Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic operations. Notably, it is practically impossible to patch the flaw as it stems from the microarchitecture of the processor. Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys Researchers have discovered… Continue reading GoFetch Vulnerability in Apple Silicon Uncovered
Tag: Apple
New iOS Vulnerability Allows “Triangulation” Attack
New iOS vulnerability allows executing a zero-click malware delivery through the built-in iMessage messenger. The breach was discovered by Kaspersky analytics team, and appears to touch almost every user of Apple smartphones. Experts dubbed the malware “Triangulation”. iOS Exploit Allows Zero-Click Infection Probably, the worst case scenario for any target of cyberattack is the infection… Continue reading New iOS Vulnerability Allows “Triangulation” Attack
Cryptocurrency Scam “Pig Butchering” Penetrated the Apple App Store and Google Play Store
The Pig Butchering scam, a scam operation that specializes in fake investments in allegedly promising cryptocurrency projects, stocks, bonds, futures and options, was found in the Apple and Google app stores. Such attacks are called “pig slaughter”, and scammers use social engineering against their victims (“pigs”), finding contact with them on social networks and dating… Continue reading Cryptocurrency Scam “Pig Butchering” Penetrated the Apple App Store and Google Play Store
Apple ID Scams: Identify and Prevent Apple Phishing Email
Apple users are believed to be protected from all sorts of fraud and hacking. That’s because Apple designs its technologies with all required privacy and security requirements. But alas, fraudsters have come up with methods of penetration into users’ personal space and know how to make them give their data. This article will tell you… Continue reading Apple ID Scams: Identify and Prevent Apple Phishing Email
iOS VPN Bug Prevents Encryption of Traffic for Years, Researchers Say
A few years ago, engineers at Proton Technologies, the company behind ProtonMail and ProtonVPN, talked about a bug in iOS 13.3.1 that prevents VPN apps from encryption of all traffic. As information security experts now report, the problem has not yet been fixed. Let me remind you that we also wrote that Vulnerability in WebKit… Continue reading iOS VPN Bug Prevents Encryption of Traffic for Years, Researchers Say
Microsoft Releases PoC Exploit to Escape MacOS Sandbox
Microsoft has detailed a recently patched vulnerability affecting Apple operating systems and published a PoC exploit to escape the macOS sandbox. If successfully exploited, this bug allows to leavei the sandbox, elevate privileges on the device and deploy malware. Let me remind you that they also wrote that Vulnerability in macOS Leads to Data Leakage,… Continue reading Microsoft Releases PoC Exploit to Escape MacOS Sandbox
Privacy Access Tokens to Replace CAPTCHA Real Soon
CAPTCHA, a well-known test for website visitors to prove they are humans, not robots, rapidly grows obsolete. There are ways to break or bypass CAPTCHA, and there are obvious inconveniences these tests bring to clients when deployed on websites. Luckily, the progress won’t cease, and the replacement is coming. We’re talking about Privacy Pass –… Continue reading Privacy Access Tokens to Replace CAPTCHA Real Soon
Apple paid $100,000 for macOS camera and microphone hack
Information security researcher Ryan Pickren told how he received a large reward from Apple for hacking the camera and microphone in macOS. He also discovered vulnerabilities in Safari and macOS that could be used to hack into a user’s online accounts. Back in 2020, Ryan Pickren received a $75,000 bug bounty from Apple because he… Continue reading Apple paid $100,000 for macOS camera and microphone hack
Vulnerability in macOS Leads to Data Leakage
Microsoft said that attackers could use a macOS vulnerability to bypass Transparency, Consent, and Control (TCC) technology and gain access to protected user data. Back in the summer of 2021, a research group informed Apple developers about a vulnerability dubbed powerdir (CVE-2021-30970). The bug is related to the TCC technology, which is designed to block… Continue reading Vulnerability in macOS Leads to Data Leakage
Spy method NoReboot allows simulating iPhone shutdown and prying through the camera
The NoReboot spy method allows intercepting the iPhone restart and shutdown process and prevent them from ever happening. ZecOps has developed a new method to simulate restarting or shutting down the iPhone and thereby prevent the removal of malware from it, with which hackers can secretly track the victim through the microphone and phone camera.… Continue reading Spy method NoReboot allows simulating iPhone shutdown and prying through the camera