Cyber security news for all

More

    Attackers use iPhone vulnerabilities in older versions of iOS

    Manipulated websites apparently continue to attempt to inject monitoring tools on iPhones. Attackers use iPhone vulnerabilities in Apple’s browser engine, which make certain iOS versions vulnerable.

    When visiting the site, malware with root rights is introduced, which transfers a lot of user data from photos to communication via messenger. The attacker’s server and thus enables comprehensive monitoring. The attacks would be carried out for websites targeting the community. Apple emphasized at the time in a reaction that the iPhone vulnerabilities had long been closed.

    The system can be taken over by several gaps in Apple’s browser when a user accesses a suitably prepared website. The only requirement is that the user already trusts a legitimate website and uses it to access allowed. iPhone vulnerabilities can be exploited in all iOS versions, so they affect all iPhones. A few holes in Apple’s browser engine WebKit, which combines this attack scenario. Apple has now closed the vulnerabilities via updates.

    Since Apple forces all iOS browsers to use WebKit, iPhones could also be successfully compromised if users use third-party browsers such as Chrome. However, according to Apple, iOS 12 is still running on just under a quarter of the active iPhones. How many of them were not updated to the latest version of iOS 12 remains unclear. Last year Apple started to provide the older iOS version with security updates, but does not provide any details about the fixed iPhone vulnerabilities.

    Apple Has Already Closed The Vulnerabilities With Updates

    In 2020, several gaps in iOS were fixed. An update for iOS 12 released on the same day should also close the gaps in this version, although Apple does not publish any CVE numbers for this.

    Recent Articles

    Russian Cybercriminal Behind “Cardplanet” Site Sentenced

    According to the United States Department of Justice, a Russian cybercriminal, Aleksey Burkov, 30—who operated Cardplanet site: a site that trafficked stolen card details—has...

    Hackers Used Malicious Docker Images to Mine Monero

    Researchers found malicious images on Docker Hub used for crypto mining. Palo Alto Networks' Unit  42, unraveled a crypto mining scheme which uses malicious Docker...

    NSA outlines requirements for secure collaboration services for US government telework

    The new National Security Agency (NSA) guidelines are a window of security for users. Everyone has been trying to return to their lives since...

    Cybercriminals threaten to sell off “scandalous” files swiped from Mariah Carey, Nicki Minaj, Puff Daddy’s legal eagles

    There's no escaping these cybercriminals. In a recent case of "cyber-extortion," threat actors known as REvil, are threatening to expose celebrity "dirt." These threat actors...

    Twitter apologises for exposed customers data

    In what is described as a "data security incident," sensitive details of Twitter's customers were exposed. Unlike other cases of a breach which are...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox