iOS – Page 17 – PossibleThreat Articles

Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks

August 21, 2019 0 Comments Apple, Awareness, blackberry, bluetooth, Cisco, CVE-2019-9506, iOS, Key Negotiation of Bluetooth, KNOB attack, MacOS, man-in-the-middle attack, Microsoft, MITM, ret hat, watchOS, Windows

Credit to Author: Jovi Umawing| Date: Wed, 21 Aug 2019 15:56:45 +0000

Researchers called it KNOB, a clever attack against the firmware of a Bluetooth chip that can allow hackers to successfully hijack paired devices and steal their sensitive data. Are users at risk?

Categories:

Awareness

Tags: Apple blackberry bluetooth Cisco CVE-2019-9506 iOS Key Negotiation of Bluetooth KNOB attack macOS man-in-the-middle attack microsoft mitm ret hat watchos windows

Security Sophos

Apple iOS update ends in jailbroken iPhones (if that’s what you want)

August 20, 2019 0 Comments Apple, iOS, iPhone, jailbreak, sockpuppet, unc0ver, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 20 Aug 2019 15:55:20 +0000

Programmers call it “regresssion” – when fixing a new bug unfixes an old one – and it’s a jailbreakers dream!<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/MWaHZOUkY_4″ height=”1″ width=”1″ alt=””/>

MalwareBytes Security

Data and device security for domestic abuse survivors

August 13, 2019 0 Comments 2fa, Android, App Store, cloud storage, data security, device security, domestic abuse, domestic abuse survivor, domestic violence, encryption, end-to-end encryption, Google Play, Google Play Store, imessage, iOS, national domestic violence hotline, National Network to End Domestic Violence, passcode, Privacy, secure messaging, Security, signal, spyware, Stalkerware, two-factor authentication, whatsapp, wire

Credit to Author: David Ruiz| Date: Tue, 13 Aug 2019 16:33:22 +0000

Many domestic abuse survivors need help before stalkerware strikes. Here, we give basic advice on device security and protecting sensitive data.

Categories:

Privacy

Tags: 2fa Android App Store cloud storage data security device security domestic abuse domestic abuse survivor domestic violence encryption end-to-end encryption Google Play Google Play Store iMessage iOS national domestic violence hotline National Network to End Domestic Violence passcode secure messaging security signal spyware stalkerware two-factor authentication whatsapp wire

Security Sophos

Apple will hand out unlocked iPhones to vetted researchers

August 12, 2019 0 Comments Apple, Black Hat, bounties, dev-fused iPhone, ethical hackers, hackerone, iOS, iOS Security Research Device Program, iPhones, jailbroken, MacOS, Mobile, Operating Systems, security threats, vulnerability

Credit to Author: Lisa Vaas| Date: Mon, 12 Aug 2019 11:44:22 +0000

It formalizes the reality: “pre-jailbroken” iPhones were already on the black market.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/SFMBPoyjIsk” height=”1″ width=”1″ alt=””/>

ComputerWorld Independent

Apple announces a new iPhone (and you can’t have it)

August 9, 2019 0 Comments Apple, iOS, Macs, Mobile, Security

Credit to Author: Jonny Evans| Date: Fri, 09 Aug 2019 06:55:00 -0700

Apple has announced a new iPhone for 2020, but it will only be made available to a select group of security researchers – along with huge bounties to anyone informing the company of a new OS vulnerability.

Probably the world’s most exclusive iPhone

Ivan Krstić, Apple’s head of security engineering provided big insights into Apple’s platform security during his presentation at Black Hat U.S. 2019.

To read this article in full, please click here

ComputerWorld Independent

Many VPN apps on Apple’s App store can’t be trusted, researcher warns

August 8, 2019 0 Comments Apple, iOS, Mobile, Security

Credit to Author: Jonny Evans| Date: Thu, 08 Aug 2019 05:50:00 -0700

I’m told Apple is at last looking into the privacy and security of free VPN apps made available across its platforms, following a report from researcher, Simon Migliano.

Who owns your VPN service?

The researcher has flagged up several concerns that really should be recognized by anyone choosing a VPN service from both the Apple and Google App Stores:

Ownership: Migliano claims that almost 60 percent of the most popular VPN apps are actually owned (sometimes opaquely) by Chinese companies.
Privacy: The researcher also found that as many as 77% of these VPN apps may have what he calls “serious privacy flaws”,including no privacy policy at all, generic policies with no mention of VPN or no detailed logging policy.
Data protection: Migliano claims Apple is not enforcing its third-party data-sharing ban against VPN apps, with 80 percent of the top free VPN apps “in breach of the rules”, he said. Many are sharing data with third parties, he claims.

That last allegation is particularly concerning.

To read this article in full, please click here

ComputerWorld Independent

Apple suspends Siri snooping (and promises more control for the rest of us)

August 2, 2019 0 Comments Apple, iOS, Mobile, Security

Credit to Author: Jonny Evans| Date: Fri, 02 Aug 2019 04:27:00 -0700

Apple has once again proved that it listens to valid criticism with the immediate global suspension of the Siri listening program that attracted so much controversy.

When it comes to privacy, Siri listens

At issue was quality control.

A small number of conversational snippets were shared with third party human contractors for quality control purposes.

To read this article in full, please click here

Security Sophos

iMessage bug could have allowed attackers to read data from any iPhone

July 31, 2019 0 Comments Apple, Apple patch, Google, imessage, iOS, iPad, iPhone, iPods, Mobile, Natalie Silvanovich, Operating Systems, Project Zero

Credit to Author: Danny Bradbury| Date: Wed, 31 Jul 2019 13:44:07 +0000

Google’s Project Zero has unveiled details of a bug in Apple’s iMessage that lets attackers read data from an iPhone without any user interaction.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/lRgoEr1lXx4″ height=”1″ width=”1″ alt=””/>

Security Sophos

Apple’s July patchfest fixes bugs in multiple products

July 24, 2019 0 Comments Apple, Apple patch, High Sierra, iOS, MacOS, Operating Systems, OS X, security threats, Sierra, tvOS, vulnerability, watchOS

Credit to Author: Danny Bradbury| Date: Wed, 24 Jul 2019 10:33:27 +0000

Apple released fixes for various products this week, including one for a bug that has been public with proof-of-concept code for two months.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/DMw-BH1iNW0″ height=”1″ width=”1″ alt=””/>

Probably the world’s most exclusive iPhone

Who owns your VPN service?

When it comes to privacy, Siri listens

These are bad optics