Security

There’s a “helpful tip” making the Facebook rounds, and it’s a little bit helpful but a lot not so much.

It’s about using Bluetooth to detect credit card skimmers at gas stations:

    Here is a helpful tip:
    When you pull up to a gas station to fill your car. Search your phone for Bluetooth devices. If a sequence of letters and a sequence of numbers shows up in your device list do not pay at the pump. One of the pumps have a card reader installed. All card readers are bluetooth.

If you own a Nest Secure home security system, you should be forewarned the thing has a built-in microphone. There’s a chance, though, you didn’t know this when you bought it. Mostly because Google never told consumers its devices had such technology inside them. The company disclosed this information, inadvertently, earlier in February when it announced the systems would now work with Google Assistant, Business Insider reports.

Switzerland’s postal service Swiss Post is inviting keen-eyed security experts and white hats to hack its e-voting system.

Previously e-voting systems were somewhat verifiable, but could not be fully verifiable. Now Switzerland and the cantons have been conducting e-voting trials since 2004 and it now has what it believes is the first fully verifiable system.

The system will eventually make e-voting available to the broader public and also detects technical errors such as malfunctions, human error, or attempted manipulation.

Dating is tough as it is, but some OkCupid users are reporting a new kind of challenge: Hackers are breaking into accounts, changing their email addresses and passwords, and locking them out. However, the dating website states it has not been affected by a security breach.

Apple has patched one of its creepiest vulnerabilities ever—a flaw in its FaceTime messenger app that made it possible for people to eavesdrop on audio and video captured by iPhones and Macs.

Like many white hat hackers, Dylan Wheeler admits that as a teenager he got his hands a little dirty and his hat, a little black – in his case eventually fleeing Australia from local authorities and the FBI after being accused of stealing more than $100 million-worth of intellectual property, including specifications for an Xbox One games system used to train US soldiers to fly Apache helicopters.

Security researcher Linus Henze demoed a zero-day macOS exploit impacting the Keychain password management system which can store passwords for applications, servers, and websites, as well as sensitive information related to banking accounts.

All the data stored in the macOS Keychain app is encrypted by default, blocking other users or third-party apps from gaining access to it without proper permissions.

Industrial cybersecurity provider Honeywell has doubled down on its protection against USB-based threats towards industrial operators.

The company, which provides a solution called SMX to counteract Universal Serial Bus (USB) threats, has been upgraded to include centralised threat management, multiple form factors, and additional visibility into USB activity on protected end nodes.

OpenOffice is exposed to a remote code execution vulnerability that can be triggered using automated macro execution when users move the mouse over a maliciously crafted ODT document.

The security issue affects all versions of OpenOffice, as well as all LibreOffice releases up to and including 6.0.6/6.1.6. The bug was patched by The Document Foundation in LibreOffice 6.0.7/6.1.3 after receiving a report from security researcher Alex Inführ.

 With so many data breaches and hacks happening all the time, it's easy to become blase, thinking "so what?" and that it doesn't really matter anymore.

That's until you hear from the victims and realise how devastating it can be to have confidential information leak out.