Cybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. “The latest iteration of LightSpy, dubbed ‘F_Warehouse,’ boasts a modular framework with extensive spying features,” the BlackBerry Threat Research and Intelligence Team said in a report published last week. […]
Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN’s Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user’s device […]
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group’s Pegasus spyware, according to joint findings from Access Now and the Citizen Lab. Nine of the 35 individuals have been publicly confirmed as targeted, out of whom six had their devices […]
If the iPhone force restart does not work as intended, there may be an issue with the iOS system. To address this, look for physical damage to buttons used for hard reset before updating your iOS system. The general method involves pressing multiple buttons together until the Apple logo appears, but there may also be […]
If the YouTube app on your iPhone is crashing or will not open, there are various fixes you can try, such as force quitting the app, rebooting your device, and updating its version. Restarting your device provides a fresh start and can address minor software issues causing YouTube to crash. Check your internet connection If […]
The iPhone offers multiple ways of scanning QR codes, but the quickest and easiest method is using its built-in camera app. Open your camera app and point at a QR code; a notification will appear in the lower-right corner of the screen. Follow the QR code link, and you’ll reach its content or link. How […]
A new “post-exploitation tampering technique” can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it’s actually not and carry out covert attacks. The novel method, detailed by Jamf Threat Labs in a report shared with The Hacker News, “shows that if […]
A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the extraction of sensitive information from the Safari web browser. “An attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information […]
The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features. Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to F-Secure. Besides requesting invasive permissions to access call logs, camera, SMS messages, and […]
Qualcomm recently issued warnings about three zero-day vulnerabilities within its GPU and Compute DSP drivers that are currently being exploited by hackers. These warnings were initiated based on information received from Google’s Threat Analysis Group (TAG) and Project Zero teams. According to their reports, there is limited but targeted exploitation of vulnerabilities identified as CVE-2023-33106, […]
Google has designated a brand new CVE number for a major security vulnerability that has been discovered in the libwebp image library, which is used for displaying pictures in the WebP format. This flaw has been found to be exploited in the wild by malicious users. A major vulnerability that existed in Google Chrome for […]
Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group’s Pegasus mercenary spyware. The issues are described as below – CVE-2023-41061 – A validation issue in Wallet that could result in arbitrary code execution when handling […]
This summer, hundreds of thousands of people will be preparing to take off while sitting back, relaxing, and using the airplane mode setting on their iPhones. When this setting is activated, the device’s radio frequency (RF) transmission technology is turned off, which severes the user’s connection to their mobile network for the duration of the […]
Apple has rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild. Tracked as CVE-2023-38606, the shortcoming resides in the kernel and permits a malicious app to modify sensitive kernel state potentially. The company said it was addressed with […]
Recent news reports have brought attention to two serious zero-day vulnerabilities that pose a risk to the digital security of Apple products sold in every region of the world. Both of these vulnerabilities, which have been given the CVE identifiers CVE-2023-37450 and CVE-2023-38606, were found to be present in Apple’s WebKit browser engine and kernel […]
SMS delivery reports not only inform the sender that the message was successfully delivered, but they also have the potential to provide the location of the receiver. This is what the researchers have proved in their most recent work, which shows how receiving a silent SMS message activates a side-channel attack, allowing the sender to […]
The Russian Federal Security Service (FSB) has accused the United States Intelligence Community of hacking into “thousands of Apple phones” in order to conduct surveillance on Russian diplomats. The United States targeted iOS devices using malware that had not been seen before, according to a statement that was released by the FSB on Thursday. The […]
Researchers from Tencent Labs and Zhejiang University have collaborated to develop a new technique known as “BrutePrint,” which enables the forcible extraction of fingerprints from modern smartphones. This technique was recently shown to the public. This approach sidesteps user authentication, therefore providing unauthorized access and complete control over the device that is the focus of […]
Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected devices. The issue, tracked as CVE-2023-20126, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. The company credited Catalpa of DBappSecurity […]
Israeli spyware maker NSO Group deployed at least three novel “zero-click” exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. “NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-click exploit chains against civil society targets around the […]
Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and the Middle East. According to findings from a group of researchers from the Citizen Lab, the spyware campaign was directed against journalists, political opposition figures, and […]