Security News

iShutdown scripts can help detect iOS spyware on your iPhone
2024-01-17 18:03

Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices by checking Shutdown. Kaspersky released Python scripts to help automate the process of analyzing the Shutdown.

New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone
2024-01-17 10:22

Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO...

New iPhone Exploit Uses Four Zero-Days
2024-01-04 12:11

Kaspersky researchers are detailing "An attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky." It's a zero-click exploit that makes use of four iPhone zero-days. It uses return/jump oriented programming and multiple stages written in the NSExpression/NSPredicate query language, patching the JavaScriptCore library environment to execute a privilege escalation exploit written in JavaScript.

Kaspersky reveals previously unknown hardware 'feature' exploited in iPhone attacks
2023-12-28 15:50

Kaspersky's Global Research and Analysis Team has exposed a previously unknown 'feature' in Apple iPhones that allows attackers to bypass hardware-based memory protection. Kaspersky reckons the hardware feature might have been intended for testing or debugging.

Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature
2023-12-28 11:19

The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections...

iPhone Triangulation attack abused undocumented hardware feature
2023-12-27 14:14

The Operation Triangulation spyware attacks targeting iPhone devices since 2019 leveraged undocumented features in Apple chips to bypass hardware-based security protections. The discovery and use of obscure hardware features likely reserved for debugging and factory testing to launch spyware attacks against iPhone users suggest that a sophisticated threat actor conducted the campaign.

New iPhone Security Features to Protect Stolen Devices
2023-12-27 12:01

When Stolen Device Protection is turned on, Face ID or Touch ID authentication is required for additional actions, including viewing passwords or passkeys stored in iCloud Keychain, applying for a new Apple Card, turning off Lost Mode, erasing all content and settings, using payment methods saved in Safari, and more. No passcode fallback is available in the event that the user is unable to complete Face ID or Touch ID authentication.

Apple emergency updates fix recent zero-days on older iPhones
2023-12-11 19:28

Apple has issued emergency security updates to backport patches for two actively exploited zero-day flaws to older iPhones and some Apple Watch and Apple TV models. Today, Apple addressed the zero-days in iOS 16.7.3, iPadOS 16.7.3, tvOS 17.2, and watchOS 10.2 with improved input validation and locking.

Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack
2023-12-05 14:58

A new "post-exploitation tampering technique" can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it's actually...

Apple slaps patch on WebKit holes in iPhones and Macs amid fears of active attacks
2023-12-01 21:31

Apple has issued emergency fixes to plug security flaws in iPhones, iPads, and Macs that may already be under attack. iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.