Apple text bomb bug ‘can cause phone crash with a single message’

ITV News – January 18, 2018 ISSUE: can crash an Apple phone or computer with a single text message ROOT CAUSE: A “text bomb” software bug (a malicious link) IMPACT: A number of Twitter users confirmed they had suffered crashes in their Messages app… some saying that they struggled to get their systems working properly again

These five programming languages have flaws that expose apps to attack

ZDNet – December 11, 2017 ROOT CAUSE: language vulnerabilities are suspected of having been caused by attempts to simplify software development IMPACT: the research shows that applications can suffer from security issues when using certain features from programming languages IMPACT: “There are a number of possibilities to be abused in different implementations that could affect secure […]

Sloppy coding + huge PSD2 changes = Lots of late nights for banking devs next year

The Register – December 8, 2017 ROOT CAUSE: Poorly written code ROOT CAUSE: Financial service firms have many older systems and in some cases have not spent the effort to upgrade them to modern security standards ROOT CAUSE: financial sector [has] the need to support legacy… apps written in Cobol but also because of complex coding […]

HP patch released to stop keyboard-tracking computer bug

Evening Standard – December 11, 2017 DISCOVERED BY: Michael Myng, who discovered a deactivated keylogger in software on over 460 models of HP laptop ROOT CAUSE: keylogging software that was accidentally installed on nearly 500 computer models within the last five years COMPANY RESPONSE: released a security update and has warned owners of HP computers to […]

Apple fixes HomeKit bug that allowed remote unlocking of users’ doors

  the Guardian – December 8, 2017 IMPACT: allowed hackers to unlock users’ smart locks or other devices SHORT TERM FIX: temporary [fix] side … but also breaks some functionality of the system COMPANY RESPONSE: “The issue affecting HomeKit users running iOS 11.2 has been fixed. The fix temporarily disables remote access to shared users, which […]

Apple breaks file sharing on Macs while fixing ‘huge’ password security flaw

The Guardian – December 1, 2017 ROOT CAUSE: caused by the critical bug patch ROOT CAUSE: In its haste to fix the macOS High Sierra bug that allowed anyone to take control of a Mac computer with a blank password, Apple broke file sharing for some users IMPACT: preventing some users from authenticating with or […]

MacOS High Sierra bug: blank password let anyone take control of a Mac

The Guardian – November 30, 2017 IMPACT: discovered a couple of weeks ago and disclosed in an Apple developer support forum… allow[s] anyone to access locked settings on a Mac using the user name “root” and no password, and subsequently unlock the computer IMPACT: embarrassing for the company and dangerous, allowing anyone with physical access […]