Feed aggregator

A win for Die Roten at WWK Arena today would see them go 9 points clear at the top of the league.

A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application.

The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek.

Two CNET kitchen editors agree, Ninja's new glass air fryer is a superior oven for all your crispy, quick-cooking needs.

Article URL: https://stovetop.substack.com/p/seriousness-matters

Comments URL: https://news.ycombinator.com/item?id=43583795

Points: 1

# Comments: 0

Article URL: https://www.subblocks.com

Comments URL: https://news.ycombinator.com/item?id=43583779

Points: 1

# Comments: 1

Article URL: https://www.bbc.co.uk/programmes/b006qykl

Comments URL: https://news.ycombinator.com/item?id=43583769

Points: 1

# Comments: 0

Hey HN! I'm Lewis. I've spent the last 4 months building Comp AI - an open source alternative to Drata & Vanta.

Those platforms can cost $10,000+ per year. We've seen how over the last 18 months AI has changed software development...

We want to change how quick it is to get compliant with frameworks like SOC 2, ISO 27001 and GDPR. Our goal is to help 100,000 companies get compliant by 2030.

You can check out our GH at https://github.com/trycompai/comp/

Comments URL: https://news.ycombinator.com/item?id=43583766

Points: 1

# Comments: 0

Article URL: https://www.diyphotography.net/apples-severance-computer-has-landed-but-you-cant-buy-it/

Comments URL: https://news.ycombinator.com/item?id=43583764

Points: 1

# Comments: 0

Article URL: https://rethinkingsoftware.substack.com/p/in-retrospect-devops-was-a-bad-idea

Comments URL: https://news.ycombinator.com/item?id=43583763

Points: 1

# Comments: 0

Article URL: https://extremalcombinatorics.com/notes/

Comments URL: https://news.ycombinator.com/item?id=43583752

Points: 1

# Comments: 0

Article URL: https://indiantinker.bearblog.dev/iwonderwhy-thoughts-around-making-an-ai-socratic-questioner/

Comments URL: https://news.ycombinator.com/item?id=43583751

Points: 1

# Comments: 0

Article URL: https://www.polygon.com/nintendo-switch-2/553133/pre-orders-delayed-trump-tariff

Comments URL: https://news.ycombinator.com/item?id=43583750

Points: 1

# Comments: 0

Article URL: https://madhavajay.com/llm-glove/

Comments URL: https://news.ycombinator.com/item?id=43583726

Points: 1

# Comments: 0

Article URL: https://www.nhpr.org/2025-04-02/as-deadline-nears-the-white-house-considers-leasing-tiktoks-algorithm-from-china

Comments URL: https://news.ycombinator.com/item?id=43583722

Points: 1

# Comments: 0

Article URL: https://www.scientificamerican.com/article/how-many-rogue-planets-are-in-the-milky-way/

Comments URL: https://news.ycombinator.com/item?id=43583719

Points: 1

# Comments: 0

Article URL: https://dreamactor.org/

Comments URL: https://news.ycombinator.com/item?id=43583713

Points: 1

# Comments: 0

Article URL: https://blog.google/products/gemini/gemini-preview-model-billing-update/

Comments URL: https://news.ycombinator.com/item?id=43583711

Points: 1

# Comments: 0

Security researcher Evan Connelly discovered an enormous flaw affecting one of the largest telecommunications companies in the world that could allow any single person to view the recent incoming call log for potentially any Verizon phone number.

“In short, anyone could lookup data for anyone,” Connelly said.

A vulnerability in the Verizon Call Filter iOS app allowed anyone to request the call logs of millions of US Verizon customers. The Verizon Call Filter app for iOS allows customers to view a log of their recent calls. This log will show them the phone numbers and an associated timestamp.

To request such a log the app sends a request to a server to fetch the data belonging to the phone number in question.  The network request to the server contains various details such as your phone number and the requested time period for call records. The server then responds with a list of calls and timestamps.

But, as it turns out, there were no checks to make sure that the number the information was requested about and the number that sent the request matched.

So, the researcher was able to craft requests for any given phone number and get the call logs for that number, without the ownership of that number. The consequence: anyone could look up data for any Verizon Wireless customer.

The researcher did not check whether every Verizon Wireless customer was affected by this flaw.

“The issue I discovered impacted at least those who have the Verizon Call Filter service enabled (I did not test a number which had it disabled; I can’t rule out whether or not all Verizon numbers could have been impacted).”

But it looks as if the Verizon Call Filter is enabled by default, so at least a great many Verizon Wireless customers would be impacted.

This is not just a privacy concern. For some people this could be a security hazard. For people in a domestic abuse situation, public figures, or those of interest to resourceful cyberattackers, a history of calls and frequent callers falling in the wrong hands can put people at physical risk or even compromise national security.

An attacker with access to someone’s call history could figure out their daily habits, see who they talk to most often, and guess their personal relationships. There is no available information whether this flaw was ever actively abused.

Thankfully, Verizon took the issue seriously and fixed it promptly.

Timeline:

• 2/22/2025 – Issue discovered and reported to Verizon
• 2/24/2025 – Acknowledgment from Verizon of the report
• 3/23/2025 – Researcher requested an update as the issue appeared fixed
• 3/25/2025 – Confirmation from Verizon that the issue is resolved

Verizon call filter

The Verizon Call Filter is a useful tool against robocalls, since it’s a screening and filtering tool that helps you manage nuisance calls. Verizon uses a Know Your Customer (KYC) scoring system to identify spam call networks and block their calls before they reach your phone. Based on your settings, blocked calls will either go to voicemail or stopped altogether.

If you no longer want to use Call Filter, it’s easy to turn it off. Here’s how:

On iPhone:

1. Open the Call Filter app.
2. Go to Settings.
3. Tap Manage Plan and select Turn Off Call Filter.

Alternatively, you can disable it from your iPhone’s settings by going to Settings > Phone > Call Blocking & Identification and toggling off the Call Filter option.

On Android:

1. Open the Call Filter app (it might already be installed on your device).
2. Tap Account, then Manage Plan.
3. Follow the steps to disable Call Filter.

As an alternative you can use Malwarebytes Mobile Security for iOS or Malwarebytes Mobile Security for Android to block scam calls.

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.