If you receive a link for a video, even if it looks exciting, sent by someone (or your friend) on Facebook messenger—just don’t click on it without taking a second thought.
News
How to Find Out Everything Facebook Knows About You
Facebook CEO Mark Zuckerberg will testify before Congress this week to explain how his company collects and handles users’ personal information.
The past few weeks have been difficult for Facebook over concerns that the data of millions of users has been breached.
Facebook stores details of almost every action you have taken and interaction you have engaged in on its platform.
QR Code Bug in Apple iOS 11 Could Lead You to Malicious Sites
A new vulnerability has been disclosed in iOS Camera App that could be exploited to redirect users to a malicious website without their knowledge.
The vulnerability affects Apple’s latest iOS 11 mobile operating system for iPhone, iPad, and iPod touch devices and resides in the built-in QR code reader.
With iOS 11, Apple introduced a new feature that gives users ability to automatically read QR codes using their iPhone’s native camera app without requiring any third-party QR code reader app.
You need to open the Camera app on your iPhone or iPad and point the device at a QR code. If the code contains any URL, it will give you a notification with the link address, asking you to tap to visit it in Safari browser.
However, be careful — you may not be visiting the URL displayed to you, security researcher Roman Mueller discovered.
According to Mueller, the URL parser of built-in QR code reader for iOS camera app fails to detect the hostname in the URL, which allows attackers to manipulate the displayed URL in the notification, tricking users to visit malicious websites instead.
Apple macOS Bug Reveals Passwords for APFS Encrypted Volumes in Plaintext
A severe programming bug has been found in APFS file system for macOS High Sierra operating system that exposes passwords of encrypted external drives in plain text.
Introduced two years ago, APFS (Apple File System) is an optimized file system for flash and SSD-based storage solutions running MacOS, iOS, tvOS or WatchOS, and promises strong encryption and better performance.
Discovered by forensic analyst Sarah Edwards, the bug leaves encryption password for a newly created APFS volume (e.g., encrypting USB drive using Disk Utility) in the unified logs in plaintext, as well as while encrypting previously created but unencrypted volumes.
“Why is this a big deal? Well, passwords stored in plaintext can be discovered by anyone with unauthorized access to your machine, and malware can collect log files as well and send them off to someone with malicious intent,” Edwards said.