#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

icloud hacking | Breaking Cybersecurity News | The Hacker News

iCloud Possibly Suffered A Privacy Breach Last Year That Apple Kept a Secret

iCloud Possibly Suffered A Privacy Breach Last Year That Apple Kept a Secret

Jan 30, 2019
Late last year when an unknown group of hackers stole secret access tokens for millions of Facebook accounts by taking advantage of a flaw in its website, the company disclosed the incident and informed its affected users. Similarly, when Twitter was hit by multiple vulnerabilities ( #1 , #2 , #3 ) in the last few months, the social media company disclosed those incidents and informed its affected users. And Guess What? Google is going to shut down its social media network Google+ in April this year after admitting two security flaws in its platform that exposed private data of hundreds of thousands of users to third-party developers. It turns out that Apple also possibly suffered a privacy breach late last year due to a bug in its platform that might have exposed some of your iCloud data to other users, but the company chose to keep the incident secret... maybe because it was not worth to disclose, or perhaps much more complicated. Last week, Turkish security researcher Me
Apple Moves iCloud Data and Encryption Keys for Chinese Users to China

Apple Moves iCloud Data and Encryption Keys for Chinese Users to China

Feb 28, 2018
Apple has finally agreed to open a new Chinese data center next month to comply with the country's latest controversial data protection law. Apple will now move the cryptographic keys of its Chinese iCloud users in data centers run by a state-owned company called Cloud Big Data Industrial Development Co, despite concerns from human rights activists. In 2017, China passed a Cybersecurity Law that requires "critical information infrastructure operators" to store Chinese users' data within the country's borders, which likely forced Apple to partner with the new Chinese data center. And the icing on the cake is that Chinese government already has legislation called National Security Law, passed in 2015, which gives police the authority to demand companies help them bypass encryption or other security tools to access personal data. This is the first time when Apple is going to store encryption keys required to unlock iCloud accounts of its users outside the
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Fourth Fappening Hacker Admits to Stealing Celebrity Pics From iCloud Accounts

Fourth Fappening Hacker Admits to Stealing Celebrity Pics From iCloud Accounts

Jan 13, 2018
Almost three years after the massive leakage of high-profile celebrities' photos—well known as " The Fappening " or " Celebgate " scandal—a fourth hacker has been charged with hacking into over 250 Apple iCloud accounts belonged to Hollywood celebrities. A federal court has accused George Garofano , 26, of North Branford, of violating the Computer Fraud and Abuse Act, who had been arrested by the FBI. Garofano has admitted to illegally obtaining credentials for his victims' iCloud accounts using a phishing scheme, which eventually allowed him to steal personal information on his victims, including sensitive and private photographs and videos. Among celebrities whose photographs were posted online back in 2014 are Jennifer Lawrence, Kim Kardashian, Kirsten Dunst, and Kate Upton. Also, female victims also include American Olympic gold medallist Misty May Treanor and actors Alexandra Chando, Kelli Garner and Lauren O'Neil. Between April 2013 to Oct
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Fappening 2017: More Celebrity Photos Hacked and Leaked Online

Fappening 2017: More Celebrity Photos Hacked and Leaked Online

Aug 22, 2017
It seems like celebrities have not taken their security seriously, which once again resulted in the leaking of personal photographs of more a-listed celebrities. Dozens of personal and intimate photos of Anne Hathaway, Miley Cyrus, Kristen Stewart, Katharine McPhee, golfer Tiger Woods and his ex Lindsey Vonn have reportedly been surfaced on the Internet, and have widely been shared on Reddit, Tumblr and Twitter. The incident comes a few months after " The Fappening 2.0 " surfaced, leaking alleged pictures of many female celebrities, including Emma Watson and Amanda Seyfried on Reddit and 4chan. The latest release of celebs private photos seems to have come after an unidentified hacker or group of hackers has gained access to celebs' Apple iCloud accounts and stolen private iPhone photos and videos. A similar trick was used in the 2014 Fappening incident , where anonymous hackers flooded the Internet with private photographs of major celebrities, including Jennife
Hackers Threaten to Remotely Wipe 300 Million iPhones Unless Apple Pays Ransom

Hackers Threaten to Remotely Wipe 300 Million iPhones Unless Apple Pays Ransom

Mar 22, 2017
If you use iCloud to sync your Apple devices, your private data may be at risk of getting exposed or deleted by April 7th. It has been found that a mischievous group of hackers claiming to have access to over 300 million iCloud accounts is threatening Apple to remotely wipe data from those millions of Apple devices unless Apple pays it $75,000 in crypto-currency or $100,000 worth of iTunes gift cards. The hacking group, who identified themselves as 'Turkish Crime Family,' has demanded a ransom to be paid in Bitcoin or Ethereum, another popular crypto-currency. Motherboard broke this story on Tuesday after a hacker claiming to represent the alleged hacking group shared screenshots of alleged emails between the group and Apple's security team with the publication. "I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing," the hacker told Motherboard. The screenshots o
It's Fappening Again! Private Photos of Emma Watson and Others Leaked Online

It's Fappening Again! Private Photos of Emma Watson and Others Leaked Online

Mar 16, 2017
Are you clicking selfies? That is fine and not any criminal act, but this act can land you in trouble — here's how! Almost three years after a wave of private photographs of celebrities leaked online, "The Fappening 2.0" appears to be underway with the circulation of alleged naked pictures of female celebrities, including Emma Watson and Amanda Seyfried on Reddit and 4chan. Back in 2014, anonymous hackers flooded the Internet with private photographs of major celebrities, including Jennifer Lawrence , Kim Kardashian , Kate Upton and Kirsten Dunst by hacking thousands of Apple's iCloud accounts . The Fappening hackers have since been sent to prison . The Fappening 2.0: It's Happening Again! However, in the latest leak, which has been heralded online as "The Fappening 2.0," the personal photographs of Amanda Seyfried and Emma Watson — ranging from regular selfies to explicitly sexual photos — have been leaking online since Tuesday night.
FBI Admits — It was a 'Mistake' to Reset Terrorist's iCloud Password

FBI Admits — It was a 'Mistake' to Reset Terrorist's iCloud Password

Mar 02, 2016
Yes, FBI Director James Comey admitted that the investigators made a " mistake " with the San Bernardino investigation during a congressional hearing held by the House Judiciary Committee. Apple is facing a court order to help the FBI unlock an iPhone belonged to San Bernardino Shooter by developing a backdoored version of iOS that can disable the security feature on the locked iPhone. Apple's Chief Executive Tim Cook has maintained his stand over Privacy and Security , saying the company will fight the court order because it is dangerous for the security and privacy of all of its users. As the company earlier said, Apple had been helping the FBI with the investigation in San Bernardino case since early January by providing an iCloud backup of Farook's iPhone under a court order and ways to access Farook's iPhone… ...but the problem, according to Apple, was that the feds approached the company after attempting a ' blunder ' themselv
Apple hires developer of World's Most Secure Messaging App

Apple hires developer of World's Most Secure Messaging App

Feb 26, 2016
Apple is serious this time to enhance its iPhone security that even it can not hack. To achieve this the company has hired one of the key developers of Signal — World's most secure, open source and encrypted messaging app. Frederic Jacobs, who worked to develop Signal, announced today that he is joining Apple this summer to work as an intern in its CoreOS security team. "I'm delighted to announce that I accepted an offer to be working with the CoreOS security team at Apple this summer," Jacobs tweeted Thursday. Signal app is widely popular among the high-profile privacy advocates, security researchers, journalists and whistleblowers for its clean and open source code, and even the NSA whistleblower Edward Snowden uses it every day. Signal messages are end-to-end encrypted, which means only the sender and the intended recipient can read the messages. Although Apple's iMessage is also end-to-end encrypted, it is not open source. Apple to bu
Apple Could Offer iMessage App for Android

Apple Could Offer iMessage App for Android

Feb 09, 2016
Although Apple has its own operating system for both desktop (Mac OS X) and iPhone (iOS), the company has always tried to port its in-house applications to other OS platforms. Apple debuted on its rival mobile OS platform last year with the launch of Apple Music on Android. However, iTunes and Safari has already been made available for both Windows as well as Mac. Now, the company will soon move more of its mobile applications to Android if comments made by Chief Executive Tim Cook at the recent company-wide event for Apple employees are to be believed. iMessage App for Android Platform Cook reportedly told his staff that sooner Apple may bring other apps and exclusive services to the Android Systems, and added that bringing Apple Music to Android in November was "a way of testing the waters for growing its services division through other platforms," reports 9to5Mac. So, you could see iMessage , the company's encrypted messaging application, ex
Chinese Government Executes MITM Attack against iCloud

Chinese Government Executes MITM Attack against iCloud

Oct 21, 2014
Apple iCloud users in China are not safe from the hackers — believed to be working for Chinese government — who are trying to wiretap Apple customers in the country. Great Fire , a reputed non-profit organization that monitors Internet censorship in China, claimed that the Chinese authorities have launched a nationwide Man in the Middle (MITM) campaign against users of Apple's iCloud service, designed to steal users' login credentials and access private data. MAN-IN-THE-MIDDLE ATTACK The attacks on the iCloud service was first reported on Saturday and come as Apple begins the official rollout of its latest launched iPhone 6 and 6 Plus on the Chinese mainland. If we talk about less publicized but more danger, Man-in-the-Middle (MitM) attack is the most common one. By attempting MitM attack, a potential attacker could intercept users' internet communication, steal sensitive information and even hijack sessions. ACCESS TO CREDENTIALS AND ALL PERSONAL DATA Usin
iOS 8 'Reset All Settings' Bug Could Delete Your iCloud Files

iOS 8 'Reset All Settings' Bug Could Delete Your iCloud Files

Oct 01, 2014
At the beginning of the month, Apple was criticized for the security flaw in its iCloud file storage service that, according to multiple media outlets, allowed hackers to allegedly retrieve photos of a number of high-profile celebrities . And Now, the company's newly launched iOS 8 has been reportedly found vulnerable to another critical bug that is troubling Apple iOS 8 users. After the launch of iOS 8 , some minor bugs was reported in its operating system which was quickly fixed in Apple's iOS 8.0.1. But, the critical vulnerability discovered in iOS 8.0.1 seems to be deleting data stored in iCloud Drive without the user's permission. The bug was uncovered by MacRumors after its forum members complaint about the issue triggered by the option to " Reset All Settings ," which is typically supposed to reset your network settings to give your iOS device a clean slate to work with, but it turns out the feature is also deleting all your files from iCloud Drive.
Apple to Add Security Alerts for iCloud Users after Celebrity Nude Photo Hack

Apple to Add Security Alerts for iCloud Users after Celebrity Nude Photo Hack

Sep 07, 2014
In the wake of the biggest digital exposure of personal nude selfies belonging to as many as 100 high-profile celebrities, Apple said the company plans to add extra security measures to keep hackers out of user accounts. Not just this, the company also plans to extend its two-factor authentication (2FA) feature to account logins to the iCloud service from mobile device in order to avoid future intrusions. APPLE BROADEN SECURITY WITH NEW RELEASE The company's chief executive, Tim Cook told the Wall Street Journal in an interview that the company will introduce more features to tighten up the security of its users' online accounts, but he " aggressively encourage " users to be more alert to the risks posed by cyber criminals, as you can't leave everything on the service providers. " We want to do everything we can do to protect our customers, because we are as outraged if not more so than they are, " Cook told the Journal. Apple will give alerts to users via emails a
Apple Devices Hacked by 'Oleg Pliss', held to Ransom

Apple Devices Hacked by 'Oleg Pliss', held to Ransom

May 27, 2014
From last few years Ransomware malwares are targeting Windows users Worldwide and experts predicted that it was just a matter of time until ransomware would hit mobile devices and other Desktop operating systems like Mac, iOS, Android etc. A Few weeks back we reported about a Ransomware malware campaign which is targeting Android mobile users. Such Malware first try to trick users into downloading it and then demanding payment to restore user control of the device. This morning reports came out that cybercriminals have targeted a large number of users of Apple's iCloud connected devices with a sophisticated Ransomware in Australia. The owners of iPhone , Mac and iPads are finding their devices locked remotely through iCloud and a message originating in Apple's find my device service that states " Device hacked by Oleg Pliss ". One user wrote on Apple Support Forum, " I went to check my phone and there was a message on the screen (it's
Apple iCloud and Activation Lock Hacked; Allows Hackers to Unlock Stolen Devices

Apple iCloud and Activation Lock Hacked; Allows Hackers to Unlock Stolen Devices

May 22, 2014
A Dutch-Moroccan team of hackers calling itself " Team DoulCi " have reportedly claimed to hack a protective feature on Apple 's iCloud system, that could leverage an attacker to remove security measures on lost or stolen iPhone devices. According to a report from Dutch news organization De Telegraaf , the hackers purchased locked iPhone devices for $50 to $150 each and then bypassed Apple's iCloud activation lock through a serious security vulnerability Apple has failed to patch with its most recent updates. The critical vulnerability in the Apple's iCloud allowed them to unlock stolen iPhones in an instant, which could then be sold for a large profit in the Blackmarket. This is the first time when any hacker group has managed to compromise the highly secured Apple's iCloud service. iCloud is a cloud storage and cloud computing service provided by the Apple Inc. to its users since October 2011 with more than 320 million users across the world. The service all
Cybersecurity Resources