Tag Archive for: Thinking

New exploit fools users into thinking their hacked iPhone is safe

/in


Lockdown Mode

If an iPhone has already been infected with malware, Jamf has shown how an attacker can trick the user into believing Lockdown Mode is active when it isn’t.

Despite popular belief, iPhones can get infected with malware — but it is rare. Attackers taking advantage of zero-day vulnerabilities and zero-click exploits can infect a user’s device — though these sophisticated attacks are often expensive and difficult to execute.

Jamf Threat Labs has worked out a proof-of-concept post-exploitation tampering technique that makes an iPhone behave like it is in Lockdown Mode when it isn’t. The user can toggle Lockdown Mode and will see visual cues, like an apparent device restart and warnings in Safari that trick the user into a false sense of security.

This isn’t a flaw with Lockdown Mode, iPhone security, or the operating system. The tampering technique only works on devices that have already been infected with malware.

Jamf researched this proof-of-concept to emphasize that Lockdown Mode has limitations. It is a shield that reduces the attack surface on an iOS device, not anti-malware that detects infections and ejects them.

Lockdown Mode is most effective when used on a device before an attack occurs. It reduces the number of entry points available for an attacker.

Warnings tell the user Lockdown Mode is being activated

Warnings tell the user Lockdown Mode is being activated

A system reboot can help stop malware from monitoring the user, but Jamf found a way to force a userspace reboot instead of a system reboot. That way, the injected code can maintain adaptable control over Lockdown Mode.

Lockdown Mode performs several actions, most of which are invisible to the user.

  • Messages — Most message attachments are blocked, and some features are unavailable.

  • FaceTime — Incoming FaceTime calls from people you have not previously called are blocked.

  • Web Browsing — Some web technologies and browsing features are blocked.

  • Shared Albums — Shared albums will be removed from the Photos app, and new Shared Albums invitations will be blocked.

  • Device Connections…

Source…

Column: Thinking more about names and character

/in


So, if, as I wrote last week, our oldest daughter’s name should have been “Grace,” there is no question that our second child should be named “Crash.” As in, “Crash Test.”

It’s hard to tell that now, actually. See, as she grew up, she became much better aware of her surroundings, so crashing into stuff became a much less frequent occurrence.

And, for the record, yes — she totally got that from my side of the family.

Even as she grew older, though, there was a still a wonderful, bold, forward quality to how she approached life. Like, when she made a mistake, there was a Cassie-shaped hole in the wall, not unlike Wile E. Coyote. The beauty part was that she didn’t make many mistakes, and that boldness made her an outstanding student leader, and, I believe, will make her a really good teacher.

Boldness is an increasingly rare quality, I think. Well, except for online. Online everybody has the boldness of two tequilas, because the anonymity of the ether makes it possible to believe you’re safe. That’s not really true, of course, as old posts and picts and twits have started to cost people opportunities in the present. But, still, people say things online that they would never say in person.

Which seems like a real indictment of the cowardice of the age.

We’re so used to the creature comforts of the modern era that we’ve forgotten what it is to act. We think, we plan, we have committee meetings, we fall back on platitudes and, when things don’t go how we hoped, we comfort ourselves with our good intentions and give bonus points for trying. We even actively discourage the sort of activities that breed boldness, dismissing as “dangerous” and “toxic” those —admittedly, sometimes foolish — acts that foster decisiveness and courage under fire. And then we sit on our high horses and condemn (after the fact, of course) those who have the courage to act when they, sometimes, get it wrong.

But any cursory glance at the front page of a newspaper tells you that we’re coming up on a time when boldness will be required, when the mentality to act in the face of the encroaching darkness will be necessary.

That is why I have always taken a sort of perverse…

Source…

Thinking of a Cybersecurity Career? Read This — Krebs on Security – Krebs on Security

/in

Thinking of a Cybersecurity Career? Read This — Krebs on Security  Krebs on Security
“computer security news” – read more

Russia’s information warfare: Fighting back will take more than critical thinking, experts say – Edmonton Journal

/in

Russia’s information warfare: Fighting back will take more than critical thinking, experts say  Edmonton Journal
“cyber warfare news” – read more