Pegasus spyware won’t affect ‘overwhelming majority’ of iPhone users, Apple says

By

Fraudster steals $16k from victim posing as Apple tech support
Those misusing the Pegasus iPhone hacking tool allegedly work for governments around the world.
Photo: Donald Tong/Pexels CC

Amnesty International accuses governments around the world of using NSO Group’s Pegasus iPhone hacking tool to illegally spy on journalists and human rights defenders. Apple’s head of Security Engineering and Architecture condemns this type of hacking, but also says that such attacks “are not a threat to the overwhelming majority of our users.”

Hackers’ leak confirms big changes coming to MacBook ports

By

This 14-inch MacBook Pro concept is by Renders by Ian
Hackers leaked details that help confirm that a 2021 MacBook Pro model will look much like this.
Concept: Ian Zelbo/Renders by Ian

Hackers reportedly stole plans for two upcoming 2021 MacBook Pro models from Quanta and leaked details. These help confirm earlier reports that Apple’s next notebook will see a return of MagSafe, the HDMI port and an SD card reader. But no Touch Bar.

iOS 14.5 makes zero-click iPhone attacks even more difficult

By

If hackers dump your personal data onto the dark web, you need to know about it. Dashlane Dark Web Monitoring can sound the alarm.
“Dammit, Apple keeps breaking all my best zero-click attacks.”
Photo: sebastiaan stam/Pexels CC

The next iOS version will make it more difficult for hackers to break into iPhones. Security researchers digging around in Apple’s beta code for iOS 14.5 found that the company began encrypting pointer authentication codes, which will make zero-click attacks far tougher to pull off.

By

When small businesses don't prioritize online security, they may pay the ultimate price. Dashlane for Business can help.
When small businesses don't prioritize online security, they may pay the ultimate price. Dashlane for Business can help.
Photo: Artem Beliaikin/Pexels.com CC

Hackers hit Apple’s Twitter account in widespread bitcoin scam

By

Apple's Twitter account and other high-profile accounts hacked in massive Bitcoin scam.
Apple’s very first Tweet ever isn’t about Bitcoin. Twitter got hacked.
Photo: Cult of Mac

Apple is one of many companies and people who had their Twitter accounts hijacked on Wednesday. A hacker found a way to post on what seems to be any account, indicating that it’s Twitter itself that has been hacked.

All the posts pointed readers toward a bitcoin scam.

iOS vulnerability let hackers attack devices through Mail app

By

iPhone hack
Hack has reportedly been fixed in latest iOS beta.
Photo: Ste Smith/Cult of Mac

San Francisco-based cybersecurity company ZecOps says that iPhones and iPads may be vulnerable to a flaw involving the Mail app, the Wall Street Journal reported Wednesday.

Unlike most email-based phone hacks, which involve making someone click a link or visit a website, this exploit does not require victims to do anything other than download (although not necessarily open) an email. It nonetheless could let hackers install malicious software on their devices.

A ZecOps blog post on the topic says that the vulnerability has existed in Apple’s mobile software as far back as iOS 6.

Security researchers are flooding the market with iOS exploits

By

Zerodium
Here's how much you can make selling certain exploit chains.
Photo: Zerodium

One of the biggest buyers of iOS zero-day exploits says the market is flooded with new iPhone bugs due to weakened security components in Safari and iMessage.

Zerodium, which pays $2 million for iOS exploits, recently announced it’s increasing its payout for Android exploits to $2.5 million. iOS used to be the most locked-down mobile operating system, but the company says Android’s security has improved with every new OS release while iOS has been slacking, leading to a glut of new exploits.

Modified Lightning cables let hackers remotely hack Apple devices

By

Lightning cables that plug into USB-C ports charge your iPhone more quickly.
Hacked cables were shown off at a recent hacking conference.
Photo: Apple

Everyone knows about the risks of phishing email, dodgy downloaded software, and accessing sensitive data while using public Wi-Fi. But how about third-party Lightning cables?

According to a new report, these are a risk as well — with security experts noting that it’s possible for malicious Lightning cables to grant access to your Mac to a remote attacker.

Apple expands bug program with monstrous $1 million bounty

By

The CIA has a team of more than 5,000 hackers.
Hackers can get PAID for finding bugs now.
Photo: Brian Klug/Flickr CC

Apple is ready to pay a bigger bounty than any other tech company when it comes to finding bugs on the iPhone or other Apple products.

The iPhone-maker revealed today at the Black Hat conference in Las Vegas that it will now pay up to $1 million for some discovered vulnerabilities, up from the $200,000 it offered when the bug bounty program began three years ago.

Apple might give hackers special iPhones to plug security problems

By

The CIA has a team of more than 5,000 hackers.
This is what a real hacker looks like. Dry ice is not optional.
Photo: Brian Klug/Flickr CC

Apple has historically not been a company in favor of people jailbreaking its devices. So why would Cupertino give hackers special iPhones to help them find weaknesses in iOS? To patch those problems, of course!

According to a new report, Apple will announce plans this week at the Black Hat security conference in Las Vegas to hand out such devices to security researchers. Apple also will introduce a new Mac bug bounty program to reward anyone who finds security problems in macOS.