Pierluigi Paganini
April 01, 2016
SideStepper is a method to install malicious apps on iOS devices by abusing the mobile device management (MDM) solutions. Security researchers from the Check Point firm have devised a method to install a malicious code on iOS devices by abusing the mobile device management (MDM) solutions used by many enterprises. The technique relies on a vulnerability dubbed by […]
Pierluigi Paganini
March 21, 2016
A group of researchers found an iOS zero-day that would let a skilled attacker decrypt photos and videos that were sent as secure instant messages. The bad news is that Matthew Green, a professor at Johns Hopkins University revealed that a zero-day vulnerability in iOS encryption allows skilled attackers to decrypt intercepted iMessages, the good […]
Pierluigi Paganini
March 17, 2016
AceDeceiver is the first iOS malware that abuses certain design flaws in Apple’s FairPlay DRM to install malicious apps on iOS devices even non-jailbroken. Hackers are exploiting a flaw affecting the Apple digital rights management technology (DRM) to install malicious apps on every iOS device, even non-jailbroken ones. Last month, security experts at Palo Alto Networks […]
Pierluigi Paganini
March 15, 2016
DOJ released a brief filing that threatens to force Apple to hand over the iOS source code if it will not help FBI in unlocKing the San Bernardino shooter’s iPhone. The battle between Apple and the FBI is going on while the debate on the case is monopolizing the media. Last news in order of […]
Pierluigi Paganini
March 08, 2016
A number of bypass vulnerabilities still affect iOS devices and could be exploited by an attacker to bypass the passcode authorization screen. A number of bypass vulnerabilities still affect iOS devices and could be exploited by an attacker to bypass the passcode authorization screen on Apple mobile devices (iPhones and iPads) running iOS 9.0, 9.1, and […]
Pierluigi Paganini
March 05, 2016
A group of security researchers has devised a new attack scheme to steal cryptographic keys from both Android and iOS devices. A team of security researchers from Tel Aviv University, Technion and The University of Adelaide has elaborated a new attack scheme to steal cryptographic keys from both Android and iOS devices. Last month, the same team […]
Pierluigi Paganini
December 21, 2015
The security expert Ariel Sanchez presented the results of the test conducted on 40 iOS banking apps, comparing them to the ones obtained 2 years ago. The banking industry is looking with an increasing interest in mobile platform, financial institutes are offering a growing number of services accessible through mobile devices, but what about security? The security […]
Pierluigi Paganini
October 12, 2015
Apple has removed mobile apps from the iOS Apple store that are installing root CA certificates that enable traffic to be intercepted. Apple has pulled several apps out from the official iOS App Store over SSL/TLS security concerns, this means that the security issues could allow threat actors to compromise encrypted connections between the servers […]
Pierluigi Paganini
October 05, 2015
Experts at Paloalto Networks discovered a strain of Apple iOS malware dubbed YiSpecter that is able to infect both jailbroken and non-jailbroken devices. The recent XCodeGhost attack suffered by Apple demonstrated that nobody is completely secure from malware-based attacks. Now security researchers at PaloAlto Networks have discovered a new malware dubbed YiSpecter that they sustain is able to […]
Pierluigi Paganini
September 17, 2015
A new evil vulnerability affecting the AirDrop service could be exploited by attackers to silently infect iPhones and Apple Macs. Versions prior to the latest Apple OS version, the newborn iOS 9, are affected by a serious AirDrop Bug. The AirDrop Bug could be exploited by hackers to take full control of Apple iPhone or Mac machines. […]
