Safari Flaw Can Expose iPhone Users in the EU to Tracking
Apple's implementation of installing marketplace apps from Safari is heavily flawed and can allow a malicious marketplace to track users across websites
Government hackers targeted iPhones owners with zero-days, Google says
One of the hacking campaigns used exploits developed by Variston, a Barcelona-based startup. Sources say the spyware maker is losing staff.
Here is Apple's official 'jailbroken' iPhone for security researchers | TechCrunch
A security researchers shared a picture of the instructions that go along Apple's Security Research Device and more details about this special iPhone.
iShutdown scripts can help detect iOS spyware on your iPhone
Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices by checking Shutdown.log, a system log file that stores reboot events. #Apple #Computer #InfoSec #Logging #Malware #Pegasus #Security #Spyware #iOS #iPhone
Amnesty confirms Apple warning: Indian journalists’ iPhones infected with Pegasus spyware
Apple's warnings in late October that Indian journalists and opposition figures may have been targeted by state-sponsored attacks prompted a forceful Behind closed doors, senior officials from Modi's administration demanded that Apple soften the political impact of the state-sponsored warnings, according to Washington Post.
Operation Triangulation: The last (hardware) mystery
Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24931349%2F236792_iPhone_15_Pro_and_15_Pro_Max_product_photos_AJohnson_0005.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Apple’s new iPhone security setting keeps thieves out of your digital accounts
Apple added a feature to iOS 17.3 that appears to address an iPhone security vulnerability that lets thieves steal iCloud accounts using only a user’s iPhone PIN.
Apple Confirms Governments Using Push Notifications to Surveil Users - MacRumors
Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google's and Apple's servers, a US... In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications put the companies "in a unique position to facilitate government surveillance of how users are using particular apps," Wyden said. He asked the Department of Justice to "repeal or modify any policies" that hindered public discussions of push notification spying.
%2Fcloudfront-us-east-2.images.arcpublishing.com%2Freuters%2FQXABTVRGK5L7FDNKBM27SUWXPE.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Governments spying on Apple, Google users through push notifications
Unidentified governments are surveilling smartphone users via their apps' push notifications, a U.S. senator warned on Wednesday.
Russian Hackers’ Lawsuit Reveals Weaknesses In Apple’s iOS 16
A Moscow legal battle strongly indicates that phone forensics tools used by both the FBI and FSB are exploiting security loopholes in Apple’s operating system.
iPhone: Why Apple is working hard to break into its own phones
In a secret location in Paris, Apple has hired an elite team of laser-wielding hackers to try and crack its iPhones. Andrew Griffin gets an inside look
Apple emergency updates fix 3 new zero-days exploited in attacks
Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year.
China’s iPhone ban expected to expand to more government agencies soon
A report yesterday revealed that China has banned government officials from using iPhones and other foreign technology within government agencies. Now, a report from Bloomberg says that this is only the start of China’s crackdown on iPhone, with a much broader set of restrictions also in the works.
Apple discloses 2 new zero-days exploited to attack iPhones, Macs
Apple released emergency security updates to fix two new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 13 exploited zero-days patched since the start of the year.
China Bans iPhone Use for Government Officials at Work
The directive is the latest step in Beijing’s campaign to cut reliance on foreign technology and could hurt Apple’s business in the country.
This $70 device can spoof an Apple device and trick you into sharing your password
Attendees at Def Con, one of the world’s largest hacking conferences, are used to weird shenanigans, such as a seemingly innocuous wall of computer screens that display people’s passwords sniffed over the conference Wi-Fi network. But at this year’s event, even conference veterans were confused and concerned when their iPhones started showing pop-up messages prompting them to connect their Apple ID or share a password with a nearby Apple TV.
Apple releases emergency update to fix zero-day exploited in attacks
Apple has issued a new round of Rapid Security Response (RSR) updates to address a new zero-day bug exploited in attacks and impacting fully-patched iPhones, Macs, and iPads.
A Matter of Triangulation.
Hi all, Today we have very big and important news. Kaspersky experts have discovered an extremely complex, professionally targeted cyberattack that uses Apple’s mobile devices. The purpose of this attack is the inconspicuous introduction of spyware into the iPhones of employees of the company – both top and middle-management. The attack is carried out using
Apple fixes three new zero-days exploited to hack iPhones, Macs
Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads.
Apple’s high security mode blocked NSO spyware, researchers say | TechCrunch
Apple has fixed the three exploits used to deploy the Pegasus spyware, which did not require any interaction from the target.
Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers - The Citizen Lab
At least five civil society victims of QuaDream’s spyware and exploits were identified in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists, political opposition figures, and an NGO worker. Traces of a suspected iOS 14 zero-click exploit used to deploy QuaDream’s spyware.
Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers - The Citizen Lab
At least five civil society victims of QuaDream’s spyware and exploits were identified in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists, political opposition figures, and an NGO worker. Traces of a suspected iOS 14 zero-click exploit used to deploy QuaDream’s spyware.
Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch
Researchers found malware developed by QuaDream, a little-known government spyware maker, which was used against journalists and politicians.
Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch
Researchers found malware developed by QuaDream, a little-known government spyware maker, which was used against journalists and politicians.
Apple sued for promising privacy, failing at it
What's allowed for Cupertino is verboten for everyone else Apple has again been sued for promising privacy and allegedly failing to provide it. The complaint [PDF], filed in Northern California District Court on behalf of plaintiff Julie Cima, claims Apple captures iPhone customer data despite device settings declaring a preference that information should not be shared.
Apple sued for promising privacy, failing at it
What's allowed for Cupertino is verboten for everyone else Apple has again been sued for promising privacy and allegedly failing to provide it. The complaint [PDF], filed in Northern California District Court on behalf of plaintiff Julie Cima, claims Apple captures iPhone customer data despite device settings declaring a preference that information should not be shared.
Advertising ID: APPLE DISTRIBUTION INTERNATIONAL fined 8 million euros
On 29 December 2022, the CNIL's restricted committee imposed an administrative fine of 8 million euros on the company APPLE DISTRIBUTION INTERNATIONAL because it did not collect the consent of iPhone's French users (iOS 14.6 version) before depositing and/or writing identifiers used for advertising purposes on their terminals.
Advertising ID: APPLE DISTRIBUTION INTERNATIONAL fined 8 million euros
On 29 December 2022, the CNIL's restricted committee imposed an administrative fine of 8 million euros on the company APPLE DISTRIBUTION INTERNATIONAL because it did not collect the consent of iPhone's French users (iOS 14.6 version) before depositing and/or writing identifiers used for advertising purposes on their terminals.
Apple fixes 'actively exploited' zero-day security vulnerability affecting most iPhones
The iPhone security flaw was discovered by a Google unit that uncovers nation-state spyware, hacking and cyberattacks.
Apple fixes 'actively exploited' zero-day security vulnerability affecting most iPhones
The iPhone security flaw was discovered by a Google unit that uncovers nation-state spyware, hacking and cyberattacks.