Apple encryption | Breaking Cybersecurity News | The Hacker News

Security researchers are warning of almost a decade old issue with one of the Apple's macOS feature which was designed for users' convenience but is potentially exposing the contents of files stored on password-protected encrypted drives. Earlier this month, security researcher Wojciech Regula from SecuRing published a blog post , about the "Quick Look" feature in macOS that helps users preview photos, documents files, or a folder without opening them. Regula explained that Quick Look feature generates thumbnails for each file/folder, giving users a convenient way to evaluate files before they open them. However, these cached thumbnails are stored on the computer's non-encrypted hard drive, at a known and unprotected location, even if those files/folders belong to an encrypted container, eventually revealing some of the content stored on encrypted drives. Patrick Wardle, chief research officer at Digital Security, equally shared the concern, saying tha...

Remember the infamous encryption fight between the FBI and Apple for unlocking an iPhone belonging to terrorist Syed Farook behind the San Bernardino 2015 mass shooting that killed 14 people? The same Apple vs. FBI case where Apple refused to help feds access data on the locked iPhone and, later the Federal Bureau of Investigation reportedly paid over a million dollars to a vendor for unlocking the shooter's iPhone. For keeping the iPhone hack secret, three news organizations—The Associated Press, USA Today, and Vice Media—sued the FBI last year under the Freedom of Information Act (FOIA) and forced the agency to reveal the name of the company and the amount it was paid to unlock the iPhone . However, unfortunately, they failed. A US federal judge ruled Saturday that the FBI does not have to disclose the name of or how much it paid a private company for an  iPhone hacking tool that unlocked Farook's iPhone. Apple vs. FBI was one of the biggest legal battles in ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

There's more coming to the high-profile Apple vs. FBI case. The Federal Bureau of Investigation (FBI) might not need Apple's assistance to unlock iPhone 5C  that belonged to San Bernardino shooter, Syed Rizwan Farook. If you have followed the San Bernardino case closely, you probably know everything about the ongoing encryption battle between the FBI and Apple. In short, the US Department of Justice (DOJ) wants Apple to help the FBI create a backdoored version of its iOS operating system that could let it access data on Farook's locked iPhone 5C. Apple, meanwhile, is evident on its part , saying that the FBI wants the company to effectively create the " software equivalent of cancer " that would likely open up all iPhones to malicious hackers. FBI to Apple: We'll Unlock iPhone by Our Own Now the Feds say they may be able to crack the iPhone without the Apple's assistance after all. In a court filing [ PDF ] submitted on Mo...

In the escalating battle between the Federal Bureau of Investigation (FBI) and Apple over iPhone encryption, former National Security Agency (NSA) contractor Edward Snowden and Google chief executive Sundar Pichai just sided with Apple's refusal to unlock iPhone . Yesterday, Apple CEO Tim Cook refused to comply with a federal court order to help the FBI unlock an iPhone owned by one of the terrorists in the mass shootings in San Bernardino , California, in December. Here's What the FBI is Demanding: The federal officials have asked Apple to make a less secure version of its iOS that can be used by the officials to brute force the 4-6 digits passcode on the dead shooter's iPhone without getting the device's data self-destructed. Cook called the court order a "chilling" demand that "would undermine the very freedoms and liberty our government is meant to protect." He argued that to help the FBI unlock the iPhone would basically ...

The Tech Giant Apple has come into an entangled situation which could be a potential security threat for Apple users in near future: Help the FBI Unlock an iPhone . The US Magistrate Judge Sheri Pym has ordered Apple to provide a reasonable technical assistance in solving a critical case of Syed Farook ; who with his wife Tashfeen Malik planned a coordinated "2015 San Bernardino attack" that killed 14 people injured 22. As part of the investigation, the Federal Bureau of Investigation (FBI) had seized the Farook's iPhone 5C that would be considered as an insufficient evidence until and unless the iPhone gets unlocked by any means. Previously, Apple had made several crystal clear statements about its Encryption Policy , stating that even the company is not able to decrypt any phone data as the private key lies at the user's end. A similar problem encountered three years back with Lavabit, who was forced to shut down its services soon after when F...

Security researchers at the Central Intelligence Agency (CIA) have worked for almost a decade to target security keys used to encrypt data stored on Apple devices in order to break the system. Citing the top-secret documents obtained from NSA whistleblower Edward Snowden, The Intercept blog reported that among an attempt to crack encryption keys implanted into Apple's mobile processor, the researchers working for CIA had created a dummy version of Xcode . CIA's WEAPON TO HACK APPLE DEVICES Xcode is an Apple's application development tool used by the company to create the vast majority of iOS apps. However using the compromised development software, CIA, NSA or other spies agencies were potentially allowed to inject surveillance backdoor into programs distributed on Apple's App Store. In addition, the custom version of Xcode could also be used to spy on users, steal passwords, account information, intercept communications, and disable core security features of...