Security News

iPhones have been compromised by the NSO Group's Pegasus spyware. The findings indicated that the Pegasus spyware program sold by surveillance company NSO Group was able to infect iPhone 11 and iPhone 12 models through zero-click attacks in the iOS iMessage app.

The original DoS issue is a string-format bug discovered by researcher Carl Schou, who found that connecting to an access point with the SSID "%p%s%s%s%s%n" would disable a device's Wi-Fi. String-format problems occur when operating systems mistakenly read certain characters as commands: In this case, the "%" combined with various letters. "My iPhone permanently disabled it's [sic] Wi-Fi functionality," Schou wrote in his writeup, in June.

Security researchers investigating a bug that crashed the Wifi service on iPhones found that it could be exploited for remote code execution without user interaction. When initially disclosed, the bug could disable an iPhone's WiFi connection after trying to connect to a network with a name that included a special character.

" We explain how a format string bug could lock your iPhone out of your own network. We revisit the PrintNightmare saga, which is sort-of fixed but not really.

Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple's latest iOS release, hacked using zero-day zero-click iMessage exploits. Citizen Lab was able to independently observe NSO Pegasus spyware deployed on an iPhone 12 Pro Max running iOS 14.6, hacked via a zero-day zero-click iMessage exploit, which does not require interaction from the target.

Schou set up a Wi-Fi access point with a network name of %p%s%s%s%s%n, and then deliberately connected his iPhone to it in order to check for what are known as format string vulnerabilities. The name format string vulnerability comes from a standard, widely-used system function, found in almost every operating system, known as printf(), shorthand for format and print data.

Joining a Wi-Fi network with a specific sequence of characters in its SSID name will break wireless connectivity for iOS devices. On Friday, Carl Schou, a security researcher in Denmark, reported that his iPhone lost its Wi-Fi capability after attempting to connect to a Wi-Fi network named "%p%s%s%s%s%n".

FUD is spreading about a weirdly named personal network that a reverse engineer stumbled across and which he said "Permanently" wrecked his iPhone's Wi-Fi. TL;DR version: The twitching inflicted on his iPhone, which he demonstrated in the 4-second Tweet below, wasn't permanent. As replies to the initial post pointed out, an iPhone's Wi-Fi can be restored by resetting network settings.

A wireless network naming bug has been discovered in Apple's iOS operating system that effectively disables an iPhone's ability to connect to a Wi-Fi network. The issue was spotted by security researcher Carl Schou, who found that the phone's Wi-Fi functionality gets permanently disabled after joining a Wi-Fi network with the unusual name "%p%s%s%s%s%n" even after rebooting the phone or changing the network's name.

A new iPhone bug has come to light that breaks your iPhone's wireless functionality by merely connecting to a specific WiFi hotspot. Once triggered, the bug would render your iPhone unable to establish a WiFi connection, even if it is rebooted or the WiFi hotspot is renamed.