcode included in the BIOS updates released to address Spectre (Variant 2), CVE-2017-5715. Dell is advising that al...

Dutch Government Switches to Super-Secure “Dumb” Phone to Prevent Hacks

Mon, 22 Jan 2018 10:25:00 +0000

Government officials in the Netherlands are leaving their own smartphones at home when traveling to other countries, switching instead to an old-school “dumb” phone that has no Internet connection and lacks support for apps. The “dumb phone” moniker, however, deserves a series of quotes because the Sectra Tiger lineup of handsets has been specifically developed with security in mind. All phones feature nothing more than basic communication features like phone calls and texts, while data transfers are only possible in registered and secure networks. The official site of Sectra Tiger reveals there are three such secure phones that can be used by government officials, all of them developed from the very beginning to block cyber-attacks. Phone features The Tiger/R, which looks like a smartphone but isn’t one, is based on Samsung’s own Android smartphones, but inste...

The Fappening 2018: Fox Sports Host Charissa Thompson’s Nude Photos Leaked

Mon, 22 Jan 2018 07:02:00 +0000

Fox Sports host Charissa Thompson is the latest celebrity whose nude photos were stolen by hackers and then published online on websites known for posting adult content as part of The Fappening scandal. According to The Blast, hackers managed to breach the iCloud account belonging to the 35-year-old television host and sportscaster and then extract photos that were stored in the cloud. By default, Apple’s iPhone can upload photos taken with the camera to iCloud for backup purposes, and by compromising the credentials, hackers can thus get access to the entire gallery that’s uploaded to cloud. While nothing has been said on how the account was breached, hackers most often turn to phishing sites that replicate the official interface of iCloud and email messages that are delivered to their targets in an attempt to convince them to load these fake pages. Emails typically req...

OnePlus: Up to 40,000 Customers May Be Affected by Credit Card Security Breach

Fri, 19 Jan 2018 21:07:00 +0000

OnePlus has confirmed today in a public statement that a security breach, discovered earlier this week on its online store, put credit card data of about 40,000 customers in the hands of hackers. There were various reports lately from many customers who brought OnePlus smartphones from the company's online store about unknown transactions on their credit cards, transactions that they did do and that appeared after their OnePlus purchases. These reports came from customers who paid directly with their credit cards instead of using a third-party payment service like PayPal, which masks customer's credit card information and it's very secure. OnePlus investigated the issue and temporarily disabled credit card payments on its online store at After a little more investigation, it would appear that approximately 40,000 customers may have been exposed to the security breach, as OnePlus

75% of PCs Not Patched Against Meltdown and Spectre, Companies Say

Fri, 19 Jan 2018 09:16:00 +0000

Intel promised to release Meltdown and Spectre security patches for 90 percent of PCs by the end of this week, but it turns out that despite the updates being available in the wild, organizations aren’t very keen on securing their computers. A survey conducted by Barkly reveals that less than 26 percent of the systems managed by IT and security pros have received the Meltdown and Spectre updates, with only 4 percent of the respondents saying that all their machines got them. And it’s getting worse. No less than 46 percent of the organizations that were part of the survey said they weren’t aware that in order to deploy Meltdown and Spectre patches antivirus solutions needed to be compatible and a registry key was required to deal with it. “Only 42 percent of respondents say their AV vendor has notified them regarding their product's compatibility with the patch. Nevertheless...

Intel Finally Details Slowdowns Caused by Meltdown & Spectre Updates

Thu, 18 Jan 2018 08:06:00 +0000

Intel has already confirmed earlier this month that its Meltdown and Spectre updates are likely to have a performance impact on computers that install it, and in a new press release on Wednesday, the company reveals more information collected following a series of tests. Basically, Intel says that the slowdown experienced by systems depends on workloads and configurations, a thing that the company reiterated on several occasions. In other words, older computers running high-demanding tasks are the most likely to be affected by a noticeable slowdown, while the newest chips on Windows 10 shouldn’t experience anything else than a minor performance impact which most users wouldn’t even detect.

Android Virus Can Spy on Users in A Way You’ve Never Seen Before

Wed, 17 Jan 2018 10:50:00 +0000

The Android ecosystem is constantly under attack from new forms of malware, and now security experts at Kaspersky discovered a virus that can spy on users in a completely new way as compared to known cyber-infections. Skygofree, which was named after one of the domains it used for compromising devices, has been around since at least 2014, Kaspersky says, despite signs of the infection being discovered late last year. Skygofree typically waits for victims on fake mobile operator websites, as malicious actors disguised the malware as an update to the pre-installed apps that are typically shipped on smartphones purchased from carriers. Skygofree-infected apps promise to offer faster Internet speed, trying to trick visitors into downloading them. “If a user swallows the bait and downloads the Trojan, it displays a notification that setup is supposedly in progress, conceals itself from the user,...