Tag: Apple

Anonymous User Leaks Apple iBoot Source Code

Anonymous User Leaks Apple iBoot Source Code

Last Thursday, an anonymous user had apparently uploaded the source code for Apple’s secure iOS bootloader on GitHub, prompting the phone manufacturing giant to send a DMCA takedown request to the website.   Some users said that the iBoot had already been leaked 4 months ago and was publicly available on Reddit. Experts say that the two year-old code has not been greatly modified and that large chunks of the code are likely to still be in newer versions. However, other security experts say that it was not as big of an issue since the iBoot is often reverse-engineered during […]

Apple: Child Abuse Behind Telegram’s Ban

Apple: Child Abuse Behind Telegram’s Ban

Apple recently revealed that it had previously banned messaging app Telegram from its Apps Stode because some users were apparently using it to share child abuse pictures. According to App Store manager Phil Schiller, they were able to confirm that illegal content was being shared on the platform, which is why they took down the apps, alerted the developer, and notified the proper authorities, including the NCMEC (National Center for Missing and Exploited Children). Telegram had been restored a couple of hours after the issue had been addressed. The app however, still has a reputation of harboring violent, extremist, and […]

Apple, Cisco Partner with Allianz SE to Offer Cyber Policy Discounts

Apple, Cisco Partner with Allianz SE to Offer Cyber Policy Discounts

Last Monday, Apple Inc., Cisco Systems Inc, Allianz SE, and insurance broker Aon Plc., announced that they will be teaming up to provide discounts on cyber insurance to companies who use hardware from both companies. According to Jason Hogg of Aon Cyber Solutions, the offering will help businesses streamline their cyber security which is often “siloed” due to the separation of roles of each department. Businesses that are able to fortify their cyber security using the product may be able to get more favorable coverage terms such as lower or zero deductibles, and support services in the event of an […]

Apple Restores Telegram in App Store

Apple Restores Telegram in App Store

Apple announced that it has restored popular secure messaging app Telegram in its App Store. Telegram and Telegram X had been removed yesterday when Apple found that inappropriate content was being spread on the messaging platform. Both apps however, were not removed from Play Store. CEO Pavel Durov revealed that around 500,000 users download Telegram everyday on Play Store, and 100,000 for iOS. Telegram, which is touted as a more secure than apps such as WhatsApp, use end-to-end encryption, supports self-destructing messages, and leaves no data on company servers.  Source: ZDNet

US Agencies to Probe iPhone Slowdown Debacle

US Agencies to Probe iPhone Slowdown Debacle

Bloomberg reported last Tuesday that Apple is set to be investigated by the US Department of Justice and the Securities and Exchange Commission as to whether the company had violated securities laws after admitting to slowing down older iPhones to prolong battery life. Around 50 proposed class action suits have already been filed against the phone maker by users who said that the update had significantly degraded the performance of their iPhones, making them think that their devices were already at the end of their life cycle. The consumers have also asked judges to issue orders that would prevent Apple […]

“Text Bomb” Security Flaw Causes iPhones to Crash

“Text Bomb” Security Flaw Causes iPhones to Crash

A security flaw affecting Apple Macs and iPhones was recently discovered by software developer Abraham Masri who posted it on GitHub last Tuesday. The bug, called “chaiOS” causes devices to crash or restart. The chaiOS “text bomb” can be activated simply by sending a link to the device, even without having the user click on it. The bug can also crash the Safari browser and cause slowdowns on a Mac. However, renowned security expert Graham Cluley said that chaiOS is not a major security threat, but rather more of an annoyance to Apple users. Cluley added that it was not […]

New Mac OS X Malware Hijacks DNS Settings

New Mac OS X Malware Hijacks DNS Settings

Security researcher Patrick Wardle recently spotted in the wild a variant of an old Windows DNS hijacker malware targeting Mac OS X systems. The hijacker dubbed MaMi, forcibly changes a user’s DNS entries to 82.163.143.172 and 82.163.142.174. Wardle initially came across the MaMi on Malwarebytes when a user encountered the DNS hijacking issue after installing a nuisanceware called “MyCoupon”. Evidence indicate that the malware is relatively new and unsophisticated. However, it also includes several other functionalities including screenshot capture, file upload and download,  generation of simulated mouse events, arbitrary code execution. The malware is also very persistent and installs a […]

WPA3 to Replace Decades Old WPA2 WiFi Protocol

WPA3 to Replace Decades Old WPA2 WiFi Protocol

Last Monday, the Wi-Fi Alliance announced that its next-generation wireless security protocol WPA3, is ready to replace its decades-old predecessor WPA2. The Alliance, which includes Apple, Microsoft, and Qualcomm as its members, revealed that WPA3 will use individualized data encryption. This is expected to solve a common security problem with open Wi-Fi networks by scrambling the connection between a device and the router. WPA3 will also be able to protect against brute-force dictionary attacks and will block attackers after a number of failed password attempts. It is said that the new protocol could not have come soon enough, since a […]

Apple: All Macs, iPhones, iPads Affected by Spectre and Meltdown

Apple: All Macs, iPhones, iPads Affected by Spectre and Meltdown

Apple recently confirmed that Meltdown and Spectre, the two chip-level security vulnerabilities, also affect all Macs, iPhones, and iPads. Patches for the Meltdown bug has already been released, but it may take a few days before a fix for Spectre is released. However, Apple owners were assured in a blog post that there were no known exploits that can affect customer in the meantime. As the vulnerabilities affect almost any device that use an Intel or ARM processors, Google, Microsoft, and other companies have already released their respective fixes. A security researcher also published a list of online antivirus products. […]

Researcher Publishes macOS Exploit Without Giving Prior Disclosure to Apple

Researcher Publishes macOS Exploit Without Giving Prior Disclosure to Apple

A security researcher who goes by the handle Siguza dropped a macOS vulnerability last December 31 without notifying Apple in advance. The bug is said to affect macOS versions as early as 2002, or may even be earlier. The bug is a local privilege escalation (LPE) flaw that gives root access to an attacker who already has a foothold on the computer. Siguza published his findings on the flaw which affects the IOHIDFamily macOS kernel driver on Github. Siguza said that he would have submitted the bug to Apple had it been included in the bug bounty program, or if […]