• Latest
  • Trending
How hackers have been exploiting a flaw in iPhones, iPads

How hackers have been exploiting a flaw in iPhones, iPads

1 year ago
EFCC arraigns Kogi governor’s wife, nephew over alleged N3bn fraud

EFCC arraigns Kogi governor’s wife, nephew over alleged N3bn fraud

5 hours ago
Oke Ogun Group calls for calm over fuel, naira scarcity

Oke Ogun Group calls for calm over fuel, naira scarcity

6 hours ago
Atiku denies hiring foreign lobbying firm to unseat Buhari, slams APC

How Atiku will become president- Dele Momodu

9 hours ago
NFIU: No going back on cash withdrawal limit

IMF to CBN: Extend deadline for naira swap policy

9 hours ago
Tinubu hails governors over Supeme Court ruling on naira swap policy

Tinubu hails governors over Supeme Court ruling on naira swap policy

9 hours ago
PERFORMANCE TRACK: Hon Akin Alabi provides quality seedlings to 100 farmers

PERFORMANCE TRACK: Hon Akin Alabi provides quality seedlings to 100 farmers

12 hours ago
NFIU: No going back on cash withdrawal limit

JUST IN: Supreme Court stops FG from enforcing old naira notes deadline

13 hours ago
INEC directs Ondo, Edo offices to reopen over governorship elections

Naira scarcity may disrupt general elections, INEC warns CBN, NSA

16 hours ago
Wike: Why I won’t campaign for Atiku in 2023

Wike backtracks, approves stadium for Atiku’s rally

16 hours ago
APC chieftain: Forces outside our party want to install Emefiele, Lawan as Buhari’s successor

APC chieftain: Forces outside our party want to install Emefiele, Lawan as Buhari’s successor

1 day ago
NCC vice chairman: Telecoms policies increasing digital access, media, knowledge production

Stakeholders hail NCC as AfricaNXT 2023 commences

1 day ago
Protesters attack banks in Ogun amid lingering cash scarcity

Protesters attack banks in Ogun amid lingering cash scarcity

1 day ago
Why Tinubu is not granting live interviews- Keyamo

‘Avoid act capable of causing civil unrest’-Tinubu appeals for calm over fuel, naira scarcity

1 day ago
Fuel/naira scarcity: Protesters block Benin-Ore highway, defy Ondo CP’s warning

Fuel/naira scarcity: Protesters block Benin-Ore highway, defy Ondo CP’s warning

1 day ago
We’re first state to introduce health insurance for retirees- OYSHIA boss

We’re first state to introduce health insurance for retirees- OYSHIA boss

1 day ago
UPDATED: Faces @Newspeak 10th anniversary award ceremony

UPDATED: Faces @Newspeak 10th anniversary award ceremony

1 day ago
For a ‘Bloodless Revolution’ in NIGERIA, By Femi Idowu

For a ‘Bloodless Revolution’ in NIGERIA, By Femi Idowu

2 days ago
PDP Senator: Why I’ll keep supporting Tinubu

PDP Senator: Why I’ll keep supporting Tinubu

2 days ago
  • Contact Us
  • Advertise
Thursday, February 9, 2023
Newspeakonline
  • Home
  • Politics
  • Business
  • Entertainment
  • Technology
  • World
    • Africa
    • Americas
    • Asia
    • Europe
  • Opinion
  • Interview
  • Newspeak ExclusivesNew
No Result
View All Result
  • Home
  • Politics
  • Business
  • Entertainment
  • Technology
  • World
    • Africa
    • Americas
    • Asia
    • Europe
  • Opinion
  • Interview
  • Newspeak ExclusivesNew
No Result
View All Result
Newspeak
UBA
Home Software

How hackers have been exploiting a flaw in iPhones, iPads

Akinwande Soji-Ojo by Akinwande Soji-Ojo
September 14, 2021
in Software, Tech
Reading Time: 3 mins read
260 5
0
How hackers have been exploiting a flaw in iPhones, iPads
Share on FacebookShare on TwitterShare on WhatsAppShare on Telegram

Apple has released security updates for a zero-day vulnerability that affects every iPhone, iPad, Mac and Apple Watch.

RelatedPosts

Hackers using invisible trending TikTok challenge to steal information – NCC

Premium Times regains Twitter account after hack

Premium Times Twitter account hacked

Citizen Lab, which discovered the vulnerability and was credited with the find, urged users to immediately update their devices.

The technology giant said iOS 14.8 for iPhones and iPads, as well as new updates for Apple Watch and macOS, will fix at least one vulnerability that it said “may have been actively exploited.”

Citizen Lab said it has now discovered new artifacts of the ForcedEntry vulnerability, details it first revealed in August as part of an investigation into the use of a zero-day vulnerability that was used to silently hack into iPhones belonging to at least one Bahraini activist.

In August, Citizen Lab said the zero-day flaw — named as such since it gives companies zero days to roll out a fix — took advantage of a flaw in Apple’s iMessage, which was exploited to push the Pegasus spyware, developed by Israeli firm, NSO Group, to the activist’s phone.

Pegasus gives its government customers near-complete access to a target’s device, including their personal data, photos, messages and location.

The breach was significant because the flaws exploited the latest iPhone software at the time, both iOS 14.4 and later iOS 14.6, which Apple released in May. Also, the exploit broke through new iPhone defenses that Apple had baked into iOS 14, dubbed BlastDoor, which were supposed to prevent silent attacks by filtering potentially malicious code. Citizen Lab calls this particular exploit ForcedEntry for its ability to skirt Apple’s BlastDoor protections.

In its latest findings, Citizen Lab said it found evidence of the ForcedEntry exploit on the iPhone of a Saudi activist, running at the time the latest version of iOS. The researchers said the exploit takes advantage of a weakness in how Apple devices render images on the display.

Citizen Lab now says that the same ForcedEntry exploit works on all Apple devices running, until today, the latest software.

Citizen Lab said it reported its findings to Apple on September 7. Apple pushed out the updates for the vulnerability, known officially as CVE-2021-30860.

Citizen Lab further said it attributes the ForcedEntry exploit to NSO Group with high confidence, citing evidence it has seen that it has not previously published.

John Scott-Railton, a researcher at Citizen Lab, told TechCrunch that messaging apps, like iMessage, are increasingly a target of nation states hacking operations and this latest find underlines the challenges in securing them.

In a brief statement, Apple’s head of security engineering and architecture, Ivan Krstić confirmed the fix.

“After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users. We’d like to commend Citizen Lab for successfully completing the very difficult work of obtaining a sample of this exploit so we could develop this fix quickly. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” Krstić said.

(TechCrunch)

Related

What’s your Reaction?
Like
Like
0
Dislike
Dislike
0
Laugh
Laugh
0
Angry
Angry
0
Sad
Sad
0
Accurate
Accurate
0
0 Shares
Facebook Twitter WhatsApp Linkedin Messenger
×

Share this post!

Facebook Twitter WhatsApp Linkedin Messenger Telegram Tumblr
Tags: HackersipadiPhone

Recent Posts

Telegram auctions usernames for Nigerian govt, agencies, businesses, celebrities

Telegram auctions usernames for Nigerian govt, agencies, businesses, celebrities

January 16, 2023 - Updated on January 19, 2023
France fines Microsoft €60m over advertising cookies

France fines Microsoft €60m over advertising cookies

December 22, 2022
Why Elon Musk may step down as Twitter CEO

Elon Musk to quit as Twitter CEO when he finds someone ‘foolish enough to take the job’

December 21, 2022
Why Elon Musk may step down as Twitter CEO

Why Elon Musk may step down as Twitter CEO

December 19, 2022
Elon Musk terminates $44bn Twitter takeover deal, board kicks

EU threatens sanctions after Twitter suspends journalists’ accounts over clash with Elon Musk

December 16, 2022
PDP, APC exchange words over Twitter’s decision to site African HQ in Ghana

JUST IN: Twitter down as users experience trouble loading page

December 11, 2022
NCC: 3.5GHz Spectrum auction will take place as planned

NCC-CSIRT warns Nigerians on latest phishing attacks

December 3, 2022
Elon Musk announces date  for Twitter Verified launch

Elon Musk announces date for Twitter Verified launch

November 25, 2022
Next Post
How bandits abducted Emir on Kaduna-Abuja highway, killed police officer

How bandits abducted Emir on Kaduna-Abuja highway, killed police officer

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Newspeakonline

© 2020 Newspeak & Associates
Optimized by IChannelTech.

Navigate Site

  • Breaking News
  • Business
  • Entertainment
  • Interview
  • Newpeak Magazine
  • Newspeak Exclusives
  • Politics

Follow Us

No Result
View All Result
  • Home
  • Latest News
  • Politics
  • Business
  • Entertainment
  • Technology
  • World
  • Opinion
  • Interview
  • Newspeak Exclusives

© 2020 Newspeak & Associates
Optimized by IChannelTech.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Newspeak We would like to show you notifications for the latest news and updates.
Dismiss
Allow Notifications