fbpx

Download free GDPR compliance checklist!

Tag Archives for " phone "

Chinese researchers reveal method to bypass biometric fingerprint scanners in smartphones

Chinese security researchers from X-Lab security at Tencent challenged fingerprint security in a presentation at the GeekPwn 2019 conference in Shanghai, writes Forbes. The team claims it can hack into almost any Android or iOS device in just about 20 minutes by using what appears to be a fairly simple fingerprint hacking method.

Without giving too many details about the actual technical approach to the audience, researchers used a smartphone to take a photo of fingerprints left on a glass and ran the photo through an app they developed. They were then able to gain access into three different phones equipped with different scanning technologies, one each with capacitive, optical, and ultrasonic sensors.

Source: Chinese researchers reveal method to bypass biometric fingerprint scanners in smartphones | Biometric Update

Using Cell Phone Numbers As A Secondary ID Can Pose Security Risks

Security experts say our growing reliance on cell phones to help confirm our identity online is motivating “SIM-swap” scams to highjack our numbers.

SIM-swap — a “social engineering” trick fraudsters use to take control of somebody else’s phone number. Once scammers control your number, they can get your text messages — including the verification codes many online services send when customers reset their passwords.

Source: Using Cell Phone Numbers As A Secondary ID Can Pose Security Risks, Experts Say : NPR

Remote Simjacking campaigns could disrupt SIM cards in 29 countries

Adaptive Mobile Security has published a new report detailing SimJacker attacks and the number of countries affected. The report identified 29 countries across five continents to which mobile operators ship SIM cards vulnerable to Simjacker attacks.

The countries include Mexico, Dominican Republic, Brazil, Peru, Saudi Arabia, Iraq, Italy, Bulgaria, Nigeria, Ivory Coast and more. Of the 29 countries, customers of a total of 61 mobile operators are currently using vulnerable SIMs with S@T Browser toolkit.

Source: #Privacy: Remote Simjacking campaigns could disrupt SIM cards in 29 countries

Phone numbers users provided for security Twitter used for ad

Twitter revealed Tuesday that it mishandled an unspecified number of users’ email addresses and phone numbers, allowing that data to be used “inadvertently” for advertising purposes.

The incident marks the latest security mishap for the social-networking company, but one that could carry with it some legal headaches. Federal regulators penalized Facebook earlier this year for a similar situation.

Source: Twitter security mishap: Users’ phone numbers were ‘inadvertently’ used for ad purposes – The Washington Post

A huge database of Facebook users’ phone numbers found online

Hundreds of millions of phone numbers linked to Facebook accounts have been found online.

The exposed server contained more than 419 million records over several databases on users across geographies, including 133 million records on U.S.-based Facebook users, 18 million records of users in the U.K., and another with more than 50 million records on users in Vietnam.

Source: A huge database of Facebook users’ phone numbers found online | TechCrunch

Mysterious iOS Attack Changes Everything We Know About iPhone Hacking

For two years, a handful of websites have indiscriminately hacked thousands of iPhones.

The rare and intricate chains of code took advantage of a total of 14 security flaws, targeting everything from the browser’s “sandbox” isolation mechanism to the core of the operating system known as the kernel, ultimately gaining complete control over the phone.

Source: Mysterious iOS Attack Changes Everything We Know About iPhone Hacking | WIRED

Denmark Data Protection Auth. on GDPR & Voice Recordings

The Denmark Data Protection Authority (DPA) ruled on April 11, 2019, that affirmative consent is required when companies record customer telephone calls.

In this case company provided disclosures to its customers that calls may be recorded for training purposes, but did not offered a mechanism for customers to opt-in or opt-out of the recording. DPA rejected the company’s arguments that its recording practices served a legitimate interest, such as the improvement of its customer service, and concluded that the company’s telephone recording practices violated the GDPR.

Source: Denmark Data Protection Auth. on GDPR & Voice Recordings

Police can now access your iPhone without your help

A newly developed tool aimed at cracking the code of Apple iPhones is being pursued or already in the hands of several Bay Area law enforcement agencies. While facial recognition, fingerprint and passcodes may seem secure, there’s a new way for police to get around it.

Source: Police can now access your iPhone without your help – Story | KTVU

Apple to Close iPhone Security Hole That Law Enforcement Uses to Crack Devices

Apple is closing a technological loophole that let authorities hack into locked iPhones, infuriating law enforcement officials and reigniting a debate over security versus privacy.

Source: Apple to Close iPhone Security Hole That Law Enforcement Uses to Crack Devices – The New York Times

Police trial AI software to help process mobile phone evidence

Artificial intelligence software capable of interpreting images, matching faces and analysing patterns of communication is being piloted by UK police forces to speed up examination of mobile phones seized in crime investigations.

Source: Police trial AI software to help process mobile phone evidence

>