Your weekly top 5 technical and security issues you should pay attention to:
Kr00k is a new WiFi vulnerability affecting over 1 Billion devices.
Great coverage on Security Now Episode 756.
Resource: KR00K – CVE-2019-15126
Wireguard is Arthur’s favourite new VPN.
Not their service, but the protocol which you can run on your own infrastructure.
An Android Security App With 1 Billion Downloads Is Recording Users’ Web Browsing.
In February, Google threw 600 apps out of its Play store. Amongst those was an app called Clean Master, a security tool promising antivirus protection and private browsing. It had more than 1 billion installs before it was evicted and, despite Google’s ban, is one of Android’s most downloaded apps ever and is likely still running on millions of phones.
Locate X’ tracks users through popular apps with trackers, not warrants.
U.S. law enforcement agencies signed millions of dollars worth of contracts with a Virginia company after it rolled out a powerful tool that uses data from popular mobile apps to track the movement of people’s cell phones, according to federal contracting records and six people familiar with the software.
Remote iOS/macOS memory dump possible, now fixed.
Resource: Project Zero
Did you know?
Also did you know?
LuLu is a macOS egress firewall that alerts you to any connection attempt with useful info.