Apple iOS 9 | Breaking Cybersecurity News | The Hacker News

Apple source code for a core component of iPhone's operating system has purportedly been leaked on GitHub, that could allow hackers and researchers to discover currently unknown zero-day vulnerabilities to develop persistent malware and iPhone jailbreaks. The source code appears to be for iBoot —the critical part of the iOS operating system that's responsible for all security checks and ensures a trusted version of iOS is loaded. In other words, it's like the BIOS of an iPhone which makes sure that the kernel and other system files being booted whenever you turn on your iPhone are adequately signed by Apple and are not modified anyhow. The iBoot code was initially shared online several months back on Reddit , but it just resurfaced today on GitHub (repository now unavailable due to DMCA takedown). Motherboard consulted some security experts who have confirmed the legitimacy of the code. However, at this moment, it is unclear if the iBoot source code is complete

In Brief Apple's head of legal has denied all rumors about providing its complete source code or any backdoor to the Chinese government. Apple officially confirmed that the Chinese government has asked Apple twice in the past two years to hand over the source code for its operating system, but the company refused in both the cases. In a Tuesday hearing entitled "Deciphering the Debate Over Encryption: Industry and Law Enforcement Perspectives,"  the police officials put allegations on Apple for handing over user data to Beijing while refusing the authorities at its home in the US. However, speaking under oath at the congressional hearing, Apple's General Counsel Bruce Sewell denied the claims, saying "We have been asked by the Chinese government" for the source code behind the iPhone. But, "we refused." The response came just after Indiana State Police Captain Charles Cohen accused Apple of providing its source code to China. N

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Unlike desktops, your mobile devices carry all sorts of information from your personal emails to your sensitive financial details. And due to this, the hackers have shifted their interest to the mobile platform. Every week new exploits are discovered for iOS and Android platform, most of the times separately, but the recently discovered exploit targets both Android as well as iOS devices. A team of security researchers from Tel Aviv University , Technion and The University of Adelaide has devised an attack to steal cryptographic keys used to protect Bitcoin wallets, Apple Pay accounts, and other highly sensitive services from Android and iOS devices. The team is the same group of researchers who had experimented a number of different hacks to extract data from computers. Last month, the team demonstrated how to steal sensitive data from a target air-gapped computer located in another room. Past years, the team also demonstrated how to extract secret decryption key

Well, here's some terrible news for all Apple iOS users… Someone just found an iOS zero-day vulnerability that could allow an attacker to remotely hack your iPhone running the latest version of iOS, i.e. iOS 9. Yes, an unknown group of hackers has sold a zero-day vulnerability to Zerodium , a startup by French-based company Vupen that Buys and Sells zero-day exploits. And Guess what, in How much? $1,000,000. Yes, $1 Million. Last month, a Bug bounty challenge was announced by Zerodium for finding a hack that must allow an attacker to remotely compromise a non-jailbroken Apple device through: A web page on Safari or Chrome browser, In-app browsing action, or Text message or MMS. Zerodium's Founder Chaouki Bekrar confirmed on Twitter that an unnamed group of hackers has won this $1 Million Bounty for sufficiently submitting a remote browser-based iOS 9.1/9.2b Jailbreak (untethered) Exploit. NO More Fun. It's Serious Threat to iOS Use

Apple has rolled out the second minor iteration of its newest mobile operating system iOS 9, which fixes the iOS lockscreen vulnerability . The widely publicized LockScreen bug allowed anyone with physical access to your iOS device running iOS 9.0 or  iOS 9.0.1 to access all the contacts and photos without unlocking the device. Just one week after the last update iOS 9.0.1, Apple rolled out iOS 9.0.2 update that fixes: iMessage activation problems An issue with mobile data settings An issue with iCloud Backup An issue where the screen incorrectly rotates when receiving notifications Improves the stability of Podcasts According to an update on Apple's support website, the iOS lockscreen issue was the only security bug fixed in the latest iOS 9.0.2 release. Last week, iPhone user Jose Rodriguez published a " dead simple " method to bypass lock screen of the devices running iOS 9 and iOS 9.0.1. Using the benevolent nature of Apple's

iOS 9.0.1 – Apple's first update to its new iOS 9 mobile operating system, came out on Wednesday, addressed several bugs in its software. However, unfortunately, it seems that the latest update iOS 9.0.1 doesn't fix the lock screen bypass vulnerability reported by iPhone user Jose Rodriguez. Yes, the serious flaw in iOS 9 that allows anyone – with physical access of your iPhone or iPad – to bypass your device's lock screen and get into your contacts and personal photographs, also Works on iOS 9.0.1 . Video Demonstration: Rodriguez published a new video detailing a step-by-step explanation on how to bypass the passcode on iOS 9 and iOS 9.0.1 device, using the benevolent nature of Apple's personal assistant Siri. The lock screen bypass vulnerability works on all iOS versions from iOS 5.1.1 to the latest released iOS 9.0.1 . Mitigation So, until Apple rolls out an update to patch this bug, the only way available to iPhone users to mitiga

Setting a passcode on your iPhone is the first line of defense to help prevent other people from accessing your device. However, it's pretty easy for anyone to access your personal photographs and contacts from your iPhone running iOS 9 in just 30 seconds or less, even with a passcode and/or Touch ID enabled. Just yesterday, the Security firm Zerodium announced a Huge Bug Bounty of 1 Million Dollars for finding out zero-day exploits and jailbreak for iPhones and iPads running iOS 9. Now... A hacker has found a new and quite simple method of bypassing the security of a locked iOS device (iPhone, iPad or iPod touch) running Apple's latest iOS 9 operating system that could allow you to access the device's photos and contacts in 30 seconds or less. Yes, the passcode on any iOS device running iOS 9.0 is possible to bypass using the benevolent nature of Apple's personal assistant Siri. Here's the List of Steps to Bypass Passcode: You need to follow

Are you a Die Hard Android Fan? If you are also one of those millions Android fans, for whom the brand has turned into an insane religious devotion, then Apple has something that could give you second thoughts. Apple is losing control, wants you to ditch your Android! Few days ago, Apple made its debut on Google Play Store with its First App, called " Move to iOS ", for Android Users. With its first ever Android app, Apple tried to kill Android Community and fans, But failed badly! Apple's new app works as an " Uncalled Assistance " in a manner where you have bought a new iPhone, iPad or iPod Touch and are confused about how to migrate data from your current Android device. Apple's ' Move to iOS ' app is designed to help Android users transfer their content quickly and safely from an Android device to an iOS device. The Apple App will help you in Migrating Data, like: Calendars Camera photos and videos Contacts Mail accounts Message history Web b

iOS 9 is out, and it's time to update your iPhone or iPad to the latest version of Apple's mobile operating system. The new iOS is better, faster, and more efficient than its predecessors, with a number of new features and improvements including enhanced multitasking for iPad, Proactive Assistant Siri, new Low Power mode, Transit directions in Maps and many more. You need to download iOS 9 right away. But, after installing it on your iOS device, you should immediately change these security settings to protect your privacy. Besides various new features, iOS 9 also comes with a handful of security and privacy improvements. So, before doing anything like loading new apps, customizing your phone, or syncing your data, you need to check these settings – and if necessary, changed. 1. Locking the Door Boost iOS 9 Security by Setting a Longer 6-digit Passcode When you set up an iOS device, you are asked to create a passcode to encrypt your entire iPho

With the launch of iOS 9, Apple gave us an ultimate reason to upgrade our Apple devices to its new operating system. The latest iOS 9 includes a security update for a nasty bug that could be exploited to take full control of your iPhone or Macs, forcing most of the Apple users to download the latest update. Australian security researcher Mark Dowd has disclosed a serious vulnerability in AirDrop , Apple's over-the-air file sharing service built into iOS and Mac OS X. How the Attack Works? The vulnerability allows anyone within the range of an AirDrop user to silently install a malicious app on a target Apple device by sending an AirDrop file which involves rebooting of the target device. An attacker can exploit this critical bug even if the victim rejects the incoming file sent over AirDrop. After rebooting takes place, the malicious app gains access to Springboard, Apple's software to manage iOS home screen, allowing the app to fool the victim's iP

Apple iOS 9 , codenamed Monarch , will be available to the world on September 16th. While most of the upgrades on iOS 9 focus on making devices: Faster Smarter Secure and more efficient. Today we are going to discuss the improved Two-Factor Authentication (2FA) pumped within the new iOS operating system. WHAT'S NEW AND HOW IT WORKS Apple has strengthened the foundation of iOS 9 and further of your device by modifying the operating system with an improved two-factor authentication built into it. As the two-factor authentication structure lies within the operating system, this makes the device's Apple ID even harder to break. 2FA secures your Apple ID by acting as an additional support to protect your data on your device, preventing any intrusion to occur on your device. Also, when you have more than one devices running Apple's operating system, 2FA enables sign-in on a new device in a streamlined manner… ...Besides verifying your identi

Good News for Jailbreakers! Just within 24 Hours after the launch of iOS 9 at Apple's Annual Event, a well-known iOS hacker has managed to untether jailbreak iOS 9. That's quite impressive. Believe it, iOS 9 has been Jailbroken! A reputed hacker ' iH8sn0w ', who previously developed the popular jailbreak tools like Sn0wbreeze and P0sixspwn , published a new YouTube video last night, demonstrating the first untethered jailbreak for the yet-unreleased iOS 9 . Apple plans to publicly release its latest iOS 9 software update for all supported devices on 16th September while the company has already made the Gold Master seed of the software available to developers. Untethered Jailbreak for iOS 9 iH8sn0w has jailbroken his iPhone 5 running the iOS 9 GM seed . The jailbreak is an untethered – a jailbreak where your devices don't require any reboot every time it connects to an external device capable of executing commands on the device. You

Only 9 days are left for Apple's annual new iPhone launch event, where the company will bring its various new products but the obvious stars of the show will be the iPhone 6s and the iPhone 6s Plus . The company has not officially announced the iPhone 6S and iPhone 6S Plus yet, but a series of new, high-resolution photographs obtained by 9to5Mac show some new features coming to its next-generation iPhone. The new iPhones – likely called the iPhone 6S and 6S Plus – will be introduced at Apple's fall event on September 9. The leaked photos give us a closer look at two of the iPhone's key new features: Force Touch and a larger FaceTime camera. Here are the list of features the new iPhone 6S and iPhone 6S Plus include: Force Touch The new iPhone 6S would include Force Touch technology that Apple introduced with the Apple Watch, and haptic feedback. Here's how it works: When a user press slightly harder on the screen, sensors in the scre