iPhone hacking | Breaking Cybersecurity News | The Hacker News

The German authorities have initiated a further investigation into espionage by the United States secret service NSA and British intelligence agency GCHQ after...   ...the head of the German Federal Chancellery unit had his private laptop infected. According to a recent report published by Der Spiegel , the laptop of the Chancellery division leader was infected with Regin – a highly advanced espionage malware program that has been linked to the National Security Agency (NSA) and its UK counterpart, the Government Communications Headquarters (GCHQ). As The Hacker News reported almost a year ago, Regin is one of the most highly advanced, sophisticated malware programs that was used to spy on a wide range of international targets including: Internet service providers (ISPs) Telecommunications backbone operators Energy firms Airlines Government entities Research institutes Other high-profile individuals …around the world since at least 2008. Regin has d

What if your phone starts making calls, sending text messages and browsing Internet itself without even asking you? No imaginations, because hackers can make this possible using your phone's personal assistant Siri or Google Now. Security researchers have discovered a new hack that could allow hackers to make calls, send texts, browser a malware site, and do many more activities using your iOS or Android devices' personal assistant Siri or Google Now — without even speaking a single word. A Group of researchers from French government agency ANSSI have discovered that a hacker can control Apple's Siri and Android's Google Now by remotely and silently transmitting radio commands from as far as 16 feet away... ...only if it also has a pair of headphones plugged into its jack. How does the Hack Work? It is very interesting and a mind-blowing technique. The Hack utilizes: An iPhone or Android handset with headphones plugged in A radio tra

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Less than a month after Apple suffered one of its biggest malware attacks ever, security researchers have discovered another strain of malware that they claim targets both jailbroken as well as non-jailbroken iOS devices . Last month, researchers identified more than 4,000 infected apps in Apple's official App Store, which was targeted by a malware attack in which some versions of software used by developers to build apps for iOS and OS X were infected with malware, named XcodeGhost . And Now: Researchers from a California-based network security firm Palo Alto Networks have discovered new malware that targets Apple's iOS users in China and Taiwan. Capabilities of YiSpecter Malware Dubbed YiSpecter , the malware infects iOS devices and once infected, YiSpecter can: Install unwanted apps Replace legitimate apps with ones it has downloaded Force apps to display unwanted, full-screen ads Change bookmarks as well as default search engines in Safari S

Apple iOS 9 , codenamed Monarch , will be available to the world on September 16th. While most of the upgrades on iOS 9 focus on making devices: Faster Smarter Secure and more efficient. Today we are going to discuss the improved Two-Factor Authentication (2FA) pumped within the new iOS operating system. WHAT'S NEW AND HOW IT WORKS Apple has strengthened the foundation of iOS 9 and further of your device by modifying the operating system with an improved two-factor authentication built into it. As the two-factor authentication structure lies within the operating system, this makes the device's Apple ID even harder to break. 2FA secures your Apple ID by acting as an additional support to protect your data on your device, preventing any intrusion to occur on your device. Also, when you have more than one devices running Apple's operating system, 2FA enables sign-in on a new device in a streamlined manner… ...Besides verifying your identi

Jailbreaking your device may have got you the best of apps but after reading this you will know what a high price you could have to pay for the jailbreak. Read on… A malware named ' KeyRaider ' has supposedly stolen user credentials of approximately 225K iPhone users. It has been given this name as it raids victims' username and passwords, private keys and certificates. Figures say that KeyRaider malware has affected a large number of users in China and worldwide 17 more countries. Also, the origin of malware is suspected to be in China, as said in investigations conducted by Palo Alto Networks for reporting any suspicious tweaks on iPhones. Users falling prey to KeyRaider may be the victims of: Ransomware Data Theft DDoS Attacks Malware is targeting jailbroken phones and when in action, it captures Apple ID of the users and make transactions using it. The researchers say that it is spreading with the help of Cydia app repositories that are popular amo

Good news for iOS 8.4 users! The Chinese jailbreaking team TaiG has finally released its long-awaited Untethered Jailbreak tool for Apple's iOS 8.4 mobile operating system for the Mac OS X platform. Yes, TaiG Jailbreak is now officially available for OS X users that will allow you to jailbreak iOS 8.4 on your Mac computer without having to resort to using a virtual machine. In late June, the TaiG team released the Jailbreak tool (.exe) only for Windows version, forcing Macs users to rely on other applications or use Boot Camp to tweak their iOS devices. TaiG Jailbreak for Mac, currently at Mac version 1.0.0, is designed from the ground up to support versions of iOS mobile operating system from 8.1.3 to 8.4. You can download the tool from the project's website. How to JailBreak your Device? The process of jailbreaking the device is so easy; anyone can do it. Download and Install the App Disable 'Find My iPhone' on your device's iCloud settings before p

Just last week iPhone and iPad users were dealing with an iOS text bug that caused the app to crash and iPhones to reboot , now a similar bug has been found that takes out Skype — the popular video chat and messaging service. Yes, Microsoft-owned Skype VoIP client is also affected by a bug that crashes almost every single version of the Skype client on both desktops and mobile phones with a single message containing just eight characters. Also: The impacts are so bad that it requires a re-install in order to get things working hitch-free again. Just Send 'https://:' and Crash Skype If a user receives a message during a conversation on Skype containing the text string " https://: " (without the quotes), it reportedly crashes Skype when running on Windows, Android, or iOS operating system, according to reports on Skype forums . However, Skype app for Mac and the modern touch-optimized version of Skype app for Windows 8.1 are reportedly unaffecte

We reported you about a new bug in the core component of iOS and OS X that causes the device's Messages app to crash and iPhones to reboot if it receives a certain string of characters , Arabic characters , via text message. Many have since fallen victims to this specially crafted sequence of Unicode bug . It is believed that when this malicious string of characters is sent in a text message, it will crash an iThing when the text is displayed as a notification on an iPhone, iPad, or Apple watch. Not iMessages alone, Snapchat and Twitter on iOS devices are also vulnerable to this iPhone crash text bug as they also use the CoreText component to display text on-screen. Here's the unique text that's causing the iPhone crash: effective. Power لُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ 冗 It's been really annoying that people all across the world are messaging each other the secret string of unique characters that resets the phone, causing it to turn on and off.

A newly discovered bug in Apple's iOS mobile operating system has emerged this evening that lets iPhone users crash another user's iPhone by just sending a tiny string of text characters in a message. The bug is related to the Messages app and the notification system used by iPhone and iPad devices and appears to work only if there is iPhone to iPhone communication. A string of particular Arabic characters ( see the image above ) used in the text message causes the iPhone to continuously crash when a certain text is received and — reportedly in some cases — causes the iPhone to reboot without notice. How to Crash an iPhone with a Message: iPhone users who receive the string of text characters with Messages open would not be able to go back to other conversations without crashing the app, but… ...if the string is received while the iPhone is on the lock screen, users would be unable to open the Messages app entirely , or in some cases, the text could cause t

Security researchers have uncovered a zero-day vulnerability in iOS 8 that could repeatedly crash users' Apple iPhones, iPads and iPods when the devices connect to a malicious wireless hotspot. It's like Denial of Service (DoS) attack on Apple's iOS devices that results in crashing either individual iOS apps or users' entire iPhones. NO iOS ZONE Adi Sharabani and Yair Amit of Mobile security firm Skycure presented their latest research, titled " No iOS Zone ", at the RSA security conference in San Francisco on Tuesday. The duo showed: It is possible for an attacker to create malicious Wi-Fi networks in order to crash nearby users' mobile devices with incredible accuracy. Also, even the "No iOS Zone" attack is capable to make iOS things within the range completely unusable by triggering constant numbers of reboots. It is nothing but a DoS attack… ...that makes the device inaccessible by its users, just like in the ca

A malware campaign has been found targeting iOS devices linked to a wide range of entities, including European defense organizations, governments, and media sectors with dangerous espionage spyware capable of breaching non-jailbroken devices, a recent report claims. The spyware campaign, dubbed " Operation Pawn Storm " by security experts, was first detected on Windows computers late last year, but has now made its way to iOS devices , a report by security researchers at TrendLabs noted. The researchers linked the campaign to the Russian government. XAGENT SPYWARE APP One of the two spywares used in the campaign is actually an application, the firm dubbed the app XAgent, that attempts to install and run on iOS devices. " The XAgent app is fully functional malware ," the researchers noted . " The exact methods of installing these malware is unknown; however, we do know that the iOS device doesn't have to be jailbroken ... We have seen one in

Security researchers have discovered a massive security flaw that could let hackers and cybercriminals listen to private phone calls and read text messages on a potentially vast scale – no matter if the cellular networks use the latest and most advanced encryption available. The critical flaw lies in the global telecom network known as Signal System 7 that powers multiple phone carriers across the world, including AT&T and Verizon , to route calls, texts and other services to each other. The vulnerability has been discovered by the German researchers who will present their findings at a hacker conference in Hamburg later this month. "Experts say it's increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world's billions of cellular customers," said The Washington Post, which first uncovered flaws in the system earlier this year. NUMBER OF SECURITY FLAWS IN SS7 SS7 or

Android have been a long time target for cyber criminals, but now it seems that they have turned their way towards iOS devices. Apple always says that hacking their devices is too difficult for cyber crooks, but a single app has made it possible for anyone to hack an iPhone. A security flaw in Apple's mobile iOS operating system has made most iPhones and iPads vulnerable to cyber attacks by hackers seeking access to sensitive data and control of their devices, security researchers warned. The details about this new vulnerability was published by the Cyber security firm FireEye on its blog on Monday, saying the flaw allows hackers to access devices by fooling users to download and install malicious iOS applications on their iPhone or iPad via tainted text messages, emails and Web links. MASQUE ATTACK - REPLACING TRUSTED APPS The malicious iOS apps can then be used to replace the legitimate apps, such as banking or social networking apps, that were installed thro

If you are a retro games lover and want to play it on your iPhone, a security loop in iOS 8 makes it possible for you to play classic SNES games on your iPhone, without the need to jailbreak your Apple devices. Since Apple doesn't allow emulators on the App Store for copyright reasons, making it difficult to install third-party emulators and other unapproved applications. But, the latest upcoming beta version iOS 8.1 patched the famous " Date Trick " that had allowed iOS emulator makers to bypass App Store restrictions and run unofficial emulators on iPhones and iPads. The loophole called the " Date Trick ," found by Dario Sepulveda of the GBA4iOS team , is currently being used in the wild by the makers of emulators like GBA4iOS and SNES emulator since last year, allowing iOS users to downloaded and installed unapproved apps through the built-in Safari browser. Technically, by changing the device's date and time back at least two months on

Apple has finally released iOS 8 , the latest version of its operating system, for free to iPhone, iPad and iPod touch users. The company has assured that the latest iOS 8 update is a significant step away up from iOS 7. You can grab the new update through an over-the-air update accessible by going to Settings > General > Software Update . If you don't want to download the update wirelessly due to a limited or restricted data plan, you can also download the update by connecting your phone to the latest version of iTunes . iOS 8 was first revealed publicly at the Apple's Worldwide Developer Conference (WWDC) in June, showing off an improved Notification Centre. Apart from the security patches, iOS 8 has a number of new features and functions tied to your location. Additionally, it has new privacy settings, which allow users to limit how long data is stored for, such as message expiry features and new private browsing settings. VULNERABILITIES PATCHED A

A notable number of cell phone towers around the United States are rogue that, according to latest report, could spoof legitimate towers and intercept calls. The research carried out by ESD America , a defense and law enforcement technology firm based in Las Vegas, shows that a rogue cell phone towers, also known as "interceptors", may process the call. ESD America, the company that makes the super-secure CryptoPhone, makes one of the oldest and most expensive high-security cell phones in the market. It provides equipment and training to more than 40 countries with a goal to provide technical security assistance to government and corporate clients across Asia. SEVERAL ROGUE CELL PHONE TOWERS DISCOVERED While field-testing its secure Android handset, the CryptoPhone 500 , the firm came across the existence of a series of fake base stations along the Eastern seaboard of the US. Les Goldsmith, the CEO of ESD America, told the US publication Popular Science tha

Apple has patched the security flaw in its Find My iPhone online service that may have allowed hackers to get access to a number of celebrities' private pictures leaked online. OVER 100 CELEBRITIES AFFECTED So far, I hope everybody have heard about probably the biggest digital exposure of personal nude photographs belonging to as many as 100 high-profile celebrities, including Jenny McCarthy, Kristin Dunst, Mary E Winstead, and the Oscar winning actress Jennifer Lawrence and Kate Upton. Initial reports suggested that the privacy breach of the celebrities' iCloud accounts was made possible by a vulnerability in Find My iPhone feature that allowed hackers to allegedly take nude photographs of celebrities from their Apple iCloud backups. Anonymous 4chan users who claims to have grabbed images, posted some of the images to the " b " forum on notorious bulletin-board 4chan, where the owners demanded Bitcoin in exchange for a peek of the images. The anonymous 4c

If you have jailbroken your iPhone, iPad, or iPod touch and have downloaded pirated tweaks from pirated repositories, then you may be infected by "AdThief" malware, a Chinese malware that is now installed on more than 75,000 iPhone devices. According to a recent research paper published on Virus Bulletin by the Security Researcher Axelle Apvrille , the malware, also known as " spad ," was first discovered by security researcher Claud Xiao in March this year. Till now, AdThief aka Spad malware has hijacked an estimated 22 million advertisements and stealing revenue from developers on the iOS jailbreak community, Axelle Apvrille says. The malware allegedly infects iOS jailbroken devices by disguising itself as Cydia Substrate extension, presents only on jailbroken Apple devices, when a malware infected Cydia package is downloaded and installed by the unsuspecting user. Once installed, the malware modifies certain advertisements displayed on your iOS devi