• Latest
  • Trending
How hackers have been exploiting a flaw in iPhones, iPads

How hackers have been exploiting a flaw in iPhones, iPads

9 months ago
NDLEA arrests Brazilian returnee with ‘cocaine concealed in private part’ at Lagos airport

NDLEA arrests Brazilian returnee with ‘cocaine concealed in private part’ at Lagos airport

2 hours ago
Ex-Nigerian diplomat found dead in US

Ex-Nigerian diplomat found dead in US

2 hours ago
Adeitan Atiba ruling house joins race for Alaafin’s stool, presents candidate

Adeitan Atiba ruling house joins race for Alaafin’s stool, presents candidate

3 hours ago
Insecurity:  Makinde approves recruitment of additional 500 Amotekun personnel

Insecurity: Makinde approves recruitment of additional 500 Amotekun personnel

3 hours ago
Borehole: Lagos commissioner’s statement shows government’s failure to provide safe piped water to residents

Borehole: Lagos commissioner’s statement shows government’s failure to provide safe piped water to residents

4 hours ago
How Sunday Igboho paid UK firm for Benin Republic-Germany flight ticket

I’m coming to Nigeria soon- Sunday Igboho

10 hours ago
Expert decries rise in child labour issues, seeks urgent intervention

Expert decries rise in child labour issues, seeks urgent intervention

21 hours ago
INEC: Voter registration will continue beyond June 30

INEC: Voter registration will continue beyond June 30

1 day ago
Akeredolu announces 25-member second term inauguration committee (SEE LIST)

Insecurity: Akeredolu mandates use of CCTV in worship centres, hospitals, schools, hotels others

1 day ago
Tonto Dikeh receives certificate of return as Rivers ADC deputy governorship candidate

Tonto Dikeh receives certificate of return as Rivers ADC deputy governorship candidate

1 day ago
Nottingham Forest sign Taiwo Awoniyi for club-record fee

Nottingham Forest sign Taiwo Awoniyi for club-record fee

1 day ago
Senator: Direct primary was Gbajabiamila’s idea to favour someone

‘Mr Speaker has devoted his life to service of people, Nigeria’- Folarin congratulates Gbajabiamila @60

1 day ago
Why I beat up tout who harassed me-Actor Taiwo Hassan

Why I beat up tout who harassed me-Actor Taiwo Hassan

1 day ago
Alleged organ trafficking: Ekweremadu’s ‘kidney donor’ reportedly resides in Lagos with elder brother

Alleged organ trafficking: Ekweremadu’s ‘kidney donor’ reportedly resides in Lagos with elder brother

1 day ago
‘I may be next ‘senate president’- Yobe senatorial candidate insists he won’t step down for Lawan

Lawan loses out as INEC document confirms Machina winner of Yobe North APC senatorial ticket

2 days ago
Roe v Wade: US Supreme Court overturns abortion rights

Roe v Wade: US Supreme Court overturns abortion rights

2 days ago
Nigeria needs visionary, cerebral leader in 2023- Oyo LG commission boss

Nigeria needs visionary, cerebral leader in 2023- Oyo LG commission boss

2 days ago
ICPC raids property of military contractor in Abuja, recovers N175m, $220,000

ICPC raids property of military contractor in Abuja, recovers N175m, $220,000

2 days ago
  • Contact Us
  • Advertise
Sunday, June 26, 2022
Newspeakonline
  • Home
  • Politics
  • Business
  • Entertainment
  • Technology
  • World
    • Africa
    • Americas
    • Asia
    • Europe
  • Opinion
  • Interview
  • Newspeak ExclusivesNew
No Result
View All Result
  • Home
  • Politics
  • Business
  • Entertainment
  • Technology
  • World
    • Africa
    • Americas
    • Asia
    • Europe
  • Opinion
  • Interview
  • Newspeak ExclusivesNew
No Result
View All Result
Newspeak
UBA
Home Software

How hackers have been exploiting a flaw in iPhones, iPads

Akinwande Soji-Ojo by Akinwande Soji-Ojo
September 14, 2021
in Software, Tech
Reading Time: 3 mins read
259 6
0
How hackers have been exploiting a flaw in iPhones, iPads
Share on FacebookShare on TwitterShare on WhatsAppShare on Telegram

Apple has released security updates for a zero-day vulnerability that affects every iPhone, iPad, Mac and Apple Watch.

RelatedPosts

NCC alerts Nigerians to how hackers now unlock, steal vehicles

iPhone 14 pro models rumoured to feature 48-megapixel camera, 8GB RAM

Sound Sultan’s brother reveals identity of scammer who hacked late singer’s social media accounts

Citizen Lab, which discovered the vulnerability and was credited with the find, urged users to immediately update their devices.

The technology giant said iOS 14.8 for iPhones and iPads, as well as new updates for Apple Watch and macOS, will fix at least one vulnerability that it said “may have been actively exploited.”

FeedWell

Citizen Lab said it has now discovered new artifacts of the ForcedEntry vulnerability, details it first revealed in August as part of an investigation into the use of a zero-day vulnerability that was used to silently hack into iPhones belonging to at least one Bahraini activist.

In August, Citizen Lab said the zero-day flaw — named as such since it gives companies zero days to roll out a fix — took advantage of a flaw in Apple’s iMessage, which was exploited to push the Pegasus spyware, developed by Israeli firm, NSO Group, to the activist’s phone.

Pegasus gives its government customers near-complete access to a target’s device, including their personal data, photos, messages and location.

The breach was significant because the flaws exploited the latest iPhone software at the time, both iOS 14.4 and later iOS 14.6, which Apple released in May. Also, the exploit broke through new iPhone defenses that Apple had baked into iOS 14, dubbed BlastDoor, which were supposed to prevent silent attacks by filtering potentially malicious code. Citizen Lab calls this particular exploit ForcedEntry for its ability to skirt Apple’s BlastDoor protections.

In its latest findings, Citizen Lab said it found evidence of the ForcedEntry exploit on the iPhone of a Saudi activist, running at the time the latest version of iOS. The researchers said the exploit takes advantage of a weakness in how Apple devices render images on the display.

Citizen Lab now says that the same ForcedEntry exploit works on all Apple devices running, until today, the latest software.

Citizen Lab said it reported its findings to Apple on September 7. Apple pushed out the updates for the vulnerability, known officially as CVE-2021-30860.

Citizen Lab further said it attributes the ForcedEntry exploit to NSO Group with high confidence, citing evidence it has seen that it has not previously published.

John Scott-Railton, a researcher at Citizen Lab, told TechCrunch that messaging apps, like iMessage, are increasingly a target of nation states hacking operations and this latest find underlines the challenges in securing them.

In a brief statement, Apple’s head of security engineering and architecture, Ivan Krstić confirmed the fix.

“After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users. We’d like to commend Citizen Lab for successfully completing the very difficult work of obtaining a sample of this exploit so we could develop this fix quickly. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” Krstić said.

(TechCrunch)

What's Your Reaction?

  • LolLol
    0
    Lol
  • OMGOMG
    0
    OMG
  • AngryAngry
    0
    Angry
  • LoveLove
    0
    Love
  • CuteCute
    0
    Cute
  • WinWin
    0
    Win
  • CryCry
    0
    Cry

Related

Tags: HackersipadiPhone
Previous Post

COVID-19: Edo bars unvaccinated civil servants from entering government offices

Next Post

How bandits abducted Emir on Kaduna-Abuja highway, killed police officer

RecentPosts

JUST IN: Oyo deputy governor dumps PDP for APC

JUST IN: Oyo deputy governor dumps PDP for APC

June 5, 2022
Who is Elon Musk?

Elon Musk: Twitter bid won’t proceed without clarity on spam accounts

May 18, 2022
NCC to accelerate robust digital infrastructure for improved financial services

Danbatta applauds Pantami’s appointment as WISIS Chair

May 16, 2022
NCC warns Nigerians against new malware gaining control of smartphones

NCC alerts Nigerians to how hackers now unlock, steal vehicles

May 15, 2022
Elon Musk offers to buy Twitter for $43.4bn

Elon Musk: Why I’m putting deal to buy Twitter on hold

May 13, 2022
U.S vs Iran: Americans living in Nigeria get security alert

Elon Musk: Why I’ll reverse Trump’s permanent Twitter ban

May 11, 2022
WhatsApp rolls out new updates on emoji reaction, group chat, heavy file transfer

WhatsApp rolls out new updates on emoji reaction, group chat, heavy file transfer

May 10, 2022
NCC trains jounalists  on emerging trends, topical regulatory issues in telecoms industry

NCC trains jounalists on emerging trends, topical regulatory issues in telecoms industry

May 6, 2022
Next Post
How bandits abducted Emir on Kaduna-Abuja highway, killed police officer

How bandits abducted Emir on Kaduna-Abuja highway, killed police officer

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Newspeakonline

© 2020 Newspeak & Associates
Optimized by IChannelTech.

Navigate Site

  • Breaking News
  • Business
  • Entertainment
  • Interview
  • Newpeak Magazine
  • Newspeak Exclusives
  • Politics

Follow Us

No Result
View All Result
  • Home
  • Latest News
  • Politics
  • Business
  • Entertainment
  • Technology
  • World
  • Opinion
  • Interview
  • Newspeak Exclusives

© 2020 Newspeak & Associates
Optimized by IChannelTech.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Newspeak We would like to show you notifications for the latest news and updates.
Dismiss
Allow Notifications