Tag: ios | Page 9

Spyware firm offers services to hack iOS, Android devices for Rs 64 cr

August 27, 2022/in Computer Security

New Delhi, Aug 27: A little known spyware company, Intellexa, is now competing with Pegasus developer NSO Group, offering its services to hack into Android and iOS devices for a fee of $8 million (around Rs 64 crore).

Malware source code provider Vx-underground found documents representing a proposal from Intellexa, offering services that include Android and iOS device exploits.

“Leaked documents online show the purchase (and documentation of) an $8,000,000 iOS Remote Code Execution zero-day exploit,” it tweeted.

The offer includes 10 infections for iOS and Android devices, as well as a “magazine of 100 successful infections”.

According to Security Week, the documents, “labeled as proprietary and confidential”, revealed that the exploits should work on iOS 15.4.1 and the latest Android 12 update.

Apple released iOS 15.4.1 in March, which suggests that the offer is recent.

“Specifically, the offering is for remote, one-click browser-based exploits that allow users to inject a payload into Android or iOS mobile devices,” the report mentioned.

Intellexa is based in Europe, with six sites and R&D labs throughout the continent.

“We help law enforcement and intelligence agencies across the world to close the digital gap with multiple and diverse solutions, all integrated with our unique and best-in-class Nebula platform,” the company posted on its website.

Last year, a Citizen Lab report mentioned Intellexa, on Cytrox’s predator iPhone spyware being used to target a Greek lawmaker.

Citizen Lab said Cytrox was part of the Intellexa Alliance, described as a “a marketing label for a range of mercenary surveillance vendors that emerged in 2019”.

Apple filed a lawsuit last year against NSO Group to ban the company from using its services and devices.

As state-sponsored cyber attacks with government spyware like Pegasus grow, Apple is offering Lockdown Mode this fall with iOS 16, iPadOS 16, and macOS Ventura.

This mode offers specialised additional protection to high-profile users who may be at risk of highly targeted attacks from private companies developing state-sponsored mercenary spyware.

In India, the Pegasus panel said this week that the presence of controversial Israeli spyware Pegasus was not…

Source…

Apple Just Patched 37 iPhone Security Bugs—Update iOS ASAP

July 31, 2022/in Mobile Security

July has been a month of important updates, including patches for already-exploited vulnerabilities in Microsoft and Google products. This month also saw the first Apple iOS update in eight weeks, fixing dozens of security flaws in iPhones and iPads.

Security vulnerabilities continue to hit enterprise products, too, with July patches issued for SAP, Cisco, and Oracle software. Here’s what you need to know about the vulnerabilities fixed in July.

Apple iOS 15.6

Apple has released iOS and iPadOS 15.6 to fix 37 security flaws, including an issue in Apple File System (APFS) tracked as CVE-2022-32832. If exploited, the vulnerability could allow an app to execute code with kernel privileges, according to Apple’s support page, giving it deep access to your device.

Other iOS 15.6 patches fix vulnerabilities in the kernel and WebKit browser engine, as well as flaws in IOMobileFrameBuffer, Audio, iCloud Photo Library, ImageIO, Apple Neural Engine, and GPU Drivers.

Apple isn’t aware of any of the patched flaws being used in attacks, but some of the vulnerabilities are pretty serious—especially those affecting the kernel at the heart of the operating system. It’s also possible for vulnerabilities to be chained together in attacks, so make sure you update as soon as possible.

The iOS 15.6 patches were released alongside watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8, and macOS Catalina 10.15.7 2022-005.

Google Chrome

Google released an emergency patch for its Chrome browser in July, fixing four issues, including a zero-day flaw that has already been exploited. Tracked as CVE-2022-2294 and reported by Avast Threat Intelligence researchers, the memory corruption vulnerability in WebRTC was abused to achieve shellcode execution in Chrome’s renderer process.

The flaw was used in targeted attacks against Avast users in the Middle East, including journalists in Lebanon, to deliver spyware called DevilsTongue.

Based on the malware and tactics used to carry out the attack, Avast attributes the use of the Chrome zero-day to Candiru, an Israel-based company that sells spyware to governments.

Microsoft’s Patch Tuesday

Microsoft’s July Patch Tuesday is a big one, fixing 84…

Source…

Whatsapp To End Support For These Ios Users. Check Your Compatibility

May 22, 2022/in Mobile Security

WhatsApp is planning to drop support for iOS 10, iOS 11, iPhone 5, and iPhone 5C over the coming months. This is not a panic situation but it is natural. Companies keep themselves updating in order to implement new changes and overall for enhancing the security and safety of the users privacy with the changing world and its threats. Similarly, the Meta-owned instant messaging app has announced to withdraw support for the older versions of iOS operating inside erstwhile iPhones.

After this update many of the WhatsApp in-app features may not be available to the iPhone users across the world, only those who are still using the dated iOS versions. These features could be reactions or payments but we do not know exactly which all features will get affected by this change. WhatsApp also does it to Android ecosystem as well to keep them updating.

According to the WhatsApp tracker, WABetaInfo, WhatsApp will stop supporting the above mentioned iPhones starting October 24, 2022, which is like five months ahead. Devices operating on iOS 10 and iOS 11 will not be able to function properly with all the features after that. The least supporting base will be iOS 12 and above to fully enjoy the features of WhatsApp.

Apple iPhone 5 and iPhone 5C are not compatible with iOS 12 and hence these users would not be able to use WhatsApp as the new changes will start rolling out. WhatsApp simply means to upgrade the security of the chat and other in-app features.

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Source…