#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

mobile hack | Breaking Cybersecurity News | The Hacker News

Category — mobile hack
Israeli Forensic Firm 'Cellebrite' is Helping FBI to Unlock Terrorist's iPhone

Israeli Forensic Firm 'Cellebrite' is Helping FBI to Unlock Terrorist's iPhone

Mar 23, 2016
Meet the security company that is helping Federal Bureau of Investigation (FBI) in unlocking San Bernardino shooters' iPhone: The Israeli mobile forensics firm Cellebrite . Yes, Cellebrite – the provider of mobile forensic software from Israel – is helping the FBI in its attempt to unlock iPhone 5C that belonged to San Bernardino shooter, Syed Rizwan Farook, the Israeli YNetNews reported on Wednesday. The company's website claims that its service allows investigators to unlock Apple devices running iOS 8.x " in a forensically sound manner and without any hardware intervention or risk of device wipe. " If Cellebrite succeeds in unlocking Farook's iPhone, the FBI will no longer need Apple to create a backdoored version of its iOS operating system that could let it access data on Farook's locked iPhone 5C. Apple is engaged in a legal encryption battle with the US Department of Justice (DoJ) over a court order that forces the company to write
Short Password Reset code vulnerability allows hackers to brute-force many websites

Short Password Reset code vulnerability allows hackers to brute-force many websites

Aug 19, 2013
Yesterday we received a vulnerability report in web applications from some unknown Indian Hacker, who explained that how Hackers are hijacking Mobile recharge and Free SMS service related websites.  He detailed the loophole in password reset process, that could allow attackers to brute force many high profile websites that are actually not protected by the image CAPTCHA verification system, during the password reset process. The hacker used a Firefox Browser equipped with the Fireforce add-on , a very simple a Firefox extension designed to perform brute-force attacks on GET and POST forms. The technique proposed by him targets the unsecure password reset process used by many websites, where the web application used to send a code to the user's mobile or email for authenticity verification. Around 40% websites adopts password reset code composed of numbers and of some fixed length, typically having a length less than 5 digits. This information could advantage
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on their interac
Hacking iPhone to bypass iOS 7 Lockscreen

Hacking iPhone to bypass iOS 7 Lockscreen

Jun 12, 2013
About this time every year, Apple gives a gift to mobile developers: the newest version of iOS. The all-new Apple iOS 7 launched at WWCD 2013 this week and Just after 48 hours of  iOS 7  release, 36-year old Jose Rodriguez iPhone user able to hack and bypass Lockscreen to access the Photos in just a few seconds. iOS is infamously popular for its lockscreen security bugs that let anyone bypass the passcode on a device to gain access to information that would otherwise be private. Forbes points us to a new video showing how to completely bypass the iPhone's password protection by accessing the calculator available on the lock screen. " By opening iOS's Control Room and accessing the phone's calculator application before opening the phone's camera, anyone can access, delete, email, upload or tweet the device's photos without knowing its passcode. " iOS 7 beta only available to those with developer accounts for now, cost $99 a year through Apple's websit
cyber security

DevOps Security Best Practices

websiteWizDevOps / Secure Coding
Develop securely from code to cloud with this DevOps Security Cheat Sheet from Wiz. Take a deep dive into secure coding, infrastructure security, and vigilant monitoring and response.
Malicious Infrared X-Ray Android app infecting users in Japan

Malicious Infrared X-Ray Android app infecting users in Japan

Mar 18, 2013
Researchers are already warning that malware authors developing more sophisticated attack techniques for mobile devices, using encryption and randomization or hiding malicious code in image files. As analyzed by Symantec a malicious Infrared X-Ray  Android application, attempting to lure Android device owners to download an app that supposedly allows the camera on the device to see through clothes. This malware app is spreading quickly widely in Japan by sending the spam messages via SMS to phone numbers stored in the device's Contacts, so that the recipients of the spam to be tricked easier because the invitation to download the app is coming from someone they know rather than from an unknown sender. The app is designed to steals all details in the device's contact list and are uploaded to a predetermined server. Symantec  confirmed that there are several variants of this app exist, ". .the latest variants have added an interesting payload: rather than sending SMS message
Expert Insights / Articles Videos
Cybersecurity Resources