Apple now requires a judge’s order to hand over your push notification data

Last week, we reported on how US government agencies have been asking Apple and Google for metadata related to push notifications, but the companies arent allowed to tell users about it happening. The content of the notifications is diverse. It ranges from a weather app warning you about rain to ...

US government is snooping on people via phone push notifications, says senator

Many people don’t realize that the instant alert push notifications you get on your phone are routed through Google or Apples servers, depending on which device you use. So if you have an iPhone or iPad, any push notifications can be seen by Apple, and if you use an Android, they can be seen by...

Russian Software Company Pretending to Be American

Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian to...

8 steps to develop secure and unique app for your business

By Owais Sultan A smartphone app is one of the critical elements of any business’ marketing strategy. Here are 8 steps to develop a secure and unique app for your business. This is a post from HackRead.com Read the original post: 8 steps to develop secure and unique app for your business...

Spanish Soccer League App Spies on Fans

The Spanish Soccer League's smartphone app spies on fans in order to find bars that are illegally streaming its games. The app listens with the microphone for the broadcasts, and then uses geolocation to figure out where the phone is. The Spanish data protection agency has ordered the league to...

Bitdefender BOX 2 bootstrap update_setup command execution vulnerability

Summary An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method /api/updatesetup does not perform firmware signature checks atomically, leading to an exploitable race condition TOCTTOU that allows arbitrary execution o...

West Virginia Using Internet Voting

This is crazy and dangerous. West Virginia is allowing people to vote via a smart-phone app. Even crazier, the app uses blockchain -- presumably because they have no idea what the security issues with voting actually are...

Timehop database hacked: Hackers steal data of 21 million users

By Waqas Timehop is a smartphone app for iOS and Android users This is a post from HackRead.com Read the original post: Timehop database hacked: Hackers steal data of 21 million users...

Supply-Chain Security

Earlier this month, the Pentagon stopped selling phones made by the Chinese companies ZTE and Huawei on military bases because they might be used to spy on their users. It's a legitimate fear, and perhaps a prudent action. But it's just one instance of the much larger issue of securing our supply...

iTrack Easy Man-in-the-Middle Attack Vulnerability

iTrack Easy is a multifunctional Bluetooth device. The device supports connecting with apps on your smartphone to find lost or misplaced things and more. A security vulnerability exists in iTrack Easy. An attacker could exploit this vulnerability to conduct a man-in-the-middle attack...

Mitsubishi Hybrid SUV Hack Puts Drivers At Risk, Says Researcher

Security experts are warning owners of Mitsubishi Outlander Plug-In Hybrid Electric Vehicles that their cars can be hacked via the automobile’s on-board WiFi network used for remote control of key car features. The hybrid electronic vehicle, which is slated to be sold here in the U.S. starting th...

Nissan Car Hack Allowed Remote Access To Car

Automaker Nissan deactivated a remote access feature that let owners of its Leaf electric car remotely adjust climate controls and check battery status via a smartphone app. The move comes after a security researcher posted his finding regarding a simple hack that allowed anyone with the right Le...

Smart ATM offers Cardless Cash Withdrawal to Avoid Card Skimmers

Banks have tried every effort, from providing Magnetic Stripes based Credit and Debit Cards to Chip-and-Pin Cards, in order to secure its users from credit card cloning and card Skimmers. It has been known from years that Magnetic stripe are incredibly hackable, but Chip-n-Pin cards have also bee...

Facebook Launches Free Mobile Internet Service In India

Last year, the founder of the Social Network giant highlighted the future of universal Internet access, the dream that Facebook founder Mark Zuckerberg wants to fulfill — Making Internet access available to everyone across the world just like a service as essential as of 911 in the case of an...

miSecureMessages 4.0.1 - Session Management / Authentication Bypass

Affected Product ================================== miSecureMessages from Amtelco - Tested on version: Client=4.0.1 Server=6.2.4552.30017 iOS: https://itunes.apple.com/us/app/misecuremessages/id423957478?mt=8 android: https://play.google.com/store/apps/details?id=com.amtelco.secure website:...

Google Adds Two-Factor Authentication to Apps Accounts

Google has added a two-factor authentication mechanism to the login procedure for its Google Apps offerings, hoping that the addition will help cut down on the amount of fraudulent activity on these accounts. The way that Google has chosen to approach the problem of two-factor authentication is...

RSA 2010: Researchers Demo Mobile Botnet from Smartphone App

A pair of researchers has amassed nearly 8,000 iPhones and Android smartphones in an experimental mobile botnet that demonstrates the ease of spreading potentially malicious applications on these devices. Read the full article. Dark Reading...