hackers

Update: The sophisticated DarkSword hacking technique that came to light last week — capable of silently taking over iPhones the moment a user visits an infected website — just got worse for Apple users running older software, TechCrunch reported Monday.

Someone leaked versions of DarkSword on code-sharing site GitHub. That means DarkSword attacks likely will increase — especially since iOS expertise is not required to deploy the technique.

“This is bad. They are way too easy to repurpose,” iVerify co-founder Matthias Frielingsdorf told TechCrunch. “I don’t think that can be contained anymore. So we need to expect criminals and others to start deploying this.”

Apple spokesperson Sarah O’Rourke reminded people that “keeping software up to date is the single most important thing you can do to maintain the security of your Apple products.” So if you haven’t updated to the latest iOS for your device, do so now.

In a surprising development that may concern Apple users, computer security researchers from Uruguay have discovered a method to reconstruct screen content by intercepting electromagnetic emissions from HDMI cables. The bad news is this HDMI cable security threat could potentially impact all devices using HDMI, including Apple gear. The “good” news is that it’s not easy to do, so individual users aren’t likely to be targets. But companies and governments might be.

New research suggests attackers can use the sound of a user’s finger swiping on a touchscreen to recreate their fingerprint pattern, according to a report Tuesday. And that biometric security risk could lead to trouble, of course.

All it takes is casual swiping in popular apps while a device microphone is on.

Great. As if we didn’t have enough to worry about, biometic-security-wise.

With corporate data breaches and identity theft on the rise, people are justifiably worried about how to keep their sensitive personal data safe online. Fortunately, the Incogni personal information removal service can reduce your exposure in multiple ways — with little effort on your part.

A popular smart light bulb from TP-Link suffers from severe security flaws that could give hackers passwords and other information, researchers said Wednesday.

A paper examined four flaws in the bestselling TP-Link Tapo L530E, which works with Apple’s HomeKit platform.

Media outlets are reporting that Wyze knew for three years about a security flaw that rendered its security cameras vulnerable to hackers. But in all that time, it did not tell its customers about the problem.

News of the flaw broke on Tuesday. Wyze, long know for its inexpensive but useful security cameras, has since responded to the controversy, as noted below.

In the middle of last year, Apple and Facebook parent company Meta Platforms gave customer data to hackers. They enticed the companies by pretending to be law enforcement officials, three people with knowledge of the matter said.

Amnesty International accuses governments around the world of using NSO Group’s Pegasus iPhone hacking tool to illegally spy on journalists and human rights defenders. Apple’s head of Security Engineering and Architecture condemns this type of hacking, but also says that such attacks “are not a threat to the overwhelming majority of our users.”

Hackers reportedly stole plans for two upcoming 2021 MacBook Pro models from Quanta and leaked details. These help confirm earlier reports that Apple’s next notebook will see a return of MagSafe, the HDMI port and an SD card reader. But no Touch Bar.

The next iOS version will make it more difficult for hackers to break into iPhones. Security researchers digging around in Apple’s beta code for iOS 14.5 found that the company began encrypting pointer authentication codes, which will make zero-click attacks far tougher to pull off.

This cybersecurity post is presented by Dashlane.

When you run a small business, you often wear a lot of hats. The strategy hat. The customer service hat. Even the “those floors aren’t going to mop themselves” hat.

Unfortunately, sometimes the network security hat is left on the hook by the door, and that’s just what hackers hope for — lax security and plenty worth stealing, from your cash reserves to customers’ credit card information.

Apple is one of many companies and people who had their Twitter accounts hijacked on Wednesday. A hacker found a way to post on what seems to be any account, indicating that it’s Twitter itself that has been hacked.

All the posts pointed readers toward a bitcoin scam.

San Francisco-based cybersecurity company ZecOps says that iPhones and iPads may be vulnerable to a flaw involving the Mail app, the Wall Street Journal reported Wednesday.

Unlike most email-based phone hacks, which involve making someone click a link or visit a website, this exploit does not require victims to do anything other than download (although not necessarily open) an email. It nonetheless could let hackers install malicious software on their devices.

A ZecOps blog post on the topic says that the vulnerability has existed in Apple’s mobile software as far back as iOS 6.

One of the biggest buyers of iOS zero-day exploits says the market is flooded with new iPhone bugs due to weakened security components in Safari and iMessage.

Zerodium, which pays $2 million for iOS exploits, recently announced it’s increasing its payout for Android exploits to $2.5 million. iOS used to be the most locked-down mobile operating system, but the company says Android’s security has improved with every new OS release while iOS has been slacking, leading to a glut of new exploits.

Everyone knows about the risks of phishing email, dodgy downloaded software, and accessing sensitive data while using public Wi-Fi. But how about third-party Lightning cables?

According to a new report, these are a risk as well — with security experts noting that it’s possible for malicious Lightning cables to grant access to your Mac to a remote attacker.

Apple is ready to pay a bigger bounty than any other tech company when it comes to finding bugs on the iPhone or other Apple products.

The iPhone-maker revealed today at the Black Hat conference in Las Vegas that it will now pay up to $1 million for some discovered vulnerabilities, up from the $200,000 it offered when the bug bounty program began three years ago.

Apple has historically not been a company in favor of people jailbreaking its devices. So why would Cupertino give hackers special iPhones to help them find weaknesses in iOS? To patch those problems, of course!

According to a new report, Apple will announce plans this week at the Black Hat security conference in Las Vegas to hand out such devices to security researchers. Apple also will introduce a new Mac bug bounty program to reward anyone who finds security problems in macOS.

Everyone needs to watch out for hackers phishing for their account details, and that includes celebrities. A Georgia man tricked pro athletes and rappers into giving up login details for their Apple accounts, which he used to access to their credit cards, according to the FBI.

Apple wants to use encryptions to make “stingray” phone spying tools obsolete. The move is likely to be controversial because while these are used by criminals they are also employed by police.

Two hackers have netted themselves a $50,000 bounty for discovering a flaw on the iPhone X, allowing for the recovery of recently deleted photos (and potentially other information) supposedly removed from the device.

This post is presented by Dashlane.

On the web you don’t see, hackers constantly upload lists of passwords, usernames, Social Security and phone numbers, addresses and other personal information every day. Do you know if your data is being bought and sold on the dark web? Using a service like Dashlane can give you the answer.

30 million accounts on Facebook were recently hacked with attackers gaining access to highly sensitive personal information.

The FBI is investigating the hacking an has asked the company not to reveal who was behind it. Facebook originally disclosed the hack to the public two weeks ago saying 50 million accounts were compromised. That number has now been reduced to just 30 million, but the amount of data stolen makes it the worst attack in Facebook’s history.

The fourth hacker responsible for leaking nude images from hundreds of iCloud accounts, belonging to Hollywood celebrities and others, has been sentenced to prison.

Connecticut-based George Garafano was sentenced to eight months, after which he must serve three years of supervised release, as well as performing 60 hours of community service. He plead guilty back in April.

A research project funded by the Department of Homeland Security has discovered a “slew” of vulnerabilities in the mobile devices offered by the four main U.S. cell phone carriers.

These vulnerabilities reportedly leaves these devices open to possible attacks by hackers.

Go to your Amazon, Zappos, etc. account now and change the password to something stronger. That’s the takeaway from a cyber security firm’s report that says a whopping 91 percent of all attempts to log into e-commerce websites are from hackers.

Attempts by hackers to log into the sites of airlines, banks, and hotels also account for about half of their traffic.