[ad_1] Twitter user axi0mX revealed the bootrom exploit, dubbed checkm8, that makes it possible to jailbreak the devices. As The Verge explains, bootrom exploits take advantage of a vulnerability in the initial code that iOS devices load when they boot up. Because it’s read-only memory (ROM), Apple can’t overwrite or patch it through a software […]
Category: exploit
SIM-based attack has been used to spy on people for two years
[ad_1] Crucially, the approach is silent. While it does use SMS, you won’t get notifications. An intruder can obtain frequent updates without giving away their activity. The exploit is also device-agnostic, and has been used against iPhones, numerous brands of Android phones and some SIM-equipped Internet of Things devices. And it’s not just a theoretical […]
Apple tries to clear up Google’s claims about iOS vulnerabilities
[ad_1] Apple reiterates that the vulnerabilities Google highlighted were fixed in February. It says the attack affected fewer than a dozen websites that were targeted at the Uighur community. Apple believes the website attacks were only operational for about two months, not two years, as the Google security researchers wrote. Apple reportedly fixed the issue […]
Sites stealing iPhone data reportedly targeted Uyghur Muslims
[ad_1] It’s not certain if the sites also targeted Android users, although Forbes sources said Android and Windows users were also under the crosshairs. China has used a number of tactics to compromise phones and crack down on Uyghur Muslims. Border guards have reportedly been installing surveillance apps on the Android phones of tourists entering […]
Google uncovers exploit-laden websites that stole data from iPhones
[ad_1] Motherboard notes that the implant can also infiltrate a user’s keychain and all the passwords in it, as well as the databases for other end-to-end encrypted messaging apps like Telegram and WhatsApp. The Project Zero team discovered a total of fourteen vulnerabilities affecting iPhones running on iOS 10 up to the latest version of […]
Apple quietly updates Macs to remove Zoom webcam exploit
[ad_1] Zoom told TechCrunch that it partnered with Apple to test the fix. It shouldn’t affect functionality other than requiring your permission to launch the app. We’ve asked Apple for comment. Apple is known to deliver quiet updates to block malware. This, however, is another story — the company is pushing an update to fix […]
Zoom will remove server behind Mac webcam security hole
[ad_1] The company had previously defended its earlier decisions. The web server only responded to requests from the local computer, Zoom said. It argued that this was more convenient than having to confirm launching the Zoom client every time you wanted to get into a meeting. It also fixed a denial-of-service bug in May, although […]
US Cyber Command warns of nation-state hackers exploiting Outlook
[ad_1] ZDNet noted that a known Iran-backed hacking team, APT33, had used the same vulnerability in December to install back doors on servers and promptly push the flaw to Outlook users. Chronicle Security’s Brandon Levene also found that Cyber Command’s code samples appeared related to APT33’s disk-wiping Shamoon malware. Symantec had also warned of increased […]
Indian streaming giant broke Safari support to deal with security hole
[ad_1] The company publicly blamed “technical limitations” in Safari for the sudden lack of support, but the tipsters said this wasn’t the truth. They instead said that Hotstar fully intended on restoring Safari support once it had patched the flaw on its side, and the site appeared to have resumed working at the time we […]
Mac security hole reportedly lets attackers bypass app safeguards
[ad_1] Apple may have another Gatekeeper security flaw on its hands. Researcher Filippo Cavallarin has detailed a macOS vulnerability that he said would let attackers install malware without the usual permission request. As Gatekeeper considers network sh… [ad_2] Source link