Within 1 day, researchers discovered that iPhone’s still have a limited mechanism for brute force. Given certain devices attachments, while unlocked (within 1 hour), a password can still be brute forced.
Reported by Hackernews
Apple a new version of the software which allows the user to set the phone to USB restricted mode, erasing the device after failed attempts. The use of the USB cable to brute force a device has been a favorite of law enforcement to break into iPhone devices.
Reported by The Verge
Type font used as evidence that documents were forged by Mr. Sharif’ on financial documentation. Evidence provided showed the use of Calibri (created in 2007) with the document dated in 2006.
Reported by Globe and Mail
Macy’s has warned that customers information was stolen from an online data breach. Curiously the data was not taken from Macy’s but rather from a 3rd party warning of the dangers of password reuse.
Reported by Macy’s
The South African presidential site was taken down after hacktivists calling themselves Black Team X defaced it with a skull. The attribution and motives are still to be determined.
Reported by South African
The browser extension Stylish has started stealing internet history of over 2 million users. Problems reportedly started with the creator sold in 2016.
Reported by Robert Heaton
As more and more breaches occur, they are getting less coverage in the news and researchers using sentiment analysis show how people quickly move onto new topics. The concern is that fewer actions are being taken to secure personal data and few a breach as inevitable.
Reported by ABC
A researcher discovered two zero days in a pdf submitted to Virus Total impacting both Adobe Acrobat and older Window platforms. They believe the exploit was still being built since it did not yet deliver a payload and they suspect it is proof of concept.
Reported by Microsoft
The Gentoo development team released an update on the attack method stating the attacker gained access to an administrator password and discovered there was a similar scheme across the GitHub repository. Some additional findings suggest that difficult communications and the inability to revoke credentials slowed response.
Reported by Gentoo
Hamas is creating fake dating apps to break into Israel soldier’s phones. Soldiers were contacted to download one of two apps, once downloaded they provided the owner’s location and contact list.
Reported by the Guardian