#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Apple iPhone | Breaking Cybersecurity News | The Hacker News

Millions Of Smartphones Using Broadcom Wi-Fi Chip Can Be Hacked Over-the-Air

Millions Of Smartphones Using Broadcom Wi-Fi Chip Can Be Hacked Over-the-Air

Apr 05, 2017
Millions of smartphones and smart gadgets, including Apple iOS and many Android handsets from various manufacturers, equipped with Broadcom Wifi chips are vulnerable to over-the-air hijacking without any user interaction. Just yesterday, Apple rushed out an emergency iOS 10.3.1 patch update to address a serious bug that could allow an attacker within same Wifi network to remotely execute malicious code on the Broadcom WiFi SoC (Software-on-Chip) used in iPhones, iPads, and iPods. The vulnerability was described as the stack buffer overflow issue and was discovered by Google's Project Zero staffer Gal Beniamini, who today detailed his research on a lengthy blog post , saying the flaw affects not only Apple but all those devices using Broadcom's Wi-Fi stack. Beniamini says this stack buffer overflow issue in the Broadcom firmware code could lead to remote code execution vulnerability, allowing an attacker in the smartphone's WiFi range to send and execute code on th
Wikileaks Reveals How CIA Was Hacking Your iPhones And MacBooks

Wikileaks Reveals How CIA Was Hacking Your iPhones And MacBooks

Mar 23, 2017
As part of its " Vault 7 " series, Wikileaks — the popular whistle-blowing platform — has just released another batch of classified documents focused on exploits and hacking techniques the Central Intelligence Agency (CIA) designed to target Apple MacOS and iOS devices. Dubbed " Dark Matter ," the leak uncovers macOS vulnerabilities and attack vectors developed by a special division of the CIA called Embedded Development Branch (EDB) – the same branch that created ' Weeping Angel ' attack – and focused specifically on hacking Mac and iOS firmware. CIA Infects Apple Devices With Unremovable Malware The newly released documents revealed that CIA had also been targeting the iPhone since 2008. The Agency has created a malware that is specially designed to infect Apple firmware in a way that the infection remains active on MacOS and iOS devices even if the operating system has been re-installed. According to Wikileaks, the released documents also gives a c
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
You Can Crash Anyone's iPhone Or iPad With A Simple Emoji Text Message

You Can Crash Anyone's iPhone Or iPad With A Simple Emoji Text Message

Jan 19, 2017
A newly discovered bug in Apple's iOS mobile operating system is being exploited in a prank that lets anyone crash your iPhone or iPad by just sending an emoji-filled iMessage, according to several reports. YouTube star EverythingApplePro published a video highlighting a sequence of characters that temporarily freeze and restart an iPhone, which people can send to their iPhone buddies to trouble them. You can watch the video demonstration below. Here's the first troublesome text: A white Flag emoji, the digit "0" and a Rainbow emoji. This simple numeric character, flag, and rainbow emojis confuse iOS 10 devices when it tries to combine them into a rainbow flag. As soon as this text is received, the iPhone's software attempts to combine the emojis but fails, and the messaging app crashes and eventually reboots in a few minutes. The recipients do not even have to open or read the message. Video Demonstration Another iPhone-crashing method involves
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Russia Wants Apple to Unlock iPhone belonging to Killer of Russian Ambassador

Russia Wants Apple to Unlock iPhone belonging to Killer of Russian Ambassador

Dec 22, 2016
You might have also seen a viral video of the assassination of the Russian ambassador to Turkey that quickly spread through the Internet worldwide. Russian Ambassador Andrei Karlov was shot dead by an off-duty police officer in Ankara on December 19 when the ambassador was giving a speech at an art gallery. The shooter managed to pretend himself as his official bodyguard and later shot to death by Turkish special forces. After this shocking incident, Apple has been asked to help unlock an iPhone 4S recovered from the shooter, which could again spark up battle similar to the one between Apple and the FBI earlier this year. Turkish and Russian authorities have asked Apple to help them bypass the PIN code on an iPhone 4S, which, the authorities believe, could assist them to investigate killer's links to various terrorist organizations. Apple is expected to refuse the request, but according to MacReports and other local media, the Russian government is reportedly sending
iPhone Secretly Sends Your Call History to Apple Even If iCloud Backups are Turned Off

iPhone Secretly Sends Your Call History to Apple Even If iCloud Backups are Turned Off

Nov 18, 2016
In the fight against encryption , Apple has positioned itself as a staunch defender of its user privacy by refusing the federal officials to provide encryption backdoors into its products, as well as implementing better encryption for its products. However, a new report from a security firm suggests Apple's online syncing service iCloud secretly stores logs of its users' private information for as long as four months — even when iCloud backup is switched off. Russian digital forensics firm Elcomsoft discovered that Apple's mobile devices automatically send its users' call history to the company's servers if iCloud is enabled, and stored that data for up to four months. And it turns out that there is no way for iCloud users to stop this phone call syncing service unless they completely disable the cloud synchronization feature. Elcomsoft, which sells software to extract data from Apple's iCloud backups and works with police and intelligence agencies,
Warning — Hackers can Silently Install Malware to Non-Jailbroken iOS Devices

Warning — Hackers can Silently Install Malware to Non-Jailbroken iOS Devices

Mar 17, 2016
Hard time for mobile phone users! Just recently, two severe vulnerabilities in Qualcomm Snapdragon chip and Stagefright were spotted on the Android platform, affecting more than a Billion and Millions of devices respectively. And now: Hackers have discovered a new way to install malicious apps onto your iPhone without your interaction. Researchers at Palo Alto Networks have uncovered a new strain of malware that can infect Non-Jailbroken (factory-configured) iPhones and iPads without the owner's knowledge or interaction, leaving hundreds of millions of Apple iOS devices at risk. Dubbed AceDeceiver , the iPhone malware installs itself on iOS devices without enterprise certificates and exploits designing flaws in Apple's digital rights management (DRM) protection mechanism called FairPlay. What's more concerning about this malware: Unlike most iOS malware, AceDeceiver works on factory-configured (non-jailbroken) iOS devices as well. FairPlay
After Apple, WhatsApp Under Fire from US Govt Over Encryption

After Apple, WhatsApp Under Fire from US Govt Over Encryption

Mar 15, 2016
Before winding up the dispute of Apple and FBI over encryption, another buzz on the Whatsapp Snooping is now the hot debate on the court bench. In the wake of WhatsApp's move to offer end-to-end encryption to text messages as well as VoIP calls made through its app, federal authorities have not been able to execute wiretapping warrants on WhatsApp users. Though the US Department of Justice was discussing how to proceed with a continuing criminal investigation, the government is considering legal proceedings similar to those involved with Apple. According to the New York Times , as recently as this past week, a federal judge had approved a wiretap in a criminal investigation, but WhatsApp's encryption hindered investigators. Since any court officials have not made a final decision, the Department of Justice is very keen to drag Whatsapp into the Encryption fight war zone similar to the ongoing San Bernardino case . In San Bernardino case, the DoJ was gr
Your iPhone will Alert You if You are Being Monitored At Work

Your iPhone will Alert You if You are Being Monitored At Work

Mar 08, 2016
Are You an Employee? It's quite possible that someone has been reading your messages, emails, listening to your phone calls, and monitoring your activities at work. No, it's not a spy agency or any hacker… ...Oops! It's your Boss. Recently, European Court had ruled that the Employers can legally monitor as well as read workers' private messages sent via chat software like WhatsApp or Facebook Messenger and webmail accounts like Gmail or Yahoo during working hours. So, if you own a company or are an Employer, then you no need to worry about tracking your employees because you have right to take care of things that could highly affect your company and its reputation, and that is Your Employees! Since there are several reasons such as Financial Need, Revenge, Divided Loyalty or Ego, why a loyal employee might turn into an INSIDER THREAT . Insider Threat is a nightmare for Millions of Employers. Your employees could collect and leak all your professional,
France could Fine Apple $1 Million for each iPhone it Refuses to Unlock

France could Fine Apple $1 Million for each iPhone it Refuses to Unlock

Mar 02, 2016
The United States is not the only one where Apple is battling with the federal authorities over iPhone encryption. Apple could face $1 Million in Fine each time the company refused to unlock an iPhone in France. Despite its victory in a New York court yesterday, Apple may not be so successful elsewhere in fighting against federal authorities over iPhone encryption battle. Yann Galut, a member of France's Socialist Party, has submitted an amendment to a bill aimed at strengthening the French government's ability to fight against terrorism — by arguing that… Apple should pay a Million Euro ( $1.08 Million ) fine for every iPhone Apple refuses to unlock when asked to by law enforcement, The Local reported . The same €1 Million penalty could apply to Google as well under similar conditions, forcing the tech companies to help its investigators extract data from a suspect's smartphone in terrorism cases. The French police seized eight smartphones last year in terror investiga
FBI Admits — It was a 'Mistake' to Reset Terrorist's iCloud Password

FBI Admits — It was a 'Mistake' to Reset Terrorist's iCloud Password

Mar 02, 2016
Yes, FBI Director James Comey admitted that the investigators made a " mistake " with the San Bernardino investigation during a congressional hearing held by the House Judiciary Committee. Apple is facing a court order to help the FBI unlock an iPhone belonged to San Bernardino Shooter by developing a backdoored version of iOS that can disable the security feature on the locked iPhone. Apple's Chief Executive Tim Cook has maintained his stand over Privacy and Security , saying the company will fight the court order because it is dangerous for the security and privacy of all of its users. As the company earlier said, Apple had been helping the FBI with the investigation in San Bernardino case since early January by providing an iCloud backup of Farook's iPhone under a court order and ways to access Farook's iPhone… ...but the problem, according to Apple, was that the feds approached the company after attempting a ' blunder ' themselv
New York Judge Rules FBI Can't Force Apple to Unlock iPhone

New York Judge Rules FBI Can't Force Apple to Unlock iPhone

Mar 01, 2016
Apple - 1; The FBI - 0 Apple Won a major court victory against the Federal Bureau of Investigation (FBI) in an ongoing legal battle similar to San Bernardino. In a New York case, a federal magistrate judge has ruled in favor of Apple, rejecting the U.S. government's request to force Apple to help the FBI extract data from a locked iPhone. This ruling from United States Magistrate Judge James Orenstein for the Eastern District of New York is a significant boost to Apple's pro-privacy stance to resist the agency's similar efforts over unlocking iPhone 5C of an alleged San Bernardino terrorist. The ruling [ PDF ] was issued on Monday as part of the criminal case against Jun Feng , who was pleaded guilty in October last year to drug charges. The Drug Enforcement Administration (DEA) seized Feng's iPhone 5 last year, but even after consulting the FBI, it was unable to access the iPhone. According to both the DEA and FBI, it's impossible for them to ov
Apple is working on New iPhone Even It Can't Hack

Apple is working on New iPhone Even It Can't Hack

Feb 25, 2016
Amid an ongoing dispute with the United States government over a court order to unlock iPhone 5C of one of the San Bernardino shooters Syed Farook… ...Apple started working on implementing stronger security measures "even it can't hack" to achieve un-hackability in its future iPhones. The Federal Bureau of Investigation (FBI) is deliberately forcing Apple to create a special, backdoored version of iOS that could let them brute force the passcode on Farook's iPhone without erasing data. However, the FBI approached the company to unlock the shooter's iPhone 5C in various ways like: Create a backdoor to shooter's iPhone. Disable the Auto-destruct feature after numerous tries. Increase the brute force time to try out all combinations. Minimize the time of waiting for a window after each try. ..and much more Apple is still fighting the battle even after the clear refusal to the court that it will not provide any backdoor access to the a
Apple testing Ultra-Fast Li-Fi Wireless Technology for Future iPhones

Apple testing Ultra-Fast Li-Fi Wireless Technology for Future iPhones

Jan 21, 2016
Apple to make future iPhones compatible with a cutting-edge technology that has the capability to transmit data at 100 times the speed of WiFi , suggests the code found within the iOS firmware. Apple may ship future iPhones with Li-Fi capabilities, a new technology that may end up replacing the widely-used Wi-Fi in the future technology. Beginning with iOS 9.1 update, the operating system's source code makes mention of " LiFiCapability " alongside declarations to other hardware and software capabilities, hinting that Apple may be experimenting with ways to integrate Li-Fi technology with future iPhones models. Li-Fi compatibility with Future iPhones Li-Fi compatibility was spotted in the code for iOS 9.1 by a Twitter user, who goes by name Chase Fromm, and was independently confirmed by Apple Insider. However, there is no such indication that Apple is actually working with Li-Fi. But, as pointed out by Apple Insider, Apple filed a patent applic
iOS 9 Hack: How to Access Private Photos and Contacts Without a Passcode

iOS 9 Hack: How to Access Private Photos and Contacts Without a Passcode

Sep 22, 2015
Setting a passcode on your iPhone is the first line of defense to help prevent other people from accessing your device. However, it's pretty easy for anyone to access your personal photographs and contacts from your iPhone running iOS 9 in just 30 seconds or less, even with a passcode and/or Touch ID enabled. Just yesterday, the Security firm Zerodium announced a Huge Bug Bounty of 1 Million Dollars for finding out zero-day exploits and jailbreak for iPhones and iPads running iOS 9. Now... A hacker has found a new and quite simple method of bypassing the security of a locked iOS device (iPhone, iPad or iPod touch) running Apple's latest iOS 9 operating system that could allow you to access the device's photos and contacts in 30 seconds or less. Yes, the passcode on any iOS device running iOS 9.0 is possible to bypass using the benevolent nature of Apple's personal assistant Siri. Here's the List of Steps to Bypass Passcode: You need to follow
Hacker Demonstrated Untethered iOS 9 Jailbreak On Video

Hacker Demonstrated Untethered iOS 9 Jailbreak On Video

Sep 11, 2015
Good News for Jailbreakers! Just within 24 Hours after the launch of iOS 9 at Apple's Annual Event, a well-known iOS hacker has managed to untether jailbreak iOS 9. That's quite impressive. Believe it, iOS 9 has been Jailbroken! A reputed hacker ' iH8sn0w ', who previously developed the popular jailbreak tools like Sn0wbreeze and P0sixspwn , published a new YouTube video last night, demonstrating the first untethered jailbreak for the yet-unreleased iOS 9 . Apple plans to publicly release its latest iOS 9 software update for all supported devices on 16th September while the company has already made the Gold Master seed of the software available to developers. Untethered Jailbreak for iOS 9 iH8sn0w has jailbroken his iPhone 5 running the iOS 9 GM seed . The jailbreak is an untethered – a jailbreak where your devices don't require any reboot every time it connects to an external device capable of executing commands on the device. You
Photos Leaked! Here's Top Features Expected in Next iPhone Release

Photos Leaked! Here's Top Features Expected in Next iPhone Release

Aug 31, 2015
Only 9 days are left for Apple's annual new iPhone launch event, where the company will bring its various new products but the obvious stars of the show will be the iPhone 6s and the iPhone 6s Plus . The company has not officially announced the iPhone 6S and iPhone 6S Plus yet, but a series of new, high-resolution photographs obtained by 9to5Mac show some new features coming to its next-generation iPhone. The new iPhones – likely called the iPhone 6S and 6S Plus – will be introduced at Apple's fall event on September 9. The leaked photos give us a closer look at two of the iPhone's key new features: Force Touch and a larger FaceTime camera. Here are the list of features the new iPhone 6S and iPhone 6S Plus include: Force Touch The new iPhone 6S would include Force Touch technology that Apple introduced with the Apple Watch, and haptic feedback. Here's how it works: When a user press slightly harder on the screen, sensors in the scre
Here's How You Can Replace Your iPhone Battery For Free

Here's How You Can Replace Your iPhone Battery For Free

Jul 04, 2015
Nothing is scarier than your iPhone alerting you that your battery had hit 5%, especially when you just took it off the charger with a 100 percent full battery about an hour ago.  To be very honest, it literally sucks. However, you no need to worry about this problem now, as there's a solution. Apple has just modified its warranty programs to make it easier for you to get your iPhone battery or in some cases, the whole device exchanged at an Apple Store. Under its new AppleCare+ policy , the company is offering to replace the batteries in your iOS devices for free until January 2016 , but if and only if you are eligible. Are you Eligible for New iPhone Battery? To make sure your iPhone is eligible, you need to check these simple things: You need to have bought the iPhone between September 2012 and January 2013 If yes, then the capacity of your battery also has to hold less than 80% of its original capacity Previously, the policy offers replacement of
How to Fix iPhone Crash Text Message Bug

How to Fix iPhone Crash Text Message Bug

May 30, 2015
We reported you about a new bug in the core component of iOS and OS X that causes the device's Messages app to crash and iPhones to reboot if it receives a certain string of characters , Arabic characters , via text message. Many have since fallen victims to this specially crafted sequence of Unicode bug . It is believed that when this malicious string of characters is sent in a text message, it will crash an iThing when the text is displayed as a notification on an iPhone, iPad, or Apple watch. Not iMessages alone, Snapchat and Twitter on iOS devices are also vulnerable to this iPhone crash text bug as they also use the CoreText component to display text on-screen. Here's the unique text that's causing the iPhone crash: effective. Power لُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ 冗 It's been really annoying that people all across the world are messaging each other the secret string of unique characters that resets the phone, causing it to turn on and off.
WhatsApp updates iOS App with Free Voice Calling Feature

WhatsApp updates iOS App with Free Voice Calling Feature

Apr 23, 2015
After rolling out WhatsApp's Free Voice Calling feature for Android users late last month, the widely popular messaging service has started to roll out the feature to iOS users. Now iOS users can enjoy making free voice calls through WhatsApp, as the new version of the messenger is now live in the iOS App Store with support to calling. WhatsApp calling feature allows you to call your friends and family anywhere in the world for free as long as you have a Wi-Fi network or a working data plan on your registered number. The full description of the WhatsApp Calling feature on the App Store page reads: " Call your friends and family using WhatsApp for free, even if they are in another country. WhatsApp calls use your phone's Internet connection rather than your cellular plan's voice minutes (Data charges may apply) Note: WhatsApp Calling is rolling out slowly over the next several weeks. " The last line indicates that the feature, so far, is not actually a
Cybersecurity Resources