The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Apple

Apple‌ Issues Patches to Combat Ongoing 0-Day Attacks on macOS, tvOS

Apple‌ Issues Patches to Combat Ongoing 0-Day Attacks on macOS, tvOS
May 24, 2021Ravie Lakshmanan
Apple on Monday rolled out security updates for  iOS ,  macOS ,  tvOS ,  watchOS , and  Safari  web browser to fix multiple vulnerabilities, including an actively exploited zero-day flaw in macOS Big Sur and expand patches for two previously disclosed zero-day flaws.  Tracked as CVE-2021-30713, the zero-day concerns a permissions issue in Apple's Transparency, Consent, and Control ( TCC ) framework in macOS that maintains a database of each user's consents. The iPhone maker acknowledged that the issue may have been exploited in the wild but stopped short of sharing specifics. The company noted that it rectified the problem with improved validation. However, in a separate report, mobile device management company Jamf said the bypass flaw was being actively exploited by XCSSET, a malware that's been out in the wild since August 2020 and known to propagate via modified  Xcode IDE projects  hosted on GitHub repositories and plant malicious packages into legitimate apps ins

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps
May 18, 2021Ravie Lakshmanan
In July 2018, when Guizhou-Cloud Big Data (GCBD)  agreed to a deal  with state-owned telco China Telecom to move iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Now, according to a  deep-dive report  from The New York Times, Apple's privacy and security concessions have "made it nearly impossible for the company to stop the Chinese government from gaining access to the emails, photos, documents, contacts and locations of millions of Chinese residents." The revelations stand in stark contrast to Apple's commitment to privacy, while also highlighting a pattern of  conceding  to the  demands  of the Chinese government in order to continue its operations in the country. Apple, in 2018, announced iCloud data of users in mainland China would move to a new data center in Guizhou province as part of a partnership with GCBD. The transition was neces

Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks

Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks
May 03, 2021Ravie Lakshmanan
Apple on Monday released security updates for  iOS ,  macOS , and  watchOS  to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. The weaknesses all concern WebKit, the browser engine which powers Safari and other third-party web browsers in iOS, allowing an adversary to execute arbitrary code on target devices. A summary of the three security bugs are as follows - CVE-2021-30663:  An integer overflow vulnerability that could be exploited to craft malicious web content, which may lead to code execution. The flaw was addressed with improved input validation. CVE-2021-30665:  A memory corruption issue that could be exploited to craft malicious web content, which may lead to code execution. The flaw was addressed with improved state management. CVE-2021-30666:  A buffer overflow vulnerability that could be exploited to craft malicious web content, which may lead to code execution. The flaw was addr

Apple AirDrop Bug Could Leak Your Personal Info to Anyone Nearby

Apple AirDrop Bug Could Leak Your Personal Info to Anyone Nearby
April 26, 2021Ravie Lakshmanan
New research has uncovered privacy weaknesses in Apple's wireless file-sharing protocol that could result in the exposure of a user's contact information such as email addresses and phone numbers. "As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users – even as a complete stranger,"  said  a team of academics from the Technical University of Darmstadt, Germany. "All they require is a Wi-Fi-capable device and physical proximity to a target that initiates the discovery process by opening the sharing pane on an iOS or macOS device." AirDrop  is a proprietary ad hoc service present in Apple's iOS and macOS operating systems, allowing users to transfer files between devices by making use of close-range wireless communication. While this feature shows only receiver devices that are in users' contact lists by an authentication mechanism that compares an individual's phone number and email address with entrie

Hackers threaten to leak stolen Apple blueprints if $50 million ransom isn't paid

Hackers threaten to leak stolen Apple blueprints if $50 million ransom isn't paid
April 21, 2021Ravie Lakshmanan
Prominent Apple supplier Quanta on Wednesday said it suffered a ransomware attack from the REvil ransomware group, which is now demanding the iPhone maker pay a ransom of $50 million to prevent leaking sensitive files on the dark web. In a post shared on its deep web "Happy Blog" portal, the threat actor said it came into possession of schematics of the U.S. company's products such as MacBooks and Apple Watch by infiltrating the network of the Taiwanese manufacturer, claiming it's making a ransom demand to Apple after Quanta expressed no interest in paying to recover the stolen blueprints. "Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands," the REvil operators said. "We recommend that Apple buy back the available data by May 1." Since first detected in June 2019,  REvil  (aka Sodinokibi or Sodin) has emerged as one of the most prolific ransomware-as-a-servic

Apple May Start Delivering Security Patches Separately From Other OS Updates

Apple May Start Delivering Security Patches Separately From Other OS Updates
March 17, 2021Ravie Lakshmanan
Apple may be changing the way it delivers security patches to its devices running iOS and iPadOS mobile operating systems. According to code spotted in iOS 14.5, the iPhone maker is reportedly working on a method for delivering security fixes independently of other OS updates. The changes were first reported by  the 9to5Mac  website. While Google's Android has had monthly security patches rolled out that are completely divorced from the OS-related updates, iOS has traditionally bundled security updates along with an upgrade to the latest version of the OS. For instance, Apple rolled out iOS 14.4.1 earlier this month just to address one security vulnerability in WebKit that could have allowed adversaries to run arbitrary code on devices via malicious web content. But with this new setting called "Install Security Updates" added to the software update menu, it's expected that Apple will let users choose between either installing the entire iOS update or just the

Bug in Apple's Find My Feature Could've Exposed Users' Location Histories

Bug in Apple's Find My Feature Could've Exposed Users' Location Histories
March 05, 2021Ravie Lakshmanan
Cybersecurity researchers on Thursday disclosed two distinct design and implementation flaws in Apple's crowdsourced Bluetooth location tracking system that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, thereby deanonymizing users. The  findings  are a consequence of an exhaustive review undertaken by the Open Wireless Link (OWL) project, a team of researchers from the Secure Mobile Networking Lab at the Technical University of Darmstadt, Germany, who have historically taken apart Apple's wireless ecosystem with the goal of identifying security and privacy issues. In response to the disclosures on July 2, 2020, Apple is said to have partially addressed the issues, stated the researchers, who used their own data for the study citing privacy implications of the analysis. How Find My Works? Apple devices come with a feature called  Find My  that makes it easy for users to locate other Apple devices, including

New 'Silver Sparrow' Malware Infected Nearly 30,000 Apple Macs

New 'Silver Sparrow' Malware Infected Nearly 30,000 Apple Macs
February 21, 2021Ravie Lakshmanan
Days after the  first malware  targeting Apple M1 chips was discovered in the wild, researchers have disclosed yet another previously undetected piece of malicious software that was found in about 30,000 Macs running Intel x86_64 and the iPhone maker's M1 processors. However, the ultimate goal of the operation remains something of a conundrum, what with the lack of a next-stage or final payload leaving researchers unsure of its distribution timeline and whether the threat is just under active development. Calling the malware "Silver Sparrow," cybersecurity firm Red Canary said it identified two different versions of the malware — one compiled only for Intel x86_64 and uploaded to VirusTotal on August 31, 2020 ( version 1 ), and a second variant submitted to the database on January 22 that's compatible with both Intel x86_64 and M1 ARM64 architectures ( version 2 ). Adding to the mystery, the x86_64 binary, upon execution, simply displays the message "Hello,

Apple will proxy Safe Browsing requests to hide iOS users' IP from Google

Apple will proxy Safe Browsing requests to hide iOS users' IP from Google
February 15, 2021Ravie Lakshmanan
Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google. A built-in security-focused feature in the Safari browser, " Fraudulent Website Warning ," alerts users about dangerous websites that have been reported as deceptive, malicious, or harmful. To achieve this, Apple relies on  Google Safe Browsing  — or Tencent Safe Browsing for users in Mainland China — a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent. Any match against the database will prompt Safari to request Google or Tencent for the full list of URLs that correspond to the hashed prefix and subsequently block a user's access to the site with a warning. While the approach ensures t

Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug

Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug
February 10, 2021Ravie Lakshmanan
Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. "A local attacker may be able to elevate their privileges," Apple  said  in a security advisory. "This issue was addressed by updating to sudo version 1.9.5p2." Sudo is a common utility built into most Unix and Linux operating systems that lets a user without security privileges access and run a program with the credentials of another user. Tracked as CVE-2021-3156 (also called " Baron Samedit "), the vulnerability first came to light last month after security auditing firm Qualys  disclosed  the existence of a heap-based buffer overflow, which it said had been "hiding in plain sight" for almost 10 years. The vulnerability, which was introduced in the code back in July 2011, impacts sudo versions 1.7.7 through 1.7.10p9, 1.8.2 through 1.8.31p2, and 1.9.0

Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild

Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild
January 26, 2021Ravie Lakshmanan
Apple on Tuesday released updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities that it says may have been actively exploited in the wild. Reported by an anonymous researcher, the three  zero-day   flaws  — CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 — could have allowed an attacker to elevate privileges and achieve remote code execution. The iPhone maker did not disclose how widespread the attack was or reveal the identities of the attackers actively exploiting them. While the privilege escalation bug in the kernel (CVE-2021-1782) was noted as a race condition that could cause a malicious application to elevate its privileges, the other two shortcomings — dubbed a "logic issue" — were discovered in the WebKit browser engine (CVE-2021-1870 and CVE-2021-1871), permitting an attacker to achieve arbitrary code execution inside Safari. Apple said the race condition and the WebKit flaws were addressed with improved locking and restrictions, resp

Apple Removes macOS Feature That Allowed Apps to Bypass Firewall Security

Apple Removes macOS Feature That Allowed Apps to Bypass Firewall Security
January 17, 2021Ravie Lakshmanan
Apple has removed a controversial feature from its macOS operating system that allowed the company's own first-party apps to bypass content filters, VPNs, and third-party firewalls. Called " ContentFilterExclusionList ," it included a list of as many as 50 Apple apps like iCloud, Maps, Music, FaceTime, HomeKit, the App Store, and its software update service that were routed through Network Extension Framework, effectively circumventing firewall protections. This exclusion list has been scrubbed now from macOS 11.2 beta 2. The issue first came to light last October following the release of macOS Big Sur, prompting concerns from security researchers who said the feature was ripe for abuse, adding it could be leveraged by an attacker to exfiltrate sensitive data by piggybacking it on to legitimate Apple apps included on the list and then bypass firewalls and security software. "After lots of bad press and lots of feedback/bug reports to Apple from developers such

55 New Security Flaws Reported in Apple Software and Services

55 New Security Flaws Reported in Apple Software and Services
October 09, 2020Ravie Lakshmanan
A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker to "fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources." The flaws meant a bad actor could easily hijack a user's iCloud account and steal all the photos, calendar information, videos, and documents, in addition to forwarding the same exploit to all of their contacts. The findings were  reported by Sam Curry  along with Brett Buerhaus, Ben Sadeghipo

Critical 'Sign in with Apple' Bug Could Have Let Attackers Hijack Anyone's Account

Critical 'Sign in with Apple' Bug Could Have Let Attackers Hijack Anyone's Account
May 30, 2020Mohit Kumar
Apple recently paid Indian vulnerability researcher Bhavuk Jain a huge $100,000 bug bounty for reporting a highly critical vulnerability affecting its ' Sign in with Apple ' system. The now-patched vulnerability could have allowed remote attackers to bypass authentication and take over targeted users' accounts on third-party services and apps that have been registered using 'Sign in with Apple' option. Launched last year at Apple's WWDC conference, ' Sign in with Apple ' feature was introduced to the world as a privacy-preserving login mechanism that allows users to sign up an account with 3rd-party apps without disclosing their actual email addresses (also used as Apple IDs). In an interview with The Hacker News, Bhavuk Jain revealed that the vulnerability he discovered resided in the way Apple was validating a user on the client-side before initiating a request from Apple's authentication servers. For those unaware, while authenticating

iOS 13 Bug Lets 3rd-Party Keyboards Gain 'Full Access' — Even When You Deny

iOS 13 Bug Lets 3rd-Party Keyboards Gain 'Full Access' — Even When You Deny
September 26, 2019Mohit Kumar
Following the release of iOS 13 and iPadOS earlier this week, Apple has issued an advisory warning iPhone and iPad users of an unpatched security bug impacting third-party keyboard apps. On iOS, third-party keyboard extensions can run entirely standalone without access to external services and thus, are forbidden from storing what you type unless you grant "full access" permissions to enable some additional features through network access. However, in the brief security advisory , Apple says that an unpatched issue in iOS 13 and iPadOS could allow third-party keyboard apps to grant themselves "full access" permission to access what you are typing—even if you deny this permission request in the first place. It should be noted that the iOS 13 bug doesn't affect Apple's built-in keyboards or third-party keyboards that don't make use of full access. Instead, the bug only impacts users who have third-party keyboard apps—such as popular Gboard, Grammarl

Apple Changes the Way It Listens to Your Siri Recordings Following Privacy Concerns

Apple Changes the Way It Listens to Your Siri Recordings Following Privacy Concerns
August 29, 2019Swati Khandelwal
Apple today announced some major changes to its controversial 'Siri audio grading program' following criticism for employing humans to listen to audio recordings of users collected via its voice-controlled Siri personal assistant without their knowledge or consent. The move came a month after The Guardian reported that third-party contractors were regularly listening to private conversations of Apple users giving voice commands to Siri in a bid to improve the quality of its product's response. While the data received by the contractors were anonymized and not associated to Apple devices, the private conversations—which also includes private discussions between doctors and patients, business deals, seemingly criminal dealings, people having sex and so on—sometimes reveal identifiable details like a person's name or medical records. In response to the backlash Apple received after the report went public, the company initially responded by temporarily suspending

Apple Releases iOS 12.4.1 Emergency Update to Patch 'Jailbreak' Flaw

Apple Releases iOS 12.4.1 Emergency Update to Patch 'Jailbreak' Flaw
August 26, 2019Mohit Kumar
Apple just patched an unpatched flaw that it patched previously but accidentally unpatched recently — did I confuse you? Let's try it again... Apple today finally released iOS 12.4.1 to fix a critical jailbreak vulnerability , like it or not, that was initially patched by the company in iOS 12.3 but was then accidentally got reintroduced in the previous iOS 12.4 update. For those unaware, roughly a week ago, an anonymous researcher who goes by the online alias "Pwn20wnd" released a free jailbreak for iOS 12.4 on GitHub that exploited a kernel vulnerability (CVE-2019-8605) that Apple patched in iOS 12.3 in May this year. However, the vulnerability accidentally got reintroduced in iOS 12.4 in July, making it easier for hackers to jailbreak updated Apple devices, including the iPhone XS, XS Max, and XR or the 2019 iPad Mini and iPad Air, running iOS 12.4 and iOS 12.2 or earlier. Now, Apple has released iOS 12.4.1 to re-patch the security issue that not only allow

Apple will now pay hackers up to $1 million for reporting vulnerabilities

Apple will now pay hackers up to $1 million for reporting vulnerabilities
August 09, 2019Mohit Kumar
Apple has just updated the rules of its bug bounty program by announcing a few major changes during a briefing at the annual Black Hat security conference yesterday. One of the most attractive updates is… Apple has enormously increased the maximum reward for its bug bounty program from $200,000 to $1 million—that's by far the biggest bug bounty offered by any major tech company for reporting vulnerabilities in its products. The $1 million payouts will be rewarded for a severe deadly exploit—a zero-click kernel code execution vulnerability that enables complete, persistent control of a device's kernel. Less severe exploits will qualify for smaller payouts. What's more? From now onwards, Apple's bug bounty program is not just applicable for finding security vulnerabilities in the iOS mobile operating system, but also covers all of its operating systems, including macOS , watchOS, tvOS, iPadOS, and iCloud. Since its inception around three years ago, Apple

Chinese Spying Chips Found Hidden On Servers Used By US Companies

Chinese Spying Chips Found Hidden On Servers Used By US Companies
October 04, 2018Mohit Kumar
A media report today revealed details of a significant supply chain attack which appears to be one of the largest corporate espionage and hardware hacking programs from a nation-state. According to a lengthy report published today by Bloomberg, a tiny surveillance chip, not much bigger than a grain of rice, has been found hidden in the servers used by nearly 30 American companies, including Apple and Amazon. The malicious chips, which were not part of the original server motherboards designed by the U.S-based company Super Micro, had been inserted during the manufacturing process in China. The report, based on a 3-year-long top-secret investigation in the United States, claims that the Chinese government-affiliated groups managed to infiltrate the supply chain to install tiny surveillance chips to motherboards which ended up in servers deployed by U.S. military, U.S. intelligence agencies, and many U.S. companies like Apple and Amazon. "Apple made its discovery of suspi

16-Year-Old Boy Who Hacked Apple's Private Systems Gets No Jail Time

16-Year-Old Boy Who Hacked Apple's Private Systems Gets No Jail Time
September 27, 2018Swati Khandelwal
An Australian teenager who pleaded guilty to break into Apple's private systems  multiple times over several months and download some 90GB of secure files has avoided conviction and will not serve time in prison. An Australian Children's Court has given the now 19-year-old adult defendant, who was 16 at the time of committing the crime, a probation order of eight months, though the magistrate made him understand how serious his offense was. The teen, whose cannot be named under a local law that protects the identity of juveniles, told the court that he hacked into Apple's systems because he was a huge fan of the company and "dreamed of" working for the technology giant. The "Hacky Hack Hack" Folder The teen hacked into Apple's servers not once, but numerous times over the course of more than a year—between June 2015 and November 2016, and in April 2017. As soon as the tech giant detected his presence on their servers, it blocked him and
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.