Month: November 2023

iOS 17.1 and watchOS 10.1 allow NameDrop to quickly share contact information with a nearby iPhone or Apple Watch.

What is NameDrop?
NameDrop is a feature that allows owners of iPhones or Apple Watches to share their contact information with other Apple devices, when they come in close contact with.

How does the NameDrop feature work?
Users need to hold their phones screen close to the top of another person’s iPhone, about 1 inch apart, which will cause both devices to vibrate. Once the devices link, a NameDrop prompt appears on both phone screens, allowing users to choose if they want to share their contact cards or only receive the contact card of the other user.

iPhone users can select what contact information they wish to share, such as phone numbers and email addresses.

Is it safe?
Sort of. The 2 devices need to be about 1 inch apart to be able to share the contact card, and both users need to unlock their devices and approve the sharing of contact details. This won’t share photos or the entire contact list. Users who still aren’t comfortable with this, can easily turn this feature off.

Read more about it here.

Cybernews researchers discovered that Vietnam Post Corporation, a Vietnamese government-owned postal service, left its security logs and employee email addresses accessible to outside cyber snoopers for 87 days. The exposed sensitive data could spell trouble if accessed by bad actors.

Unprotected databases are common in the wild. They are usually the result of carelessness. For example, database admins may remove credentials to make it easier to connect via the internet, and then forget to put them back.

When the Cybernews team found the open database, it had more than 226 million logged events and measured 1.2 Terabytes in size. It contained device usernames with employee names or emails. This information enables potential cyber criminals to identify which employees were working at a given time and which devices they were using.

The database exposure began on July 8, 2023, and access to the database was evantually cut on October 6, 2023.

Read more about it here.

The UK division of Samsung Electronics has allegedly alerted customers of a year-long data security breach – the third such incident the South Korean giant has experienced around the world in the past two years.

A spokesperson from Samsung said that the company was “recently alerted to a security incident” that “resulted in certain contact information of some Samsung UK e-store customers being unlawfully obtained”. The incident was limited to the UK region and does not affect data belonging to customers in the US, its employees, or retailers.

In a statement posted on X (formerly Twitter), Samsung said:
“On 13 November 2023, it was determined that an unauthorised individual exploited a vulnerability in a third-party business application we use, and that some personal information of certain customers who made purchases on SEUK’s eCommerce site between July 1, 2019 and June 30, 2020, was affected”.

Samsung told affected customers that hackers may have accessed their names, phone numbers, postal addresses and email addresses. “No financial data, such as bank or credit card details or customer passwords, were impacted,” Samsung’s spokesperson said.

Read more about it here.