All articles tagged with #security researcher
Lovense, a maker of internet-connected sex toys, fixed security flaws that exposed user emails and allowed account takeovers, but the company is considering legal action against reports of the breach, despite claiming no user data was compromised.
A San Francisco man, Noah Roskin-Frazee, has been charged with defrauding Apple of $2.5 million worth of gift cards and products. He was acknowledged in an Apple security update following his arrest, although the reason for this acknowledgment is unclear. Roskin-Frazee, a security researcher, and a co-defendant are accused of using a password reset function to break into an employee's account and manipulate orders for gift cards and devices, ultimately obtaining $2.5 million in products, services, and gift cards.
Security researcher Noah Roskin-Frazee and a co-conspirator allegedly defrauded Apple of millions of dollars by exploiting internal tools and placing fraudulent orders for products and services. They used a password reset tool to gain access to an employee account at a company that does customer support for Apple, and then accessed Apple's systems to manipulate orders using the "Toolbox" program. Frazee has been charged with wire fraud, mail fraud, conspiracy to commit wire fraud and mail fraud, conspiracy to commit computer fraud and abuse, and intentional damage to a protected computer, and could face over 20 years in jail if convicted.
A security researcher in the Netherlands discovered that a small device called Flipper Zero is capable of sending Bluetooth pairing requests to iPhones within radio range, causing a never-ending stream of pop-up windows and reboots. The Flipper Zero, which acts as a versatile tool for wireless communications, has made previously complex RF hacking accessible to more people. The device can clone key cards, disrupt iPhone usage, and perform various other functions. Its affordable price and convenient form factor have democratized radio frequency hacking.
Security researcher Patrick Wardle has revealed that Apple's Background Task Manager, designed to detect and notify users of persistent Mac malware, can be easily bypassed. Wardle discovered several faults with the tool and reported them to Apple, but the company failed to address the more fundamental issues. Wardle shared the bypasses he discovered at the Defcon hacker conference, including one that requires root access and two others that don't. He believes that Background Task Manager currently provides a false sense of security to users and security companies.