At least nine U.S. State Department employees saw their iPhone hacked by unknown attackers wielding Pegasus spyware from the Israel-based NSO Group. The attacks occurred over several months, Reuters reported Friday.
Prevent hacks to preserve your business’s valuable reputation
This business cybersecurity post is brought to you by Dashlane.
The hard work you put into building your business and managing your business’s reputation should not be compromised by an avoidable hack.
Cyberattacks on businesses and other entities may seem inevitable, but many are avoidable. Given the importance of reputation — which amounts to everything anyone and everyone thinks or feels about your operation — preventing cybersecurity breaches is crucial to defending the overall perception of your business’s trustworthiness to consumers, clients and investors.
Implementing use of a password manager like Dashlane for you and your employees, whether they work remotely or onsite, is among the easiest and most effective ways to protect your business’s reputation, explains J.D. Sherman, CEO of Dashlane. Its web and mobile app simplifies password management for people and businesses.
Patched iOS vulnerability would have let users seize control of iPhones over Wi-Fi
A security vulnerability patched by Apple earlier this year could have allowed users to remote access an entire iPhone over Wi-Fi without the need for any user interaction, a security researcher has revealed.
Ian Beer, a researcher at Google’s vulnerability research unit Project Zero, shared details of the vulnerability Tuesday. He spent six months developing proof-of-concept exploits to prove its effectiveness. Fortunately, he doesn’t believe a similar exploit was ever utilized by hackers in the wild.
Zoom rushes to fix its webcam-accessing flaw on Macs
Zoom conference calls are as much of a part of modern office working life as disagreements about the air-con system.
But security researcher Jonathan Leitschuh recently stumbled upon something extremely concerning. As discovered by Leitschuh, Zoom featured a vulnerability that allowed hackers to break into a target’s Mac webcam. This happened regardless of whether the Mac user was using Safari, Chrome or Firefox.
Fortunately, Zoom has, well, zoomed to correct it.
Don’t fall for the Twitter prank that locks you out
A viral prank is getting some Twitter users locked out of their accounts.
Tweets that promise you’ll receive new color schemes, admin privileges, or even a verified check mark for changing your birthday have been circulating on the platform. But if you fall for the trick, all you will end up with is a Twitter account you can no longer use.
How to check if your Facebook account was hacked
30 million accounts on Facebook were recently hacked with attackers gaining access to highly sensitive personal information.
The FBI is investigating the hacking an has asked the company not to reveal who was behind it. Facebook originally disclosed the hack to the public two weeks ago saying 50 million accounts were compromised. That number has now been reduced to just 30 million, but the amount of data stolen makes it the worst attack in Facebook’s history.
Download iOS 11.2.1 immediately for crucial HomeKit fixes
Apple released a brand new iOS 11 update for the iPad and iPhone this morning that makes some big fixes to HomeKit.
iOS 11.2.1 comes a little over a week after Apple dropped iOS 11.2 on the public bringing Apple Pay Cash and a host of bug fixes. The new update is being released along with tvOS 11.2.1 to restore some HomeKit functionality after Apple patched a bug server-side earlier this week.
AirPods wireless charging hack beats Apple to the punch
Apple will make you cough up $69 for a new case if you want to charge your AirPods wirelessly, according to some reports. But if you can get your hands on the right components, you can add wireless charging capabilities to an existing case for next to nothing.
Here’s how.
Hackers claim they fooled Face ID with cheap mask
Hackers may have already proven that Face ID isn’t quite as secure as secure as Apple claims.
Using a simple 3D printed mask, Vietnamese security firm Bkav, has posted a video showing an iPhone X being unlocked after unveiling a composite 3D-printed mask made of plastic, makeup, silicone and paper cutouts for some facial features.
There’s a serious security flaw in Wi-Fi and we’re all at risk
A major security flaw has been discovered in Wi-Fi and we’re all at risk.
Researchers discovered the weakness in WPA2, the protocol that secures all modern Wi-Fi networks. Any modern device with a wireless connection could be open to a KRACK attack that would expose information like credit card numbers, passwords, messages and more.
What to do if you were affected by the massive Equifax hack
Credit report giant Equifax confirms a “cybersecurity incident” may have compromised the data of 143 million U.S. customers.
Criminals gained access to Social Security numbers, dates of birth, addresses, credit card numbers and more between mid-May and July of this year. It’s one of the biggest and most worrisome data breaches in history.
Here’s what to do if you’re one of the customers affected.
Here’s how you mod a headphone jack into iPhone 7
Apple won’t be bringing the headphone jack back to iPhone, so if it’s a feature you’re not prepared to lose anytime soon, you’re stuck with the iPhone 6s. Or are you?
One man, who recently built his own iPhone from scratch using components sourced in a Chinese tech market, has figured out a way to install a headphone jack in the iPhone 7. It’s the ultimate mod for music lovers.
Senator says FBI spent $900,000 to hack San Bernardino iPhone
Ever since the FBI got inside the iPhone belonging to the San Bernardino terrorist shooter, there has been speculation over how much the hacking exercise cost the Feds.
A year later, we finally have an answer — and it’s a whole lot of cash, but maybe less than you thought it would be.
OSX.Bella trojan discovered installing backdoors into Macs
Security researchers have discovered a nasty bit of Mac malware similar to OSX.Dok trojan, which can bypass Apple’s GateKeeper feature.
The new bug, dubbed OSX.Bella, behaves and distributes itself in a completely different manner than OSX.Dok. But once installed, it executes a script that’s just as damaging.
Pokémon Yellow is reborn on Apple Watch
Pokémon fans, prepare yourself for the coolest Apple Watch hack to date.
One of the most popular titles from the original Pokémon series has been reborn on watchOS. This Game Boy Color emulator hack dismisses the idea that Apple’s wearable is no good for gaming by running fan-favorite Pokémon Yellow.
MacBook Pro’s Touch Bar hacked through Safari exploit
Hackers have been able to gain unauthorized access to the MacBook Pro’s fancy new Touch Bar by taking advantage of a hole in Safari.
The duo demonstrated the exploit at the Pwn2Own security conference taking place in Vancouver, Canada this week and bagged $28,000 for their efforts.
Old iPhone exploit opens Nintendo Switch to jailbreaking
Nintendo Switch owners may soon be able to install third-party applications on the new gaming console thanks to an old Apple security flaw.
Although the Nintendo Switch doesn’t have a web browser, it uses Apple’s WebKit in order to render web pages. Noted iPhone jailbreaker qwertyoruiop recently discovered that the Switch could be easily hacked just by running the Pangu jailbreak tool for iOS on it.
Apple: We’ve patched ‘many’ iOS vulnerabilities exposed by WikiLeaks
Apple insists it has already patched “many” of the iOS vulnerabilities that were exposed in WikiLeaks’ CIA document dump Tuesday.
Cupertino says it is working to address any identified holes that weren’t already patched, and the company reminds fans that the software built for iPhone boasts the best data security available to consumers.
Popular iOS apps vulnerable to spilling your sensitive data
Dozens of popular iOS apps are vulnerable to spilling your sensitive data through silent “man-in-the-middle” attacks, according to a reliable mobile security expert.
During testing, Will Strafach, one of the first to hack open the iOS platform, found 76 apps that were guilty of accepting invalid certificates that could be used to intercept data.
Yahoo confirms over 1 billion user accounts have been hacked
Yahoo today confirmed that hackers have stolen data from over 1 billion user accounts.
The breach occurred in 2013, and Yahoo warns that stolen data may have included names, dates of birth, email addresses, telephone numbers, hashed passwords, and more.
Expel water from your iPhone speaker grille using only sound
Apple touts the new iPhone 7 as being water-resistant enough to take into the shower. There’s really no good reason to bathe with your smartphone, but the point is that iPhone 7 owners don’t need to worry about a little rain or spilled tea.
Naturally, some people waltzed into their shower stalls with their expensive new phones in hand — just cuz — and some found a weakness in the iPhone 7’s water-resistance. Luckily for foolhardy iPhone owners everywhere, a Redditor discovered a simple hack for getting the water out.
U.K. cops use low-tech method to get around iPhone encryption
While some law enforcement agencies use hackers to try and break iPhone encryption, detectives in the U.K. found a simpler solution: mugging suspects before they get the chance to lock their phones.
iOS bug exposes photos and messages on locked iPhones
Hackers have discovered a new method to unlock photos and messages on any iPhone, thanks to an iOS security flaw that utilizes Siri and VoiceOver.
iPhones running iOS 8 software and newer are vulnerable to the flaw, which was discovered by EverythingApplePro and iDeviceHelp. The group revealed the hack in a new video that shows you don’t need any coding experience or special hardware to pull it off. All you need is a few minutes alone with a victims iPhone and some help from Siri.
Hackers can use this tiny $5 device to attack your locked Mac
The next time you leave your Mac unattended, make sure to turn it off.
A well-known hacker has created a cheap tool that can steal data off of locked computers in minutes. The clever new device called PoisonTap is created using a $5 Raspberry Pi Zero and some open source code. Attackers can plug PoisonTap into a machine and as long as the victim has a web browser open, it can steal data and leave remote backdoors.
iCloud hacker gets 18 months in jail for stealing nudes
One of the iCloud hackers behind 2014’s “Celebgate” scandal has been sentenced to 18 months in prison. Ryan Collins helped break into celebrity iCloud accounts and steal private photos, which were later published online.