Security News

Researchers have disclosed a novel technique by which malware on iOS can achieve persistence on an infected device by faking its shutdown process, making it impossible to physically determine if an iPhone is off or otherwise. NoReboot works by interfering with the routines used in iOS to shutdown and restart the device, effectively preventing them from ever happening in the first place and allowing a trojan to achieve persistence without persistence as the device is never actually turned off.

Historically, when malware infects an iOS device, it can be removed simply by restarting the device, which clears the malware from memory. When an iPhone is shut off, its screen naturally goes dark, the camera is turned off, 3D touch feedback does not respond to long presses, sounds from calls and notifications are muted, and all vibrations are absent.

The bug affects the Home app, Apple's home automation software that lets you control home devices - webcams, doorbells, thermostats, light bulbs, and so on - that support Apple's HomeKit ecosystem. Wiping your data is quick and reliable because Apple mobile devices always encrypt your data, even if you don't set a lock code of your own, using a randomly chosen passphrase kept in secure storage.

As if the Log4Shell hellscape wasn't already driving everybody starkers, it's time to update iOS 15.2 and a crop of other Apple iGadgets, lest your iPhone get taken over by a malicious app that executes arbitrary code with kernel privileges. To paraphrase one mobile security expert, the iOS 15.2 and iPadOS update - released by Apple on Monday along with updates for macOS, tvOS and watchOS - is as hairy as a Lhasa Apso.

Apple on Monday released updates to iOS, macOS, tvOS, and watchOS with security patches for multiple vulnerabilities, including a remote jailbreak exploit chain as well as a number of critical issues in the Kernel and Safari web browser that were first demonstrated at the Tianfu Cup held in China two months ago. A set of kernel vulnerabilities were eventually harnessed by the Pangu Team at the Tianfu hacking contest to break into an iPhone13 Pro running iOS 15, a feat that netted the white hat hackers $330,000 in cash rewards.

An unknown assailant planted NSO Group's Pegasus spyware on the iPhones of at least nine U.S. State Department employees, according to four of Reuters' sources who are familiar with the matter. Two of Reuters' sources said that the targeted State Department employees were using iPhones registered with foreign telephone numbers, without the U.S. country code.

Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues pertaining to the country are said to have singled out using iPhones registered to their overseas phone numbers, although the identity of the threat actors behind the intrusions, or the nature of the information sought, remains unknown as yet.

The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters. NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. federal court holding it accountable for illegally targeting users with its Pegasus surveillance tool, marking yet another setback for the Israeli spyware vendor. "State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change," said Craig Federighi, Apple's senior vice president of Software Engineering in a statement.

Apple today sued NSO Group, which sells spyware to governments and other organizations, for infecting and snooping on people's iPhones. In a strongly worded filing [PDF] Apple described NSO as "Amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse." Cupertino wants damages and a ban on NSO interacting or interfering any further with Apple services and products.