#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for iPhone | Breaking Cybersecurity News | The Hacker News

FBI Director — "What If Apple Engineers are Kidnapped and Forced to Write (Exploit) Code?"

FBI Director — "What If Apple Engineers are Kidnapped and Forced to Write (Exploit) Code?"

Mar 02, 2016
What If Apple Engineers are Kidnapped and Forced to Write (Exploit) Code? Exactly this was what FBI Director James Comey asked in the congressional hearing on Tuesday. The House Judiciary Committee hearing on "The Encryption Tightrope: Balancing Americans' Security and Privacy" over the ongoing battle between Apple and the FBI ended up being full of drama. The key to the dispute is whether the Federal Bureau of Investigation (FBI) can force Apple to develop a special version of its mobile operating system that would help the agency unlock an iPhone  belonged to San Bernardino shooter Syed Farook . FBI Director James Comey was there with a prepared testimony about why the FBI wants Apple to create a backdoor into the killer's iPhone. Comey: Encryption is a Long-Term Threat to Law Enforcement Yesterday, a New York magistrate judge refused a similar order in a drug case in which the authorities asked Apple to help with the data stored in an
Win Apple's iPhone 6 For Free – A New Facebook Scam

Win Apple's iPhone 6 For Free – A New Facebook Scam

Sep 17, 2014
Apple's iPhone 6 FREE ? Of course not ! It's only a hoax, but scammers have announced the just release iPhone 6 free. Another Facebook scam is circulating across the popular social networking website just days after Apple unveiled its upcoming iPhone 6 and iPhone 6 Plus, as scammers take advantage of all the hype and use them to lure Facebook users. THREE SIMPLE STEPS AND iPHONE 6 IS YOURS — REALLY? As usual, This new scam promises a chance to Win a free iPhone 6 to those users who complete a series of steps, as reported by Hoax-Slayer. You just need to go through "three easy steps" to get a chance to win the device: Like the Facebook page created to propagate the scam Share the page with your Facebook friends Download a "Participation Application" But before you proceed to the last step, a pop-up window leads you to participate in a survey before you can download the application. The survey will ask you to share your name, address, p
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Apple Allows Uber to Use a Powerful Feature that Lets it Record iPhone Screen

Apple Allows Uber to Use a Powerful Feature that Lets it Record iPhone Screen

Oct 06, 2017
If you are an iPhone user and use Uber app, you would be surprised to know that widely popular ride-hailing app can record your screen secretly. Security researcher Will Strafach recently revealed that Apple selectively grants (what's known as an " entitlement ") Uber a powerful ability to use the newly introduced screen-recording API with intent to improve the performance of the Uber app on Apple Watch. The screen-recording API allows the Uber app to record user's screen information even when the app is closed, giving Uber access to all the personal information passing through an iPhone screen. What's more?  The company's access to such permission could make this data vulnerable to hackers if they, somehow, able to hijack Uber's software. "It looks like no other third-party developer has been able to get Apple to grant them a private sensitive entitlement of this nature," Strafach told Gizmodo , who first reported about the issue. &q
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Exclusive : New Touch ID hack allows hacker to unlock an iPhone by multiple fingerprints

Exclusive : New Touch ID hack allows hacker to unlock an iPhone by multiple fingerprints

Sep 29, 2013
The Iranian group defeated the very basic phenomenon of an iPhone Fingerprinting scanner, which allows them to unlock an iPhone device with multiple Fingerprints. Apple's iPhone 5s , was launched just available in stores two weeks before with a new feature of biometrics-based security system called " Touch ID ", that involves analyzing a user's fingerprint and using that to unlock the phone. Apple launched the technology that it promises will better protect devices from criminals and snoopers seeking access. With this you can purchase things from the iTunes App Store. Basically, you can now use it in place of your password. " Fingerprint is one of the best passcodes in the world. It's always with you, and no two are exactly alike, " according to the Apple's website. Last week Germany Hackers showed that how they were able to deceive Apple's latest security feature into believing they're someone they're not, using a well-honed technique for
FBI Screwed Up — Police Reset Shooter's Apple ID Passcode that leaves iPhone Data Unrecoverable

FBI Screwed Up — Police Reset Shooter's Apple ID Passcode that leaves iPhone Data Unrecoverable

Feb 20, 2016
Another Surprising Twist in the Apple-FBI Encryption Case : The Apple ID Passcode Changed while the San Bernardino Shooter's iPhone was in Government Custody. Yes, the Federal Bureau of Investigation (FBI) has been screwed up and left with no option to retrieve data from iPhone that belonged to San Bernardino shooter Syed Farook. Apple has finally responded to the Department of Justice (DoJ) court filing that attempts to force Apple to comply with an FBI request to help the feds unlock Farook's iPhone, but Apple refused to do so. According to Apple, the company had been helping feds with the investigation since early January to provide a way to access Farook's iPhone, but the problem is that the feds approached the company after attempting a 'blunder' themselves. Here's How the FBI Screwed itself On October 19, 2015, Roughly six weeks before the San Bernardino terrorist attacks, Syed Farook made a last full iCloud backup of his iPhone 5
Apple Engineers say they may Quit if ordered to Unlock iPhone by FBI

Apple Engineers say they may Quit if ordered to Unlock iPhone by FBI

Mar 19, 2016
Apple Vs. FBI battle over mobile encryption case is taking more twists and turns with every day pass by. On one hand, the US Department of Justice (DOJ) is boldly warning Apple that it might compel the company to hand over the source code of its full iOS operating system along with the private electronic signature needed to run a modified iOS version on an iPhone, if… …Apple does not help the Federal Bureau of Investigation (FBI) unlock iPhone 5C belonging to one of the San Bernardino terrorists. And on the other hand, Apple CEO Tim Cook is evident on his part, saying that the FBI wants the company to effectively create the " software equivalent of cancer " that would likely open up all iPhones to malicious hackers. Now, some Apple engineers who actually develop the iPhone encryption technology could refuse to help the law enforcement break security measures on iPhone, even if Apple as a company decides to cooperate with the FBI. Must Read:   FBI Di
NSA: Steve Jobs is the real Big Brother and iPhone buyers are zombies

NSA: Steve Jobs is the real Big Brother and iPhone buyers are zombies

Sep 10, 2013
As we reported yesterday that, your Smartphone is a goldmine for the US National Security Agency (NSA), they have the full access to your Data available on your Smartphones including Android , iPhone and Blackberry. But among other Smartphones,  iPhone apparently is the most popular with the National Security Agency. Another NSA presentation leaked by NSA whistle-blower Edward Snowden and published by German paper Der Spiegel , describing Steve Jobs as the real Big Brother and iPhone buyers as the "zombies" . By cracking mobile operating systems and eavesdropping on mobile communications, the data obtained in this way includes contacts, call lists, SMS traffic, notes and location information. " Such as a iPhone picture of a foreign government official who took selfies while watching TV, and a picture of an unknown man, apparently an Afghani fighter, in the mountains of Afghanistan. And remember the iPhone's location bug? That enabled tracking of people over exten
New York Judge Rules FBI Can't Force Apple to Unlock iPhone

New York Judge Rules FBI Can't Force Apple to Unlock iPhone

Mar 01, 2016
Apple - 1; The FBI - 0 Apple Won a major court victory against the Federal Bureau of Investigation (FBI) in an ongoing legal battle similar to San Bernardino. In a New York case, a federal magistrate judge has ruled in favor of Apple, rejecting the U.S. government's request to force Apple to help the FBI extract data from a locked iPhone. This ruling from United States Magistrate Judge James Orenstein for the Eastern District of New York is a significant boost to Apple's pro-privacy stance to resist the agency's similar efforts over unlocking iPhone 5C of an alleged San Bernardino terrorist. The ruling [ PDF ] was issued on Monday as part of the criminal case against Jun Feng , who was pleaded guilty in October last year to drug charges. The Drug Enforcement Administration (DEA) seized Feng's iPhone 5 last year, but even after consulting the FBI, it was unable to access the iPhone. According to both the DEA and FBI, it's impossible for them to ov
Researchers Find Potential Way to Run Malware on iPhone Even When it's OFF

Researchers Find Potential Way to Run Malware on iPhone Even When it's OFF

May 16, 2022
A first-of-its-kind security analysis of iOS Find My function has identified a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that's executed while an iPhone is "off." The mechanism takes advantage of the fact that wireless chips related to Bluetooth, Near-field communication ( NFC ), and ultra-wideband ( UWB ) continue to operate while iOS is shut down when entering a "power reserve" Low Power Mode (LPM). While this is done so as to enable features like  Find My  and facilitate  Express Card transactions , all the three wireless chips have direct access to the secure element, academics from the Secure Mobile Networking Lab ( SEEMOO ) at the Technical University of Darmstadt  said  in a paper entitled "Evil Never Sleeps." "The Bluetooth and UWB chips are hardwired to the Secure Element (SE) in the NFC chip, storing secrets that should be available in LPM," the researchers sa
Apple is working on New iPhone Even It Can't Hack

Apple is working on New iPhone Even It Can't Hack

Feb 25, 2016
Amid an ongoing dispute with the United States government over a court order to unlock iPhone 5C of one of the San Bernardino shooters Syed Farook… ...Apple started working on implementing stronger security measures "even it can't hack" to achieve un-hackability in its future iPhones. The Federal Bureau of Investigation (FBI) is deliberately forcing Apple to create a special, backdoored version of iOS that could let them brute force the passcode on Farook's iPhone without erasing data. However, the FBI approached the company to unlock the shooter's iPhone 5C in various ways like: Create a backdoor to shooter's iPhone. Disable the Auto-destruct feature after numerous tries. Increase the brute force time to try out all combinations. Minimize the time of waiting for a window after each try. ..and much more Apple is still fighting the battle even after the clear refusal to the court that it will not provide any backdoor access to the a
Israeli Forensic Firm 'Cellebrite' is Helping FBI to Unlock Terrorist's iPhone

Israeli Forensic Firm 'Cellebrite' is Helping FBI to Unlock Terrorist's iPhone

Mar 23, 2016
Meet the security company that is helping Federal Bureau of Investigation (FBI) in unlocking San Bernardino shooters' iPhone: The Israeli mobile forensics firm Cellebrite . Yes, Cellebrite – the provider of mobile forensic software from Israel – is helping the FBI in its attempt to unlock iPhone 5C that belonged to San Bernardino shooter, Syed Rizwan Farook, the Israeli YNetNews reported on Wednesday. The company's website claims that its service allows investigators to unlock Apple devices running iOS 8.x " in a forensically sound manner and without any hardware intervention or risk of device wipe. " If Cellebrite succeeds in unlocking Farook's iPhone, the FBI will no longer need Apple to create a backdoored version of its iOS operating system that could let it access data on Farook's locked iPhone 5C. Apple is engaged in a legal encryption battle with the US Department of Justice (DoJ) over a court order that forces the company to write
USB Accessory Can Defeat iOS's New "USB Restricted Mode" Security Feature

USB Accessory Can Defeat iOS's New "USB Restricted Mode" Security Feature

Jul 10, 2018
With the release of iOS 11.4.1, Apple has finally rolled out a new security feature designed to protect your devices against USB accessories that connect to the data port, making it harder for law enforcement and hackers to break into your iPhone or iPad without your permission. Dubbed USB Restricted Mode , the feature automatically disables data connection capabilities of the Lightning port on your iPhone or iPad if the device has been locked for an hour or longer, while the port can still be used for device charging. In other words, every time you lock your iPhone, a countdown timer of an hour gets activated in the background, which if completed, enables the USB restricted mode to prevent unauthorized access to the data port. Once the USB Restricted Mode gets activated, there's no way left for breaking into an iPhone or iPad without the user's permission. The feature would, no doubt, defeat law enforcement's use of special unlocking hardware made by Cellebrite
0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

Nov 15, 2018
At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked. Three major flagship smartphones—iPhone X, Samsung Galaxy S9, and Xiaomi Mi6—were among the devices that successfully got hacked at the annual mobile hacking contest organized by Trend Micro's Zero Day Initiative (ZDI), earning white hat hackers a total of $325,000 in reward. Teams of hackers participated from different countries or representing different cybersecurity companies disclosed a total of 18 zero-day vulnerabilities in mobile devices made by Apple, Samsung, and Xiaomi, as well as crafted exploits that allowed them to completely take over the targeted devices. Apple iPhone X Running iOS 12.1 — GOT HACKED! A team of two researchers, Richard Zhu and Amat Cama, who named themselves Fluoroacetate, discovered and managed to
NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders

NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders

Apr 20, 2023 Zero-Day / Spyware
Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. "NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-click exploit chains against civil society targets around the world," the interdisciplinary laboratory based at the University of Toronto  said . NSO Group is the manufacturer of  Pegasus , a sophisticated cyber weapon that's capable of extracting sensitive information stored in a device – e.g., messages, locations, photos, and call logs, among others — in real-time. It's typically delivered to targeted iPhones using zero-click and/or zero-day exploits. While it has been pitched as a tool for law enforcement agencies to combat serious crimes such as child sexual abuse and terrorism, it has also been deployed illegally by authoritarian governments to spy on human rig
Google Researcher Publishes PoC Exploit for Apple iPhone Wi-Fi Chip Hack

Google Researcher Publishes PoC Exploit for Apple iPhone Wi-Fi Chip Hack

Sep 27, 2017
You have now another good reason to update your iPhone to newly released iOS 11—a security vulnerability in iOS 10 and earlier now has a working exploit publicly available. Gal Beniamini, a security researcher with Google Project Zero, has discovered a security vulnerability (CVE-2017-11120) in Apple's iPhone and other devices that use Broadcom Wi-Fi chips and is hell easy to exploit. This flaw is similar to the one Beniamini discovered in the Broadcom WiFi SoC (Software-on-Chip) back in April, and BroadPwn vulnerability disclosed by an Exodus Intelligence researcher Nitay Artenstein, earlier this summer. All flaws allow a remote takeover of smartphones over local Wi-Fi networks. The newly discovered vulnerability, which Apple fixed with its major iOS update released on September 19, could allow hackers to take control over the victim's iPhone remotely. All they need is the iPhone's MAC address or network-port ID. And since obtaining the MAC address of a connec
Hacker Releases 'Unpatchable' Jailbreak For All iOS Devices, iPhone 4s to iPhone X

Hacker Releases 'Unpatchable' Jailbreak For All iOS Devices, iPhone 4s to iPhone X

Sep 27, 2019
An iOS hacker and cybersecurity researcher today publicly released what he claimed to be a "permanent unpatchable bootrom exploit," in other words, an epic jailbreak that works on all iOS devices ranging from iPhone 4s (A5 chip) to iPhone 8 and iPhone X (A11 chip). Dubbed Checkm8, the exploit leverages unpatchable security weaknesses in Apple's Bootrom (SecureROM), the first significant code that runs on an iPhone while booting, which, if exploited, provides greater system-level access. "EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices," said axi0mX while announcing the publicly release of the exploit on Twitter. The new exploit came exactly a month after Apple released an emergency patch for another critical jailbreak vulnerability that works on Apple devices including the iPhone XS, XS Max, and XR and the 2019 iPad Mini and iPad Air, running iOS 12.4 and i
Cybersecurity Resources