#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

hacking apple id | Breaking Cybersecurity News | The Hacker News

How to Remove KeyRaider Malware that Hacked Over 225,000 iOS Devices

How to Remove KeyRaider Malware that Hacked Over 225,000 iOS Devices

Sep 07, 2015
Jailbreaking your device may have got you the best of apps but after reading this you will know what a high price you could have to pay for the jailbreak. Read on… A malware named ' KeyRaider ' has supposedly stolen user credentials of approximately 225K iPhone users. It has been given this name as it raids victims' username and passwords, private keys and certificates. Figures say that KeyRaider malware has affected a large number of users in China and worldwide 17 more countries. Also, the origin of malware is suspected to be in China, as said in investigations conducted by Palo Alto Networks for reporting any suspicious tweaks on iPhones. Users falling prey to KeyRaider may be the victims of: Ransomware Data Theft DDoS Attacks Malware is targeting jailbroken phones and when in action, it captures Apple ID of the users and make transactions using it. The researchers say that it is spreading with the help of Cydia app repositories that are popular amo
Disabling 'Find My iPhone' on iOS 7 without any Password

Disabling 'Find My iPhone' on iOS 7 without any Password

Apr 05, 2014
iOS devices have a feature called ' Find My iPhone ', allows device owner to locate their stolen devices using linked Apple ID with iCloud Account. Unfortunately, a security flaw in iOS make it possible to turn off Find My iPhone without a password and enabled thieves to bypass the protection which makes the iPhone  untraceable if lost or stolen. To Set-Up ' Find My iPhone ' feature, users need to link their Apple ID with it and this will not only helps in locating the device but also gives permission to its user to remove all the data, drive direction to the lost device, lock the device by a passcode and displays a custom message on the locked screen. KILL 'Find My iPhone' WITHOUT APPLE PASSWORD Normally, disabling Find My iPhone requires Apple ID password, but according to the vulnerability reported by  Miguel Alvarado,  a thief can bypass all of this security feature without knowing your Apple account's password . In a video demons
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat
EA Games website hacked; Phishing page hosted to steal Apple IDs

EA Games website hacked; Phishing page hosted to steal Apple IDs

Mar 20, 2014
Recently we aware you about the tricky phishing scam targeting Google Docs and Google Drive , a similar phishing scam has been detected by the researchers targeting Apple users to steal users' credentials. According to the researchers at Netcraft , a UK based security services company, the hackers have compromised the web server owned by the gaming company, Electronic Arts (EA) to host a phishing site which targets Apple ID Account holders, asking for users' Apple ID and password, along with their full name and date of birth and credit card details as well. " The phishing site attempts to trick a victim into submitting his Apple ID and password. It then presents a second form which asks the victim to verify his full name, card number, expiration date, verification code, date of birth, phone number, mother's maiden name, plus other details that would be useful to a  fraudsters , " wrote the researchers in a blog post. The Hackers compromised the EA Games server by exp
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Cybersecurity Resources