May 25, 2020
Niles Nerd

WTH Security News May 25, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

The Nigerian fraudsters ripping off the unemployment system. “Scattered Canary” group is scamming vital benefits programs amid the pandemic. Not just America. Affects Canadians as well, so we need to all be on alert, whether or not you are employed.

GrayKey iPhone unlocker poses serious security concerns. The silver lining for security-minded businesses that take advantage of Apple Business Manager (formerly DEP), a stolen device is never usable by the thief unless and if the MDM (Mobile Device Management) releases it. Blackberry invented MDM concept, but Apple has advanced it to the point of making an ABM/MDM-protected iOS device the most secure mobile phone.

Bluetooth flaw exposes countless devices to BIAS attacks. With social distancing this is less of a concern than it otherwise would be. But for the very security-conscious, find a place outside of bluetooth range from anyone to do new-device pairing.

iOS 13.5 Jailbreak #unc0ver v5.0.1 is now out. However, it is crazy that anyone who isn’t doing security testing would want to use this. Considering Zerodium’s recent statements on not accepting new submissions, there are enough iOS vulnerabilities out there that everyone would want to keep iOS patched.

NSO Group Impersonated Facebook to Help Clients Hack Targets. As we know, this is possible because phishing remains a successful part of any attackers’ strategy. For those concerned, the only mitigation against this is adaptive white/allow listing on Internet domain names.

Did you know?

You’re saying it wrong: How to say oft-mispronounced tech terms. I personally didn’t even know about the specific pronunciation for Qi (the wireless charging standard).