Security News

Facebook's threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world. The hacking group, known to malware hunters as Evil Eye, has used Facebook to plant links to watering hole websites rigged with exploits for the two major mobile platforms.

In theory, many exploitable IDOR bugs can be found purely analytically, by reverse engineering the suspect app, without ever actually creating a fake account and running the app itself. There's no need to spend days analysing an app statically in a decompiler if you can deduce its bugs directly from its own behaviour - you simply give the app a chance to cook its own cybersecurity goose while you take notes.

An iOS call recording app patched a security vulnerability that gave anyone access to the conversations of thousands of users by simply providing the correct phone numbers. The application's name is "Automatic call recorder" or "Acr call recorder" and has thousands of user reviews in App Store amounting to a rating above 4 stars; it has also been listed among the top call recording apps for iPhone.

Jailbreaking most commonly refers to a very specific sort of unlocking tool: one that can release your iPhone or iPad from Apple's notoriously strict walled garden. Jailbreaking, as we have said before, can be a risky business, because in the process of jailbreaking you're actively and deliberately exploiting a security vulnerability that wasn't supposed to the there in the first place.

A popular jailbreaking tool called "Unc0ver" has been updated to support iOS 14.3 and earlier releases, thereby making it possible to unlock almost every single iPhone model using a vulnerability that Apple in January disclosed was actively exploited in the wild. The latest release, dubbed unc0ver v6.0.0, was released on Sunday, according to its lead developer Pwn20wnd, expanding its compatibility to jailbreak any device running iOS 11.0 through iOS 14.3 using a kernel vulnerability, including iOS 12.4.9-12.5.1, 13.5.1-13.7, and 14.0-14.3.

The jailbreak-which UnC0ver said works on iOS versions 11.0 to 14.3-exploits the kernel vulnerability CVE-2021-1782, one of three iOS flaws for which Apple released an emergency update, iOS 14.4, last month. Anyone with a device running 14.3 or earlier version of iOS can use the tool to hack into their iPhone, according to UnC0ver.

Digital ad company Confiant, which claims to "Improve the digital marketing experience" for online advertisers by knowing about and getting rid of malicious and unwanted ads, has just published an analysis of a malvertising group it calls ScamClub. According to Confiant, the ScamClub crew took things to an even more aggressive level by actively targeting a bug in Apple's WebKit browser engine, the compulsory software core that every browser on your iPhone, including Safari, is required to use.

Apple has quietly added several anti-exploit mitigations into its flagship mobile operating system in what appears to be a specific response to zero-click iMessage attacks observed in the wild. The new mitigations were discovered by Samuel Groß, a Google Project Zero security researcher who specializes in remote iPhone exploitation and zero-click attacks against mobile messaging systems.

Apple says it will roll out a new privacy control in the spring to prevent iPhone apps from secretly shadowing people. Although Apple didn't provide a specific date, the general timetable disclosed Thursday means a long-awaited feature known as App Tracking Transparency will be part of an iPhone software update likely to arrive in late March or some point in April.

Apple, rather unusually in today's cybersecurity world, rarely announces that security fixes are on the way. Apple doesn't disclose, discuss or confirm security issues until an investigation has occurred and patches or releases are generally available.