#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

iOS hack | Breaking Cybersecurity News | The Hacker News

Apple Engineers say they may Quit if ordered to Unlock iPhone by FBI

Apple Engineers say they may Quit if ordered to Unlock iPhone by FBI
Mar 19, 2016
Apple Vs. FBI battle over mobile encryption case is taking more twists and turns with every day pass by. On one hand, the US Department of Justice (DOJ) is boldly warning Apple that it might compel the company to hand over the source code of its full iOS operating system along with the private electronic signature needed to run a modified iOS version on an iPhone, if… …Apple does not help the Federal Bureau of Investigation (FBI) unlock iPhone 5C belonging to one of the San Bernardino terrorists. And on the other hand, Apple CEO Tim Cook is evident on his part, saying that the FBI wants the company to effectively create the " software equivalent of cancer " that would likely open up all iPhones to malicious hackers. Now, some Apple engineers who actually develop the iPhone encryption technology could refuse to help the law enforcement break security measures on iPhone, even if Apple as a company decides to cooperate with the FBI. Must Read:   FBI Di

FBI threatens to Force Apple to Hand Over iOS Source Code

FBI threatens to Force Apple to Hand Over iOS Source Code
Mar 14, 2016
The Department of Justice (DoJ) has warned Apple that it may force the tech giant for handing over the source code to the complete operating system if it does not help the Federal Bureau of Investigation (FBI) unlock the San Bernardino shooter's iPhone . Apple is battling with the FBI over iPhone encryption case. The federal investigators needs Apple's assistance to unlock an iPhone 5C belonging to San Bernardino shooter Syed Rizwan Farook. However, Apple CEO Tim Cook has said explicitly that providing a backdoor would likely open up the company's iPhones to not just the federal agents, but also to malicious hackers who could use it for evil purposes. On Thursday, Apple and the FBI head to another court hearing on the San Bernardino iPhone case. The DOJ's latest 43-page brief filing contains an implicit threat that if Apple does not create the vulnerable version of its iOS operating system needed to bypass the passcode protection on the terroris

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

Warning — Setting This Date On iPhone Or iPad Will Kill Your Device Permanently

Warning — Setting This Date On iPhone Or iPad Will Kill Your Device Permanently
Feb 15, 2016
Don't Try this at Home! An interesting software bug has been discovered in Apple's iOS operating system that could kill your iPhone, iPad or iPod Dead Permanently . Yes, you heard me right. An issue with the date and time system in iOS had emerged recently when Reddit users started warning people that changing your iPhone's or any iOS device's date to January 1, 1970, will brick your iPhone forever . Video Demonstration You can watch the whole process in the video given below. Even regular recovery tricks do not work. So, you are recommended to Not Try This Trick with your iOS device really – unless you book a trip to your local Apple Store. While I don't have any intention or desire to try it out with my iPhone 6s to confirm the authenticity of the bug, it is pretty much clear based on reports that seem legitimate. YouTuber Zach Straley first discovered the issue, which was later confirmed by iClarified, who tested the trick on an i

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Latest iOS 9.0.1 Update Failed to Patch Lockscreen Bypass Hack

Latest iOS 9.0.1 Update Failed to Patch Lockscreen Bypass Hack
Sep 26, 2015
iOS 9.0.1 – Apple's first update to its new iOS 9 mobile operating system, came out on Wednesday, addressed several bugs in its software. However, unfortunately, it seems that the latest update iOS 9.0.1 doesn't fix the lock screen bypass vulnerability reported by iPhone user Jose Rodriguez. Yes, the serious flaw in iOS 9 that allows anyone – with physical access of your iPhone or iPad – to bypass your device's lock screen and get into your contacts and personal photographs, also Works on iOS 9.0.1 . Video Demonstration: Rodriguez published a new video detailing a step-by-step explanation on how to bypass the passcode on iOS 9 and iOS 9.0.1 device, using the benevolent nature of Apple's personal assistant Siri. The lock screen bypass vulnerability works on all iOS versions from iOS 5.1.1 to the latest released iOS 9.0.1 . Mitigation So, until Apple rolls out an update to patch this bug, the only way available to iPhone users to mitiga

Hackers behind iPhone Ransom Attacks Arrested in Russia

Hackers behind iPhone Ransom Attacks Arrested in Russia
Jun 12, 2014
A cyber campaign that was targeting iPhone and iPad owners with a sophisticated Ransomware in Australia and New Zealand last month, drawn special attention of online media and security analysts. Russian Authorities have arrested two young hackers from Moscow for their alleged involvement in compromising Apple ID accounts and then using ' Apple's Find My iPhone ' service to hold iOS devices for ransom. A Russian man aged 23 and a teenager aged 17 had been taken into custody in the Southern Administrative District of Moscow for their part in " blocking of Apple devices to extort funds ," claims the press release on the Russian Interior Ministry's website on Tuesday. According to the authorities, one of the suspects used phishing websites to trick victims into giving up their Apple ID username and password. The second suspect's activities are exactly same of the ' Oleg Pliss attack '. " The first involved gaining access to the victim's Apple ID by means of the c

Vulnerability found in Apple's iOS can hide malicious code inside apps

Vulnerability found in Apple's iOS can hide malicious code inside apps
Aug 01, 2013
A Georgia Tech researcher has found a weakness in Apple's iOS mobile platform that could let hackers to hide malicious code inside apps and can be surreptitiously planted on the Apple App Store. Researchers team created a proof-of-concept attack that was published in the Apple App Store and used to remotely launch attacks on a controlled batch of devices , enabling them to post unauthorized tweets, take photos and even go after other apps. " Our research shows that despite running inside the iOS sandbox, a Jekyll-based app can successfully perform many malicious tasks, such as posting tweets, taking photos, sending email and SMS, and even attacking other apps all without the user's knowledge. " Using a BeagleBoard, team created a USB malicious charger called Mactans  that can install apps without user knowledge within a minute of being plugged in. In one demonstration, the attacker was able to hide the iPhone Facebook application and install a malicious copy in

Malicious Mobile Charger can Hack your iPhone within a minute

Malicious Mobile Charger can Hack your iPhone within a minute
Jun 03, 2013
You might want to be a little more careful the next time you pick up a cheap knock-off accessory for your device to save a few bucks because new hardware hacks could be the next big thing among cyber criminals . Researchers say they've built a custom iPhone wall charger that can Install malware in any iOS device using a custom made malicious chargers called Mactans , which are in turn controlled by a Raspberry-Pi like computer called a BeagleBoard. Mactans, which is named after the black widow spider's Latin taxonomy, will be demonstrated by Billy Lau, Yeongjin Jang, and Chengyu Song at the Black Hat 2013 conference in July and they said all users were vulnerable to attacks over the charger. They add that they can also demonstrate that the malware infection resulting from their malicious charger is persistent and tough to spot. In order for the malicious software to remain installed and unseen, the trio will show how an attacker can hide their software in the

How to bypass iOS 6.1.2 Screen Lock, another Exploit Exposed

How to bypass iOS 6.1.2 Screen Lock, another Exploit Exposed
Feb 26, 2013
After a series of security issues, it appears that Apple still has not been able to resolve all the issue in iOS . Last week, Apple rolled out its iOS 6.1.2 update to owners of the iPhone, iPad and iPod touch in an effort to fixing the 3G connectivity and an Exchange calendar bugs. Hackers found an iOS 6 bug two weeks ago that allowed thieves into your phone, but only the Phone app and the features contained within could be accessed. Just after that, recently another screen lock bypass vulnerability  reported  in iOS 6.1 by Vulnerability Lab . This vulnerability allows users to bypass the lock screen pass code and access the phones photos and contacts. Researchers say the vulnerable device can be plugged into a computer via USB and access data like voice mails, pictures, contacts, etc.  This particular vulnerability was shared in detail over in a YouTube video for the masses, you can see the video tutorial as shown below: Steps to Follow: Connect your device
Cybersecurity Resources