#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

mobile hack | Breaking Cybersecurity News | The Hacker News

Israeli Forensic Firm 'Cellebrite' is Helping FBI to Unlock Terrorist's iPhone

Israeli Forensic Firm 'Cellebrite' is Helping FBI to Unlock Terrorist's iPhone

Mar 23, 2016
Meet the security company that is helping Federal Bureau of Investigation (FBI) in unlocking San Bernardino shooters' iPhone: The Israeli mobile forensics firm Cellebrite . Yes, Cellebrite – the provider of mobile forensic software from Israel – is helping the FBI in its attempt to unlock iPhone 5C that belonged to San Bernardino shooter, Syed Rizwan Farook, the Israeli YNetNews reported on Wednesday. The company's website claims that its service allows investigators to unlock Apple devices running iOS 8.x " in a forensically sound manner and without any hardware intervention or risk of device wipe. " If Cellebrite succeeds in unlocking Farook's iPhone, the FBI will no longer need Apple to create a backdoored version of its iOS operating system that could let it access data on Farook's locked iPhone 5C. Apple is engaged in a legal encryption battle with the US Department of Justice (DoJ) over a court order that forces the company to write
Short Password Reset code vulnerability allows hackers to brute-force many websites

Short Password Reset code vulnerability allows hackers to brute-force many websites

Aug 19, 2013
Yesterday we received a vulnerability report in web applications from some unknown Indian Hacker, who explained that how Hackers are hijacking Mobile recharge and Free SMS service related websites.  He detailed the loophole in password reset process, that could allow attackers to brute force many high profile websites that are actually not protected by the image CAPTCHA verification system, during the password reset process. The hacker used a Firefox Browser equipped with the Fireforce add-on , a very simple a Firefox extension designed to perform brute-force attacks on GET and POST forms. The technique proposed by him targets the unsecure password reset process used by many websites, where the web application used to send a code to the user's mobile or email for authenticity verification. Around 40% websites adopts password reset code composed of numbers and of some fixed length, typically having a length less than 5 digits. This information could advantage
Hacking iPhone to bypass iOS 7 Lockscreen

Hacking iPhone to bypass iOS 7 Lockscreen

Jun 12, 2013
About this time every year, Apple gives a gift to mobile developers: the newest version of iOS. The all-new Apple iOS 7 launched at WWCD 2013 this week and Just after 48 hours of  iOS 7  release, 36-year old Jose Rodriguez iPhone user able to hack and bypass Lockscreen to access the Photos in just a few seconds. iOS is infamously popular for its lockscreen security bugs that let anyone bypass the passcode on a device to gain access to information that would otherwise be private. Forbes points us to a new video showing how to completely bypass the iPhone's password protection by accessing the calculator available on the lock screen. " By opening iOS's Control Room and accessing the phone's calculator application before opening the phone's camera, anyone can access, delete, email, upload or tweet the device's photos without knowing its passcode. " iOS 7 beta only available to those with developer accounts for now, cost $99 a year through Apple's websit
cyber security

Guide: Secure Your Privileged Access with Our Expert-Approved Template

websiteDelineaIT Security / Access Control Security
Transform your Privileged Access Management with our Policy Template—over 40 expertly crafted statements to elevate compliance and streamline your security.
A SaaS Security Challenge: Getting Permissions All in One Place

A SaaS Security Challenge: Getting Permissions All in One Place 

May 08, 2024Attack Surface / SaaS Security
Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user's base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of that are custom permissions required by an individual user.  For example, look at a sales rep who is involved in a tiger team investigating churn while also training two new employees. The sales rep's role would grant her one set of permissions to access prospect data, while the tiger team project would grant access to existing customer data. Meanwhile, special permissions are set up, providing the sales rep with visibility into the accounts of the two new employees. While these permissions are precise, however, they are also very complex. Application admins don't have a single screen within these applications th
Malicious Infrared X-Ray Android app infecting users in Japan

Malicious Infrared X-Ray Android app infecting users in Japan

Mar 18, 2013
Researchers are already warning that malware authors developing more sophisticated attack techniques for mobile devices, using encryption and randomization or hiding malicious code in image files. As analyzed by Symantec a malicious Infrared X-Ray  Android application, attempting to lure Android device owners to download an app that supposedly allows the camera on the device to see through clothes. This malware app is spreading quickly widely in Japan by sending the spam messages via SMS to phone numbers stored in the device's Contacts, so that the recipients of the spam to be tricked easier because the invitation to download the app is coming from someone they know rather than from an unknown sender. The app is designed to steals all details in the device's contact list and are uploaded to a predetermined server. Symantec  confirmed that there are several variants of this app exist, ". .the latest variants have added an interesting payload: rather than sending SMS message
Cybersecurity
Expert Insights
Cybersecurity Resources