Security News
Facebook on Wednesday said it took steps to dismantle malicious activities perpetrated by two state-sponsored hacking groups operating out of Palestine that abused its platform to distribute malware. To disrupt the adversary operations, Facebook said it took down their accounts, blocked domains associated with their activity, and alerted users it suspects were singled out by these groups to help them secure their accounts.
Software developed by data extraction company Cellebrite contains vulnerabilities that allow arbitrary code execution on the device, claims Moxie Marlinspike, the creator of the encrypted messaging app Signal. The researcher found that Cellebrite's software had outdated open-source code that had not been updated in almost a decade, despite security updates being available.
Phone, tablet, and IoT gadget makers will have to state when they'll stop providing security updates for new devices entering the market, the UK's Department for Culture, Media and Sport vowed this morning. Today's pledge would see existing plans for internet-connected tat extended to smartphones and tablets, which is a large step for a scheme originally put together for landfill Internet-of-Things devices such as webcams.
Smith Micro Software announced that it has completed its previously announced acquisition of Avast's Family Safety Mobile business. With this acquisition, Smith Micro obtains Avast's portfolio of mobile family safety services including location features, content filtering and screen time management, cementing Smith Micro as a market leader in delivering mobile family safety software solutions to wireless carriers.
The ioXt Alliance announced that it is expanding its ioXt Compliance Program with a new mobile application profile with added requirements for VPN applications. Defined collaboratively by technology companies such as Google and Amazon, in partnership with security labs, NowSecure, NCC Group, DEKRA, Onward Security and 7layers, and aligned with the initiatives set forth by VPN Trust Initiative, these new security standards for the mobile app and VPN markets will bring transparency and visibility to consumer and enterprise buyers, to advance security in the IoT industry as a whole.
On Thursday the ioXt Alliance, an Internet of Things security trade group backed by some of the biggest names in the business, introduced a set of baseline standards for mobile apps, in the hope that IoT security may someday be a bit less of a dumpster fire. The announcement of the new Mobile Application Profile [PDF], a certification program covering best practices and requirements to keep mobile apps safer than the low bar of vendor discretion, comes from the collaboration of more than 20 ioXt member companies like Amazon, Comcast, Google, and others.
SmartBear has integrated TestComplete, its UI test automation tool, with BitBar, its native mobile device cloud. TestComplete users are now able to create a codeless mobile test and then use these tests in BitBar across devices.
Inkscreen announced that the company has signed a strategic reseller agreement with Vertosoft. Under the agreement, Vertosoft will offer Inkscreen's CAPTOR mobile camera app to federal, state and local government agencies to help their employees secure business photos and other work content captured on their personal devices.
Syniverse announced they are working together with Hitachi America to empower its digital solution with Syniverse CPaaS Concierge. Syniverse and Hitachi are collaborating to offer a real-time messaging and passenger journey optimization solution to the Capital Area Transit System, the regional transit authority for the Baton Rouge, La. metropolitan area.
The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses. Gemini shared a new sales thread on a Russian-language crime forum that included my ParkMobile account information in the accompanying screenshot of the stolen data.