The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Search results for lockscreen

New Android Malware Steals Banking Passwords, Private Data and Keystrokes

New Android Malware Steals Banking Passwords, Private Data and Keystrokes

April 30, 2020Ravie Lakshmanan
A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes. Called "EventBot" by Cybereason researchers, the malware is capable of targeting over 200 different financial apps, including banking, money transfer services, and crypto-currency wallets such as Paypal Business, Revolut, Barclays, CapitalOne, HSBC, Santander, TransferWise, and Coinbase. "EventBot is particularly interesting because it is in such early stages," the researchers said. "This brand new malware has real potential to become the next big mobile malware, as it is under constant iterative improvements, abuses a critical operating system feature, and targets financial applications." The campaign, first identified in March 2020, masks its malicious intent by posing as legitimate applications (e.g., Adobe Fl
Google offers up to $1.5 million bounty for remotely hacking Titan M chip

Google offers up to $1.5 million bounty for remotely hacking Titan M chip

November 22, 2019Wang Wei
With its latest announcement to increase bug bounty rewards for finding and reporting critical vulnerabilities in the Android operating system, Google yesterday set up a new challenging level for hackers that could let them win a bounty of up to $1.5 million. Starting today, Google will pay $1 million for a "full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices," the tech giant said in a blog post published on Thursday. Moreover, if someone manages to achieve the same in the developer preview versions of Android, Google will pay an additional $500,000, making the total to $1.5 million—that's 7.5 times more than the previous top Android reward. Introduced within the Pixel 3 smartphones last year, Google's Titan M secure element is a dedicated security chip that sits alongside the main processor, primarily designed to protect devices against the boot-time attacks. In other words, Titan M chip
Yikes! iOS 13 Coming Next Week With iPhone LockScreen Bypass Bug

Yikes! iOS 13 Coming Next Week With iPhone LockScreen Bypass Bug

September 13, 2019Swati Khandelwal
Good news... next week, on September 19, Apple will roll out iOS 13, the latest version of its mobile operating system. Yes, we're excited about, but here comes the bad news... iOS 13 contains a vulnerability that could allow anyone to bypass the lockscreen protection on your iPhone and access some sensitive information. Jose Rodriguez , a Spanish security researcher, contacted The Hacker News and revealed that he discovered a lockscreen bypass bug in iOS 13 that allowed him to access the full list of Contacts on his iPhone—and every piece of information saved on them. Rodriguez told The Hacker News that he discovered the new lockscreen bypass bug on his iPhone running iOS 13 beta version and reported it to Apple on July 17. However, unfortunately, Apple failed to patch the bug even after being informed months ago, and the bypass is still working on the Gold Master (GM) version of iOS 13, the final version of the software that will be rolled out to everyone on Septembe
New iPhone Bug Gives Anyone Access to Your Private Photos

New iPhone Bug Gives Anyone Access to Your Private Photos

October 16, 2018Mohit Kumar
A security enthusiast who discovered a passcode bypass vulnerability in Apple's iOS 12 late last month has now dropped another passcode bypass bug that works on the latest iOS 12.0.1 that was released last week. Jose Rodriguez, a Spanish amateur security researcher, discovered a bug in iOS 12 in late September that allows attackers with physical access to your iPhone to access your contacts and photos. The bug was patched in iOS 12.0.1, but he now discovered a similar iPhone passcode bypass hack that works in 12.0.1 and is easier to execute than the bug Rodriguez discovered and reported two weeks ago. The new hack allows anyone with physical access to your locked iPhone to access your photo album, select photos and send them to anyone using Apple Messages. Since the new hack requires much less effort than the previous one, it leaves any iPhone user vulnerable to a skeptic or distrustful partner, curious college, friend or roommate who could access your iPhone's photo
Google to Encrypt Android Cloud Backups With Your Lock Screen Password

Google to Encrypt Android Cloud Backups With Your Lock Screen Password

October 15, 2018Swati Khandelwal
In an effort to secure users' data while maintaining privacy, Google has announced a new security measure for Android Backup Service that now encrypts all your backup data stored on its cloud servers in a way that even the company can't read it. Google allows Android users to automatically backup their essential app data and settings to their Google account, allowing them to simply restore it when required, instead of re-configuring all the apps after formatting or switching to a new phone. However, until now your backup data was not encrypted and visible to Google, and now the company is going to change its storage procedure. Starting with Android Pie, Google is going to encrypt your Android device backup data in the following way: Step 1: Your Android device will generate a random secret key (not known to Google), Step 2: The secret key will then get encrypted using your lockscreen PIN/pattern/passcode (not known to Google), Step 3: This passcode-protected
New iPhone Passcode Bypass Hack Exposes Photos and Contacts

New iPhone Passcode Bypass Hack Exposes Photos and Contacts

October 02, 2018Wang Wei
Looking for a hack to bypass the passcode or screen lock on iPhones? Jose Rodriguez, an iPhone enthusiast, has discovered a passcode bypass vulnerability in Apple's new iOS version 12 that potentially allows an attacker to access photos and contacts, including phone numbers and emails, on a locked iPhone XS and other recent iPhone models. Rodriguez, who also discovered iPhone lock screen hacks in the past, has posted two videos (in Spanish) on his YouTube channel under the account name Videosdebarraquito demonstrating a complicated 37-step iPhone passcode bypass process. The iPhone authorization screen bypass flaw works on the latest iPhones, including the iPhone XS, running Apple's latest iOS 12 beta and iOS 12 operating systems. Video Demonstrations: Here's How to Bypass iPhone Passcode As you can watch in the video demonstrations, the iPhone hack works provided the attacker has physical access to the targeted iPhone that has Siri enabled and Face ID either disa
Windows 10 Will Now Let You Reset Forgotten Password Directly From the Lock Screen

Windows 10 Will Now Let You Reset Forgotten Password Directly From the Lock Screen

July 17, 2017Mohit Kumar
Microsoft is making every effort to make its Windows 10 Fall Creators Update bigger than ever before by beefing up its security practices and hardening it against hackers and cyber attacks in its next release. Microsoft is finally adding one of the much-requested features to Windows 10: Pin and Password recovery option directly from the lock screen. Yes, the next big update of Windows 10, among other features, will allow you to recover your forgotten pin and password, allowing you to reset your Windows password directly from the lock screen. In Windows 10 Fall Creators Update, you will see "Reset password" or "I forgot my PIN" options on the login screen along with the sign-in box, mspoweruser confirmed . Once you click on the option, Windows 10 will take you to the OOBE where Cortana will help you reset your password, after you successfully verify your identity using either your secondary email, your phone number, or Microsoft Authenticator. A veri
New Hack: How to Bypass iPhone Passcode to Access Photos and Messages

New Hack: How to Bypass iPhone Passcode to Access Photos and Messages

November 17, 2016Swati Khandelwal
Setting a passcode on your iPhone is the first line of defense to help prevent other people from accessing your personal details. However, it's pretty much easy for anyone with access to your iPhone to bypass the passcode protection (doesn't matter if you configured Touch ID or not) and access your personal photos and messages. A new critical security flaw discovered in iOS 8 and newer, including 10.2 beta 3, allows anyone to bypass iPhone's passcode and gain access to personal information using the benevolent nature of Apple's personal assistant Siri. The security glitch has been discovered by EverythingApplePro and iDeviceHelps and now that they have gone public with a video demonstration, you can expect Apple to fix this issue in the next iOS beta version. All an attacker need is to find out the phone number of the target's iPhone and access to the phone for a few minutes. But, what if you don't have target's phone number? No worries. You can
Pokémon GO — 6 Important Things You Should Know Before Playing this Game

Pokémon GO — 6 Important Things You Should Know Before Playing this Game

July 18, 2016Mohit Kumar
Pokémon GO launched just two weeks ago, and people have been getting crazy to catch 'em all. Users, on an average, are spending more time engaged with the new Pokémon GO app than any other apps like Snapchat. But, before downloading and playing Nintendo's new location-based augmented reality game, users are required to keep the following points in their minds: 1. Unofficial Pokémon GO app might contain Malware Since Pokémon GO is currently available in only a few countries, many third-party gaming websites are offering tutorials due to huge interest surrounding the app, recommending users to download the APK from a non-Google Play link. Users need to "side-load" the malicious app to install the APK by modifying their Android core security settings, which allows their device's OS to install apps from " untrusted sources ." However, researchers have discovered that many of these online tutorials are linked to malicious versions of the Pokém
Hacker reveals How to Bypass iPhone 6s Lock Screen Passcode [Video]

Hacker reveals How to Bypass iPhone 6s Lock Screen Passcode [Video]

April 06, 2016Swati Khandelwal
Apple gave you a reason to turn your Siri OFF. A critical security flaw in Apple's newest iPhones running the latest version of the iOS operating system allows anyone to bypass the phone's lockscreen and gain access to personal information. The iPhone lockscreen bypass bug only works on the iPhone 6S and iPhone 6S Plus, as these devices take advantage of the 3D Touch functionality that is used to bypass the lockscreen passcode and access photos and contacts. The lockscreen bypass bug is present in iOS 9.2 and later, including the latest iOS 9.3.1 update, released last week. Anyone with physical access to an affected iPhone can gain access to the victim's photos, emails, text and picture messages, contacts, and phone settings, according to the Full Disclosure mailing list. Here's How to bypass iPhone's Lockscreen Step 1: If you own iPhone 6S or 6S Plus, first lock your device. Step 2: Invoke Siri and speak 'Search Twitter.'
Windows 10 Started Showing Ads on LockScreen — Here's How to Turn It OFF

Windows 10 Started Showing Ads on LockScreen — Here's How to Turn It OFF

February 26, 2016Mohit Kumar
If you've upgraded your older version of Windows OS to an all new Windows 10 operating system then you may have noticed an advertisement appearing on your desktop or laptop's lock screen over the past couple of days. Yes, this is what Microsoft has chosen to generate revenue after offering Free Windows 10 Download to its users: Monetize the Lock Screen . Thanks to Windows 10's new Spotlight feature that usually shows you clean and beautiful photographs and fun facts on your lock screen, but now started displaying advertisements to over 200 Million devices running Windows 10. Some Windows 10 users have reported seeing ads for Rise of the Tomb Raider with links to Windows Store from where users can purchase the video game. Microsoft started selling the game last month. Although the ads are not as annoying as the Windows 10 privacy concerns related to the way Microsoft collects your personal data , the good news is that you can turn the ads OFF. Must
Just One Device? No, Government wants Apple to Unlock 12 More iPhones

Just One Device? No, Government wants Apple to Unlock 12 More iPhones

February 24, 2016Mohit Kumar
Until now, the FBI is asking for Apple's help in unlocking the iPhone belonging to one of the terrorists in the San Bernardino shootings that killed 14 and injured 24 in December. However, in addition to iPhone 5C belonged to San Bernardino shooter Syed Farook, the U.S. Justice Department is looking at court orders forcing Apple to help officials unlock at least 12 iPhones. Citing sources, the Wall Street Journal reported that the federal authorities want to extract data from iPhones seized in a variety of criminal investigations are involved in undisclosed cases where prosecutors are compelling Apple to help them bypass iPhone's lockscreen. Although more details of these cases are not yet publicly disclosed, these dozen or so cases are all distinct from San Bernardino shooter's case and involve many iPhones using an older iOS version that has fewer security barriers to bypass. Also Read:    Police Reset Shooter's Apple ID that leaves iPhone Data U
Hackers Can Use Radio-waves to Control Your Smartphone From 16 Feet Away

Hackers Can Use Radio-waves to Control Your Smartphone From 16 Feet Away

October 14, 2015Swati Khandelwal
What if your phone starts making calls, sending text messages and browsing Internet itself without even asking you? No imaginations, because hackers can make this possible using your phone's personal assistant Siri or Google Now. Security researchers have discovered a new hack that could allow hackers to make calls, send texts, browser a malware site, and do many more activities using your iOS or Android devices' personal assistant Siri or Google Now — without even speaking a single word. A Group of researchers from French government agency ANSSI have discovered that a hacker can control Apple's Siri and Android's Google Now by remotely and silently transmitting radio commands from as far as 16 feet away... ...only if it also has a pair of headphones plugged into its jack. How does the Hack Work? It is very interesting and a mind-blowing technique. The Hack utilizes: An iPhone or Android handset with headphones plugged in A radio tra
Apple iOS 9.0.2 Update Patches Lock Screen Bypass Exploit

Apple iOS 9.0.2 Update Patches Lock Screen Bypass Exploit

October 01, 2015Wang Wei
Apple has rolled out the second minor iteration of its newest mobile operating system iOS 9, which fixes the iOS lockscreen vulnerability . The widely publicized LockScreen bug allowed anyone with physical access to your iOS device running iOS 9.0 or  iOS 9.0.1 to access all the contacts and photos without unlocking the device. Just one week after the last update iOS 9.0.1, Apple rolled out iOS 9.0.2 update that fixes: iMessage activation problems An issue with mobile data settings An issue with iCloud Backup An issue where the screen incorrectly rotates when receiving notifications Improves the stability of Podcasts According to an update on Apple's support website, the iOS lockscreen issue was the only security bug fixed in the latest iOS 9.0.2 release. Last week, iPhone user Jose Rodriguez published a " dead simple " method to bypass lock screen of the devices running iOS 9 and iOS 9.0.1. Using the benevolent nature of Apple's
'The Hacker News' Weekly Roundup — 14 Most Popular Stories

'The Hacker News' Weekly Roundup — 14 Most Popular Stories

September 28, 2015Swati Khandelwal
To make the last week's top cyber security threats and challenges available to you in one shot, we are once again here with our weekly round up. Last week, we came across lots of cyber security threats like the XCodeGhost malware in Apple's App Store and lockscreen bypass bug in iOS 9 and iOS 9.0.1 that made us sad, but… …we were also thrilled by latest developments such as Microsoft's new Linux-based operating system  Azure Cloud Switch (ACS) , unhackable MicroKernel " SeL4 ", and Facebook ' Dislike or Empathy Button '. I recommend you to read the entire thing (just click ' Read More ' because there's some valuable advice in there as well). Here's the list: 1. Microsoft Developed its Own Linux Operating System One of the trending news of last week. Microsoft built its own Linux-based operating system known as Azure Cloud Switch (ACS) . The company described ACS as a "cross-platform, modular operating system for data center n
Latest iOS 9.0.1 Update Failed to Patch Lockscreen Bypass Hack

Latest iOS 9.0.1 Update Failed to Patch Lockscreen Bypass Hack

September 26, 2015Swati Khandelwal
iOS 9.0.1 – Apple's first update to its new iOS 9 mobile operating system, came out on Wednesday, addressed several bugs in its software. However, unfortunately, it seems that the latest update iOS 9.0.1 doesn't fix the lock screen bypass vulnerability reported by iPhone user Jose Rodriguez. Yes, the serious flaw in iOS 9 that allows anyone – with physical access of your iPhone or iPad – to bypass your device's lock screen and get into your contacts and personal photographs, also Works on iOS 9.0.1 . Video Demonstration: Rodriguez published a new video detailing a step-by-step explanation on how to bypass the passcode on iOS 9 and iOS 9.0.1 device, using the benevolent nature of Apple's personal assistant Siri. The lock screen bypass vulnerability works on all iOS versions from iOS 5.1.1 to the latest released iOS 9.0.1 . Mitigation So, until Apple rolls out an update to patch this bug, the only way available to iPhone users to mitiga
Hacker Finds a Simple Way to Bypass Android 5.x Lock Screen [Steps & Video]

Hacker Finds a Simple Way to Bypass Android 5.x Lock Screen [Steps & Video]

September 16, 2015Khyati Jain
A Security researcher and hacker, named John Gordon , has found an easy way to bypass the security of locked smartphones running Android 5.0 and 5.1 (Build LMY48M). Many of us use various security locks on our devices like Pattern lock, PIN lock and Password lock in order to protect the privacy of our devices. However, a vulnerability could now allow anyone to take your Android smartphone ( 5.0 build LMY48I ) with locked screen, perform a " MAGIC TRICK " and as a result crash the user interface (UI) for the password screen and gain access to your device. The vulnerability, assigned CVE-2015-3860 , has been dubbed as " Elevation of Privilege Vulnerability in Lockscreen ". How the Attack Works? The secret behind the researcher's "MAGIC TRICK" is as follows: Get the device and open the Emergency dialer screen. Type a long string of numbers or special characters in the input field and copy-n-paste a long string continuously til
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.