There's a new bug floating around called "chaiOS" that appears to be a basic GitHub link. However, when you text it to a person via the iMessage app, it will crash the app and possibly cause the device to freeze and restart.
In other words: Be aware that this exists, but don't send it to anyone. It was Twitter user Abraham Masri who first uncovered the bug. The people tested it out, and it certainly messed up their devices. They reported crashes and severe lags as a result of the bugs that persisted until the thread containing the link was deleted from the iMessage app.Read more
Apple’s iPhones, iPads and Mac computers are all vulnerable to the major processor flaws revealed on Wednesday, the company has warned, but it says updates are already available.
The flaws known as Meltdown and Spectre affect almost every modern computing device from all manufacturers using chip designs from Intel, AMD and ARM. Apple uses Intel processors in its Mac computers and ARM-based designs for its A-series processors used in the iPhone, iPad, Apple TV and Apple Watch lines. Apple said: “All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time.”Read more
Google's Project Zero iOS bug hunter Ian Beer has released details about an iOS 11 exploit that could offer up a jailbreak for iOS 11.1.2. Beer last week teased that he had an exploit called 'tfp0', which is short for the kernel task port in iOS, and has today followed with an exploit using two recently patched flaws that may offer the rare prospect of a possible jailbreak on iOS.
It appears what he has released isn't a full jailbreak but enough to allow security researchers to bypass software restrictions imposed by Apple and test a newish version of iOS. It may also help create a jailbreak for those interested in testing iOS 11.1.2 or below.Read more
Whenever you give iPhone apps permission to access your camera, the app can surreptitiously take pictures and videos of you as long as the app is in the foreground, a security researcher warned on Wednesday.
Felix Krause, who recently warned of the danger of malicious iPhone password popups, wrote a blog post as a sort of PSA for iPhone users. To be clear, this is not a bug, but likely intended behavior. What this means is that even if you don't see the camera "open" in the form of an on-screen viewfinder, an app can still take photos and videos. It is unknown how many apps currently do this, but Krause created a test app as a proof-of-concept.Read more
A bug that has been confirmed on both iOS 11 and iOS 11.1 beta allows hackers to bypass the passcode of an iPhone and access the photos stored in the gallery by simply dialing your phone number.
Discovered by YouTube iDeviceHelp, this bug can be exploited by dialing the phone number of the locked iPhone. To gain unauthorized access, the exploit also involves invoking Siri, so if the digital assistant is disabled on your device, you’re on the safe side. As you can see for yourselves in the video at the end of the article, the method is quite complex and even though it’s hard to believe that someone would discover it by mistake.Read more
One of iOS' rougher edges are the popups it produces on a regular but seemingly random basis. These popups require users to enter their Apple ID before they can install or update an app or complete some other mundane task.
The prompts have grown so common most people don't think twice about them. Mobile app developer Felix Krause makes a compelling case that these popups represent a potential security hole through which attackers can steal user credentials. In a blog post published Tuesday, he showed side-by-side comparisons, pictured above, of an official popup produced by iOS and a proof-of-concept phishing popup.Read more
Just like any other digital device that can connect to the internet, your mobile phone poses a security threat if you don’t take the steps required to protect it. With so many new apps being released in the Apple App Store and the Google Play Store every day, it’s difficult to know which ones can be trusted.
There have been plenty of reports of users installing apps on their phones which can then do anything from track everything you type to taking control of your camera without your knowledge. This is a seriously scary prospect if you value your privacy and don’t want identity thieves to be able to steal your identity or bank details.Read more
WhatsApp Messenger, WinZip, and Where's My Droid Pro have made the list for the most blacklisted iOS and Android apps in enterprise environments.
Mobile security firm Appthority launched the latest Enterprise Mobile Security Pulse Report, a glimpse into how enterprise players tackle mobile security and network threats by banning apps considered to be a threat from accessing corporate resources and platforms. Corporations can blacklist mobile applications for a variety of reasons. Known security holes and vulnerabilities or ways for confidential information to be leaked, a lack of secure communication and encryption.Read more
Popular weather app AccuWeather has been caught sending geolocation data to a third-party data monetization firm, even when the user has switched off location sharing. AccuWeather is one of the most popular weather apps in Apple's app store, with a near perfect four-star rating and millions of downloads to its name.
But what the app doesn't say is that it sends sensitive data to a firm designed to monetize user locations without users' explicit permission. Security researcher Will Strafach intercepted the traffic from an iPhone running the latest version of AccuWeather and its servers and found that even when the app didn't have permission to access the device's precise location.Read more
Android often makes the news for being the mobile platform that’s most susceptible to malware. But that doesn’t mean that iOS is completely safe. In fact, it turns out that hackers can take over your iPhone, iPad, or iPod touch and control it without your knowledge.
So you’d better update your device to the latest iOS version, which was just released. Even your brand new iPhone 7 is a potential target, so don’t think that just because it’s fresh hardware, it can’t be attacked by malicious individuals. Apple says on its support pages that iPhone 5 or later, iPad 4th generation or later and iPod touch 6th generation are all affected by this serious bug.Read more