ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability

By: Mohit Kumar

Your Mac computer running the Apple’s latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday.

Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS operating system that could allow a malicious application installed in the targeted system to virtually “click” objects without any user interaction or consent.

To know, how dangerous it can go, Wardle explains: “Via a single click, countless security mechanisms may be completely bypassed. Run untrusted app? Click…allowed. Authorize keychain access? Click…allowed. Load 3rd-party kernel extension? Click…allowed. Authorize outgoing network connection? click …allowed.”

Wardle described his research into “synthetic” interactions with a user interface (UI) as “The Mouse is Mightier than the Sword,” showcasing an attack that’s capable of ‘synthetic clicks’—programmatic and invisible mouse clicks that are generated by a software program rather than a human.

macOS code itself offers synthetic clicks as an accessibility feature for disabled people to interact with the system interface in non-traditional ways, but Apple has put some limitations to block malware from abusing these programmed clicks.

More: https://thehackernews.com/2018/08/macos-mouse-click-hack.html

Hackers Used Malicious MDM Solution to Spy On ‘Highly Targeted’ iPhone Users

By: Swati Khandelwal


Security researchers have uncovered a “highly targeted” mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India.

The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control and enforce policies on devices being used their employees—to contol and deploy malicious applications remotely.

To enroll an iOS device into the MDM requires a user to manually install enterprise development certificate, which enterprises obtained through the Apple Developer Enterprise Program.

Companies can deliver MDM configuration file through email or a webpage for over-the-air enrollment service using Apple Configurator.

Once a user installs it, the service allows the company administrators to remotely control the device, install/remove apps, install/revoke certificates, lock the device, change password requirements, etc.

“MDM uses the Apple Push Notification Service (APNS) to deliver a wake-up message to a managed device. The device then connects to a predetermined web service to retrieve commands and return results,” Apple explains about MDM.

Since each step of the enrollment process requires user interaction, such as installing a certificate authority on the iPhone, it is not yet clear how attackers managed to enroll 13 targeted iPhones into their MDM service.

However, researchers at Cisco’s Talos threat intelligence unit, who discovered the campaign, believe that the attackers likely used either a social engineering mechanism, like a fake tech support-style call, or physical access to the targeted devices.

More: https://thehackernews.com/2018/07/mobile-device-management-hacking.html?m=1

Former Apple employee charged with stealing company trade secrets

By: Rick Hurd

SAN JOSE —A former Apple employee has been charged in federal court with stealing trade secrets from the company, authorities said.

The charges against Xiaolang Zhang were filed Monday in the U.S. District Court of Northern California and allege that Zhang, a hardware engineer for Apple, planned to take some of the company’s secrets with him when he took a job with another company.

Federal agents arrested Zhang on Saturday, as he tried to go through security at Mineta San Jose International Airport, authorities said. He had purchased a last-second round-trip ticket to Beijing, China, with a final destination of Hangzhou, China aboard Hainan Airlines, authorities said.

“Apple takes confidentiality and the protection of our intellectual property very seriously,” Apple spokesman Tom Neumayr said in an email. “We’re working with authorities on this matter and will do everything possible to make sure this individual and other individuals involved are held accountable for their actions.”

Zhang, who now claims to be working for XMotors in Mountain View, came to Apple in December 2015 to work as a hardware engineer on a team trying to develop autonomous cars, authorities said. Apple has kept that research and development a closely guarded secret, and authorities said Zhang was granted broad access to confidential internal databases.

According to the criminal complaint, Zhang went on paternity leave in April this year after the birth of his child and informed Apple upon his return that he’d be leaving the company to return to China because his mother was ill. He also told his supervisor that he’d be going to work for XMotors, a Chinese startup company focused on electric automobiles and driverless vehicle technology.

When Zhang turned in his two company-issued iPhones and his laptop, Apple’s tech security team reviewed the history on his devices and found that his download activity increased dramatically and included information from confidential files, authorities said. Zhang generated 581 rows of user activity on April 28 alone; in the previous month, authorities said, he generated 610 rows.

Authorities said Zhang also admitted that he “air-dropped” information from his devices onto his wife’s personal laptop.

More: https://www-mercurynews-com.

Apple pushes back on hacker’s iPhone passcode bypass report

By: Zack Whittaker

Bangkok, Thailand – December 12, 2015 : Apple iPhone5s held in one hand showing its screen with numpad for entering the passcode.

The researcher later found that passcodes he tested weren’t always counted.

A security researcher’s demonstration that purportedly bypassed a passcode on up-to-date iPhones and iPads has been pushed back by Apple.

Matthew Hickey, a security researcher and co-founder of cybersecurity firm Hacker House, tweeted Friday about a potential way to bypass security limits, allowing him to enter as many passcodes as he wants — even on the latest version of iOS 11.3.

Beyond ten wrong passcodes, the device can be set to erase its contents.

Hickey said he found a way around that. He explained that when an iPhone or iPad is plugged in and a would-be-hacker sends keyboard inputs, it triggers an interrupt request, which takes priority over anything else on the device.

“Instead of sending passcode one at a time and waiting, send them all in one go,” he said.

“If you send your brute-force attack in one long string of inputs, it’ll process all of them, and bypass the erase data feature,” he explained.

Despite several requests for comment, Apple spokesperson Michele Wyman said Saturday: “The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing.”

Apple did not say why it disputed Hickey’s findings, which he reported to the company Friday, before tweeting.

We reported Friday on Hickey’s findings, which claimed to be able to send all combinations of a user’s possible passcode in one go, by enumerating each code from 0000 to 9999, and concatenating the results in one string with no spaces. He explained that because this doesn’t give the software any breaks, the keyboard input routine takes priority over the device’s data-erasing feature.

But Hickey tweeted later, saying that not all tested passcodes are sent to a the device’s secure enclave, which protects the device from brute-force attacks.

Empresa lança smartphone próprio para armazenar criptomoeda

By: Reuters


SÃO PAULO (Reuters) – A empresa de segurança Sikur revelou nesta segunda-feira um telefone celular dedicado para armazenar criptomoedas, em meio à crescente demanda de investidores por proteção contra crimes cibernéticos no volátil mercado de moedas virtuais de cerca de 450 bilhões de dólares.

O produto, lançado durante uma feira de telecomunicações de Barcelona, o Sikurphone foi lançado com preço de 799 dólares durante a fase de pré-vendas, afirmou a companhia em nota.

A Sikur desenvolve sistemas de criptografia que podem ser instalados em aparelhos iOS, da Apple, ou Android, do Google, assim como em tablets e PCs.

Há três anos, a empresa já havia lançado um celular com criptografia, o Granitephone, que faz comunicações por vídeo, voz, mensagens, chats e compartilhamento de documentos, usando o sistema operacional Android.

Mais: https://br.reuters.com/article/internetNews/idBRKCN1GA2YZ-OBRIN

¡Bienvenidos, ‘hackers’! Filtran en internet una parte crítica del código fuente de iOS

By: sikur


By G.C.

February 8, 2018

Llevaba moviéndose por la red desde hace tiempo (la primera noticia al respecto la dio un usuario de Reddit hace 4 meses), pero no ha sido hasta este jueves cuando hemos conocido todos detalles técnicos del problema. Desde hoy sabemos que una parte fundamental del código fuente de iOS se ha filtrado en internet y ya hay cientos de expertos que avisan del enorme riesgo que eso supone para los clientes de Apple.

 Según publica el medio estadounidense especializado en ciberseguridad MotherBoard, uno de los primeros en descubrir el pastel, estamos ante “la mayor filtración de la historia” del sistema de Apple y una gran puerta abierta para los hackers que quieran encontrar vulnerabilidades en el sistema y lanzar ataques. El código es uno de los elementos más protegidos por la compañía de Cupertino y ahora está abierto para que cualquiera pueda estudiarlo sin problemas.
¿Cómo ha llegado todo esto a la red? Según Motherboard, el código habría sido publicado por un usuario anónimo a través de la plataforma para programadores GitHub y correspondería concretamente a una parte conocida como ‘iBoot’ que se encarga, nada más y nada menos, de la seguridad en el arranque del sistema operativo. En otras palabras, es el programa que carga iOS, el primer proceso que se ejecuta cuando enciendes tu iPhone. Enciende y verifica que el kernel está debidamente firmado por Apple y luego lo ejecuta; es como el BIOS del iPhone.
Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Apple says all iOS devices, Macs affected by processor flaws

By: sikur



Those major chip security flawsdetailed Wednesday, impact all Macs and iOSdevices. But Apple said downloading its latest software updates fixes one of the vulnerabilities.

Apple on Thursday said all of its computers, iPhones and iPads are affected by the two newly discovered flaws, dubbed Meltdown and Spectre. It said at that time that the Apple Watch isn’t impacted by Meltdown, and on Friday added that the smartwatch isn’t affected by Spectre, either. Apple TVs, meanwhile, are affected.

The company didn’t immediately give additional information about which Apple TVmodels are impacted.

Apple said, though, that “there are no known exploits impacting customers at this time” and that for a hacker to exploit the flaws, there would also have to be a malicious app loaded on a Mac or iOS device. Apple recommended only downloading software from trusted locations like its App Store to avoid software with malware.

Apple said iOS 11.2, MacOS 10.13.2 and TVOS 11.2 already defend against the Meltdown flaw. It plans to release fixes for its Safari browser over the coming days to help defend against the Spectre flaw.

“We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, MacOS, tvOS and watchOS,” Apple said on a support page.


Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist


By: sikur


Author Jonathan Cannon
29 September, 2017

An alarming number of Macs remain vulnerable to stealthy firmware hacks

But part of the firmware security gap could be the fault of BOFHs rather than Apple. That is a scary thought, considering that attacks at the firmware level are especially nasty-not only are they hard to detect, they run a deep level and can persist even when nuking the storage device and clean installing the OS.

Mac systems have used EFI since 2006 but an analysis by Duo Labs, the research arm of Duo Security, of more than 73,000 Mac systems finds that in many cases the EFI is not receiving security updates, leaving users vulnerable to attacks. Malicious code that is able to hide in firmware is hard to detect, compared to malware that might exist in the OS.

The researchers said the security support provided for EFI firmware depends on the hardware model of Mac. “Some Macs have received regular EFI updates, some have only been updated after particular vulnerabilities have been discovered, others have never seen an update to their EFI”.

The EFI firmware of a computer is responsible for booting and controlling the functions of hardware devices and systems, helping the machine get from powering up to booting the operating system. Since then, Apple has been pretty good about including EFI (extensible firmware interface) updates with its macOS security and software updates, though new evidence suggests it is not almost enough. This can leave these systems software secure but firmware vulnerable.

MORE: http://appsforpcdaily.com/2017/09/many-macs-vulnerable-to-firmware-attacks-despite-os-and/


Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist