Security News

Truecaller announced a research conducted in partnership with The Harris Poll in March of 2022, and the findings detail trends/insights on the impact of spam and phone scams that have increasingly permeated the U.S. over the last 12 months. The study estimates that a staggering $39.5 billion was lost to phone scams this past year, which is the highest number recorded since Truecaller began researching scam and spam calls in the U.S. eight years ago.

Zoom has fixed a security flaw in its video-conferencing software that a miscreant could exploit with chat messages to potentially execute malicious code on a victim's device. The upshot is that someone who can send you chat messages could cause your vulnerable Zoom client app to install malicious code, such as malware and spyware, from an arbitrary server.

Researchers have demonstrated iPhone malware that works even when the phone is fully shut down. T turns out that the iPhone's Bluetooth chip­ - which is key to making features like Find My work­ - has no mechanism for digitally signing or even encrypting the firmware it runs.

Google, Apple, Microsoft promise end to passwords, courtesy of your mobile phone. A future without passwords may be closer than we think, at least when a new initiative to enlist your smartphone as a mobile authenticator gets off the ground.

Well, Google considered that possibility with its Pixel devices and made it such that anyone can quickly enter their phone into lockdown mode, which shuts down all unlocking methods except for PINs, passwords and patterns. I'm going to show you how to enable and disable lockdown mode on your Pixel phone.

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System that could be combined to achieve a full pre-authenticated remote code execution of affected systems. Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to "An unauthenticated attacker gaining root on these devices."

Picking up the phone still might be the best way to do business. Despite the risks associated with robocalls and spam calls, new research shows that organizations still prefer voice-to-voice communication over any other form of communication.

Attention, Samsung Galaxy smartphone owners: There's a good chance your device is one of the 100 million that a Tel Aviv University research paper said suffer from a serious encryption flaw. The researchers didn't stumble upon this error, either: They purposely targeted Samsung devices as an attempt to prove that proprietary, and often undocumented, encryption applications endanger everyone using a smartphone.

A group of academics from Tel Aviv University have disclosed details of now-patched "Severe" design flaws in Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys. The shortcomings are the result of an analysis of the cryptographic design and implementation of Android's hardware-backed Keystore in Samsung's Galaxy S8, S9, S10, S20, and S21 flagship devices, researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool said.

As Russia's invasion of Ukraine continues, the technology industry is trying to use its services to make a difference - and to keep those services available as the war makes it harder to operate. The Global Sourcing Association - a UK-based body formerly known as the National Outsourcing Association and which promotes strategic use of services resources around the world - last week reported "Evidence of service disruption as companies are struggling to exercise their business continuity plans due to the extent of the disruption and employees are having to decide if they want to stay and work or choose to evacuate the main cities."