Daily Cyber Brief

iOS bug lets apps record Siri conversations, Apple fixes recently disclosed zero-day, New York post 'hacked', and Google backs Senate bill on securing open source software...

Cybersecurity

iOS Bug Lets Apps Record Siri Conversations

For anyone who thought their conversations with Siri were sacred and keyboard dictation recordings were secure, a new analysis found a flaw in the iOS Bluetooth that could allow someone to grab audio from both. The find is from researcher Guilherme Rambo, who…

Biden now wants to toughen up chemical sector's cybersecurity

The White House is adding the chemical sector to a program launched last year to improve cybersecurity capabilities within America's critical infrastructure industries. The addition makes chemical facilities and manufacturers the fourth sector under the Biden…

Apple fixes recently disclosed zero-day on older iPhones, iPads

Apple has released new security updates to backport patches released earlier this week to older iPhones and iPads, addressing an actively exploited zero-day bug. The vulnerability (CVE-2022-42827) is the one Apple patched for iPhone and iPad devices this Monday, October 24…

DeFi platform robbed of nearly $15 million in hack

Decentralized finance platform Team Finance confirmed on Thursday that hackers exploited a vulnerability and stole $14.5 million worth of cryptocurrency. Several blockchain security companies alerted the company of the hack before it released a statement about the issue…

New York Post 'Hacked' in Tweets Calling for Assassination of Biden, Lawmakers

The New York Post said Thursday it had been "hacked" by an employee after the tabloid newspaper's Twitter account posted a series of antagonistic messages, including a call for the assassination of US President Joe Biden. The rogue tweets were removed late Thursday…

Google backs senate bill on securing open source software

Google joined other industry forces on Thursday in support of legislation to secure open source software. The Securing Open Source Software Act was introduced in September by Senate Homeland Security Committee leader Gary Peters (D-Mich.) and ranking member…

Australian Clinical Labs says patient data stolen in ransomware attack

Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. ACL is an Australian healthcare company that operates 89 laboratories…

Prepare Now for Critical Flaw in OpenSSL, Security Experts Warn

Organizations have five days to prepare for what the OpenSSL Project on Oct. 26 described as a "critical" vulnerability in versions 3.0 and above of the nearly ubiquitously used cryptographic library for encrypting communications on the Internet. On Tuesday, Nov. 1…

Drinik Android malware now targets users of 18 Indian bank

A new version of the Drinik Android trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. Drinik has been circulating in India since 2016, operating as an SMS stealer…

Twilio discloses another hack from June, blames voice phishing

Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers' information. Twilio says this was a "brief security incident" on June 29. The…

Daily Cyber Brief

iOS bug lets apps record Siri conversations, Apple fixes recently disclosed zero-day, New York post 'hacked', and Google backs Senate bill on securing open source software...

Cybersecurity

Join the conversation

Overt Operator