ios

Earn $2,000,000 by remotely jailbreaking an iPhone

Will anyone come up with a zero-day remote exploitation of iOS 12.x without user interaction?

The sad truth is that we may never know for sure… but intelligence agencies might.


2 min read

tripwire.com

Unlocking Android phones with a 3D-printed head

Forbes journalist Thomas Brewster wanted to find out just how well a variety of Android phones and a top-of-the-range Apple iPhone would fare against a determined attempt to break facial recognition. And he did that by having a 3D-model printed of his head.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #107: Sextorting the US army, and a Touch ID scam

Fitness apps exploit TouchID through a sneaky user interface trick, tech giants claim to have a plan to banish passwords, and you won’t believe who was behind a sextortion scam that targeted over 400 members of the US military.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by ferret-loving ethical hacker Zoë Rose.


1 min read

Fitness-tracking apps caught misusing Touch ID to steal money from iPhone users

Two iOS fitness apps have been found exploiting a sneaky user interface trick to fool users into making unwanted in-app purchases with Touch ID.


1 min read

bitdefender.com

Yes, you should update your iPhone to iOS 12.1, but its lock screen is *still* unsafe

The latest iOS passcode bypass bug appears to have been introduced by Apple’s new Group Facetime feature.

Read more in my article on the Hot for Security blog.


0 sec read

000000 is Kanye West’s iPhone passcode

You can bet mischievous hackers are right now trying to crack into Kanye West’s online accounts with equally diabolical passwords.


1 min read

bitdefender.com

Even with the latest iOS 12 update, your iPhone’s lockscreen is unsafe

Once again, a way of bypassing the iPhone’s passcode lock to expose users’ photos and contacts has been discovered.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

How to crash and restart an iPhone with a CSS-based web attack

A security researcher has revealed a method of crashing and restarting iPhones and iPads, with just a few lines of code that could be added to any webpage.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Facebook pulls its VPN from the iOS App Store after data-harvesting accusations

Facebook has withdrawn its Onavo Protect VPN app from the iOS App Store after Apple determined that it was breaking data-collection policies.

Read more in my article on the Hot for Security blog.


0 sec read

tripwire.com

Hackers automate the laundering of money via Clash of Clans

Popular smartphone games such as “Clash of Clans” are being used to launder hundreds of thousands of dollars on behalf of credit card thieves.

Read more in my article on the Tripwire State of Security blog.


0 sec read

bitdefender.com

New iOS security feature can be defeated by a $39 adapter… sold by Apple

A one hour countdown timer can be reset simply by connecting the iPhone to an untrusted USB accessory – giving law enforcement plenty of opportunity to crack your passcode with specialist tools.


0 sec read

tripwire.com

Disgruntled programmer accused of trying to sell his firm’s iPhone spyware for $50 million

Your company doesn’t have to work in the field of high-tech surveillance and spyware to find itself at risk from insiders.

Read more in my article on the Tripwire State of Security blog.


0 sec read

bitdefender.com

Too many IoT smartphone apps making life easy for online criminals

Warnings have been raised again about the security of the smartphone apps used to control IoT devices, with many found to be lacking elementary security and privacy measures.

Read more in my article on the Bitdefender Box blog.


0 sec read

welivesecurity.com

How a boobytrapped QR code can trick iOS 11 into taking you to a malicious website

A security researcher has publicised a flaw in the latest version of iOS that could fool iPhone users into visiting a malicious website rather than a safe one.

Read more in my article on the We Live Security blog.


0 sec read

welivesecurity.com

Hey Siri! Read me this locked iPhone’s hidden messages…

Messages sent to your iPhone may not be as private as you think.

Read more in my article on the We Live Security blog.


0 sec read

Phone-cracking firm advertises that it can unlock any iPhone

Israeli security firm Cellebrite claims it can now even unlock iPhones running the very latest version of iOS.


1 min read