Tag: Lockdown | SpinSafe

What can we learn from Apple’s new Lockdown Mode?

September 10, 2022/in Mobile Security

APPLE has recently announced a new feature, Lockdown Mode, which secures iOS users who might be personally targeted by sophisticated cyber threats.

Lockdown Mode dramatically reduces mobile devices’ attack surface to prevent cyber threats from reaching the user.

This initiative validates what has been known for a long time, mobile devices are inherently exposed to cyber threats.

The importance of mobile security

The development and release of Apple’s new Lockdown Mode feature stresses the importance of mobile security.

Moreover, Apple is not alone; Samsung is also working to enhance the safety of its Galaxy gadgets and recently announced a cooperation with Google and Microsoft to bolster mobile security.

This comes as no surprise to those who manage mobile devices on a daily base.

Using mobile devices for personal and work purposes can expose users to social engineering methods. This has not gone unnoticed by cybercriminals.

Over the past year, researchers at Check Point have observed threat actors’ increased focus on mobile devices.

They leverage social networks and messaging apps to carry out single or even zero-click attacks.

In addition, the vast array and automation of attack tools have enabled attackers to launch large-scale campaigns that are more complex with relative ease.

Apple’s Lockdown mode also addresses files as the main threat vector.

Malicious files have been used in a variety of attacks, including state-level attacks, but they are one of the most overlooked vectors in mobile security.

Malicious PDF, GIF images, and Excel sheets can facilitate cyberattacks, yet most mobile security solutions do not regard them as a major risk.

What is Lockdown Mode and how does it work?

Apple’s Lockdown mode is expected to be available in the fall on iOS 16, iPadOS 16 and macOS Ventura.

Its target is to dramatically reduce mobile devices’ available attack surface by blocking or disabling files and access.

While in lockdown mode:

Most message attachments are blocked – Apple recognised files as an emerging attack vector on mobile devices. In lockdown mode, the download of most message attachment types (other than images) is completely blocked. Other features, like…

Source…

Does Lockdown mode equal security?

July 18, 2022/in Internet Security

(MENAFN– Golin Mena) Recently Apple announced its new ‘Lockdown Mode’. It’s aimed at protecting users who may be at risk of highly targeted cyberattacks from private companies developing state-sponsored mercenary spyware.
The most significant recent case of such an attack was highlighted by Guardian research from 2021. The report suggests that over 30,000 human rights activists, journalists and lawyers across the world may have been targeted using a hacking software known as Pegasus, created by the NSO Group.
Here, Victor Chebyshev, Lead Security Researcher at Kaspersky, considers if Apple’s new secure mode will be an effective defense against programs such as Pegasus? And he discusses what else can people do to mitigate the risks of being infected by target attacks.
Is Lockdown Mode safe?
Lockdown Mode is made up of an extremely useful set of functions, and it is relevant to all internet users, not just high-ranking officials, activists or journalists. This setting is also helpful to anyone who suspects that they are being digitally followed.
However, people should not be under the illusion that after activating Lockdown Mode their device will be completely secure. Although it is important to acknowledge it will become more difficult to attack such a gadget. As a result, the prices for zero-day vulnerabilities for the iOS platform will increase.
Nonetheless, as long as a device is in working condition, it is possible for it to be tracked without the need for expensive spyware like NSO Group’s Pegasus. Basic surveillance can be carried out at the base station of a cellular operator, for example. Or using other equipment that a potential target owns, such as an AirTag or AirPods, connected through the FindMy ecosystem. Through this system, attackers can also access device data, including photos.
How can people protect themselves?
In order to completely protect themselves, people should turn off their device and place it in a Faraday cage. In such a situation, it is then obviously impossible to use the gadget, but any other mode is still a compromise between security and everyday functions. Yes, with such modes, hacking is…

Source…

Apple’s Lockdown Mode: An ‘extreme’ option for the few

July 7, 2022/in Internet Security

This week, Apple announced a new “extreme, optional” security feature called Lockdown Mode that is aimed at a very small minority of users who are at risk of being deliberately targeted by cyberattacks “from private companies developing state-sponsored mercenary spyware.” It will launch with iOS 16, iPadOS 16, and macOS Ventura this fall.

Lockdown Mode is designed to block a category of hyper-targeted hacks that are generally used by governments (or private companies with support from governments) against activists, dissidents, journalists, and high-level business people. Although there are presumably other, similar exploits that have not been exposed, the most infamous of these is the spyware called Pegasus.

Pegasus, developed by the (now sanctioned) Israeli technology firm NSO Group, turns iPhones and Android smartphones against their users. It’s basically the stereotypical Hollywood hack: The attackers have access to pretty much everything on the device, can intercept calls and messages, and even use the microphone, camera, and GPS to record and track people. Crucially, Pegasus can be a “zero-click” exploit, meaning that it can be installed without the user doing anything; at one point, phones could even be infected through a missed WhatsApp voice call.

Cybersecurity typically involves a tradeoff between convenience and security. If you want your computer to be very difficult to hack, don’t connect it to the internet—lock it in a secure room in your house. No viruses! But also no email, Amazon, or Minecraft. Modern iPhones, iPads, and Macs come with loads of features that make them fast, convenient, and easy to use, but these same features also give hackers large “attack surfaces” to work with. Lockdown Mode turns off a lot of these features, or at least makes them disabled by default, at the expense of a great user experience.

Some of the features that get disabled by Lockdown Mode, for example, are the speed and efficiency technologies in a bit of software called WebKit (which powers Safari). Web pages that haven’t been flagged as “trusted” will take longer to load and may be jankier to use, but those web pages…

Source…

SOS-2-US – Mobile Security App

July 11, 2021/in Video

Tag Archive for: Lockdown