Increased Focus on iOS Hacking Leads to Drop in Exploit Prices
Exploit acquisition company Zerodium announced last week that it would no longer be buying certain types of iOS exploits for the next 2-3 months due to surplus. It also announced that prices for iOS exploit chains that require some user interaction and don’t provide persistence will likely drop in the near future. Furthermore, Zerodium’s CEO…
iOS Mail bug allows remote zero-click attacks
On Monday, ZecOps released a report about a couple concerning vulnerabilities with the Mail app in iOS. These vulnerabilities would allow an attacker to execute arbitrary code in the Mail app or the maild process that assists the Mail app behind the scenes. Most concerning, though, is the fact that even the most current version…
High-risk vulnerabilities found in 1/3 of iOS apps, nearly half of Android apps
Expert testing of iOS and Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in mobile apps. Positive Technologies’ yearly report, Vulnerabilities and Threats in Mobile Applications 2019, found that critical vulnerabilities are slightly more common in Android applications, compared to their iOS counterparts (43% vs. 38%)….
Android’s Security Key Now Works with iOS Devices
The capability is enabled by the recently introduced 2-Step Verification (2SV) method that allows users to protect accounts with a security key built into their Android phones. Previously, the technology could be used to verify sign-ins to Google and Google Cloud services on Bluetooth-enabled devices running Chrome OS, macOS, and Windows 10, and can now…
Apple iOS 13 will better protect user privacy, but more could be done
Last week, Apple introduced several new privacy features to its latest mobile operating system, iOS 13. The Internet, predictably, expressed doubt, questioning Apple’s oversized influence, its exclusive pricing model that puts privacy out of reach for anyone who can’t drop hundreds of dollars on a mobile phone, and its continued, near-dictatorial control of the App…
Apple releases security updates, adds new privacy protection for iOS users
Apple has released new versions of its many operating systems and software products, with fixes for a wide variety of vulnerabilities. The iOS update also comes with USB Restricted Mode, a new security feature that will protect users’ iPhones and iPads from being accessed by law enforcement with software cracking tools like GrayKey. iOS USB…
Secure Element — securing contactless payments in smartphones
Modern smartphones have successfully combined the functionality of a phone, camera, music player, public transit pass, and even a wallet for many years now. Naturally, this makes you wonder about the security of the data they store. Let’s figure out how well smartphones protect users’ most valuable information and how their main security mechanism — a…
Apple puts privacy information screens in users’ line of sight
Apple has released the latest round of updates for its various products. They come with the usual security fixes, but also a new feature aimed at informing users about what information Apple-made apps collect about them and how that information is used. The security fixes Apple has plugged a bucketload of vulnerabilities in WebKit, the…
Investors concerned about smartphone addiction; Apple responds with new webpage
Hot on the heels of an open letter from investors urging Apple to do more to protect children from smartphone addiction, the tech giant has recently dedicated a page on their website to families. The “Families” page, which can be accessed at apple.com/families, contains tools parents can use to set restrictions on devices accessible to their kids, manage…
Apple Fixes Indian Character Crash Bug in iOS, macOS
Updates released by Apple on Monday for iOS, macOS, tvOS and watchOS patch a flaw that causes applications to crash when rendering specific strings of Indian characters. Someone noticed recently that displaying a string written in India’s Telugu language (జ్ఞా) caused many apps on iOS and macOS to crash. The list of impacted apps includes…