Security News
A popular jailbreaking tool called "Unc0ver" has been updated to support iOS 14.3 and earlier releases, thereby making it possible to unlock almost every single iPhone model using a vulnerability that Apple in January disclosed was actively exploited in the wild. The latest release, dubbed unc0ver v6.0.0, was released on Sunday, according to its lead developer Pwn20wnd, expanding its compatibility to jailbreak any device running iOS 11.0 through iOS 14.3 using a kernel vulnerability, including iOS 12.4.9-12.5.1, 13.5.1-13.7, and 14.0-14.3.
The jailbreak-which UnC0ver said works on iOS versions 11.0 to 14.3-exploits the kernel vulnerability CVE-2021-1782, one of three iOS flaws for which Apple released an emergency update, iOS 14.4, last month. Anyone with a device running 14.3 or earlier version of iOS can use the tool to hack into their iPhone, according to UnC0ver.
Google Chrome for iOS is getting a new privacy feature that lets you lock your opened Incognito tabs behind your iPhone's Face ID or Touch ID biometric authentication features. If a user leaves their phone unlocked, someone can launch Chrome and view the currently open Incognito mode tabs.
Google Chrome for iOS is getting a new privacy feature that lets you lock your opened Incognito tabs behind your iPhone's Face ID or Touch ID biometric authentication features. If a user leaves their phone unlocked, someone can launch Chrome and view the currently open Incognito mode tabs.
Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google. To achieve this, Apple relies on Google Safe Browsing - or Tencent Safe Browsing for users in Mainland China - a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent.
Apple's forthcoming iOS 14.5 release, currently in beta, will conceal the IP address of Safari web surfers from Google's Safe Browsing service, integrated into Safari to spot fraudulent websites. That means when Safari users visit a website with Safe Browsing active, their IP addresses will be associated with an Apple domain rather than their internet service provider or corporate network.
Qualys announced it is expanding Qualys VMDR to mobile devices with support for Android and iOS/iPadOS delivering an end-to-end solution for mobile device security. Qualys' all-in-one VMDR provides in-depth mobile device visibility, data security insights, proactive posture monitoring, and automated response for all iOS and Android devices and installed apps - just like VMDR does for on premises, endpoints, clouds, containers, OT and IoT assets.
Facebook has created a new screen in its iOS app that will urge people to allow it to continue stalking their online activities for targeted advertising. This is in response to Apple preparing to introduce a prompt that asks users whether or not they want to grant Facebook's software permission to track them when they use other apps and websites.
Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor," the improved sandbox system for iMessage data was disclosed by Samuel Groß, a Google Project Zero researcher tasked with studying zero-day vulnerabilities in hardware and software systems.
In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version. The service comes on the heels of a recently uncovered iMessage zero-click exploit, which was being leveraged in an espionage attack against Al Jazeera journalists and executives.