Security News

Details tied to a stunning iPhone vulnerability were disclosed by noted Google Project Zero researcher Ian Beer. Until now, were known about the bug that could have allowed a threat actor to completely take over any iPhone within a nearby vicinity.

Google Project Zero has disclosed the details of an iOS exploit that allows an attacker to hack iPhones remotely over Wi-Fi and steal sensitive data, without any user interaction. According to Beer, the exploit leverages a single memory corruption vulnerability that can be used against an iPhone 11 Pro device to bypass mitigations and achieve native code execution and kernel memory reading and writing.

Google Project Zero white-hat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "Wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to "View all the photos, read all the email, copy all the private messages and monitor everything which happens on [the device] in real-time," said Beer in a lengthy blog post detailing his six-month-long efforts into building a proof-of-concept single-handedly. "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory," the iPhone maker noted in its advisory, adding the "Memory corruption issue was addressed with improved input validation."

If you migrated to a different iPhone or Android device and need to transfer Google Authenticator to the new hardware, follow these steps.

European privacy activists have filed complaints against Apple over its use of software to track the behavior of iPhone users. NOYB says the iOS operating system creates unique codes for each iPhone that allow Apple and other third parties to "Identify users across applications and even connect online and mobile behaviour."

Learn how to use Apple's Privacy Report in Safari so you can see which websites attempted to track you on your iPhone or iPad. Cross-site trackers operate by tracking you as you surf from one website to another. By default, the mobile version of Safari on your iPhone and iPad tries to prevent cross-site trackers from following you.

A mobile phishing campaign is spreading via text messages purporting to come from an Apple chatbot - and offering "Free trials" of iPhone 12. Clicking the link triggers an interaction - via multiple texts - with a supposed "Apple chatbot."

Apple has updated its iOS and iPadOS operating systems, which addressed a wide range of flaws in its iPhone, iPad and iPod devices. In total, Apple addressed 11 bugs in products and components, including AppleAVD, Apple Keyboard, WebKit and Siri.

The iOS 14, iPadOS 14, and tvOS 14 anti-tracking feature is on hold until early 2021 to give developers time to make the necessary changes, according to Apple. Apple released iOS 14 without a new anti-tracking feature.

If you migrated to a different iPhone or Android device and need to transfer Google Authenticator to the new hardware, follow these steps. If you have not enabled two-step authentication, your Google account is at a much higher risk of being hacked; if you have enabled the service, you're familiar with Google Authenticator.