HackDig : Dig high-quality web security articles for hacker

Introducing iVerify, the security toolkit for iPhone users

“If privacy matters, it should matter to the phone your life is on.” So says Apple in their recent ads about Privacy on the iPhone and controlling the data you share—but many of the security features they highlight are opt-in, and users often don’t know when or how to activate them. But hey… we got your back! Today, Trail of Bits launched i
Publish At:2019-11-14 15:25 | Read:251 | Comments:0 | Tags:Apple Education Exploits Guides iVerify Press Release Privac

Checkm8 jailbreak and AltStore put cracks in Apple’s walled garden

byDanny BradburyJailbreaking iPhones has become a lot harder with each new version of the hardware, but this weekend saw two new announcements that enable people to install apps on their phones. One of them is a traditional jailbreak, while the other is an alternative app store that uses a loophole in Apple’s code-signing process.Jailbreaking is a form
Publish At:2019-09-30 12:45 | Read:724 | Comments:0 | Tags:Apple iOS Mobile App Store iPhone jailbreak jailbreaking

Gambling Apps Sneak into Top 100: How Hundreds of Fake Apps Spread on iOS App Store and Google Play

By Todd Han and Junzhi Lu (Mobile Threats Analysts) Google Play and iOS App store are no strangers to fake apps trying to trick users into downloading ad- or malware-ridden versions. We have previously reported on fake Android voice apps on Google Play, which were observed to be impostor apps for voice messenger platforms. Recently, we also uncovered counter
Publish At:2019-09-26 08:20 | Read:564 | Comments:0 | Tags:Mobile App Store fake apps gambling google play IOS

Password-pilfering app exposes weakness in iOS and Android vetting process

Another mentionable fact is that the InstaAgent developer used the subdomain instagram.zunamedia.com to sent the data that was EXACTLY the same data that has been sent to the official Instagram servers to his server. I think that he wanted to “hide” his malicious HTTP packet because at the first glance it looked like an “official” HTTP packet to the Instagra
Publish At:2015-11-12 18:35 | Read:3097 | Comments:0 | Tags:Gear & Gadgets Infinite Loop Law & Disorder Risk Assessment

Researchers find 256 iOS apps that collect users’ personal info

Researchers said they've found more than 250 iOS apps that violate Apple's App Store privacy policy forbidding the gathering of e-mail addresses, installed apps, serial numbers, and other personally identifying information that can be used to track users.The apps, which at most recent count totaled 256, are significant because they expose a lapse in Apple's
Publish At:2015-10-19 18:25 | Read:3190 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

iOS and Malware

iOS and Malware Posted by David Harley on October 15, 2015.Almost exactly a year ago I wrote an article for this site in which I said:…while iOS isn’t impregnable, most iOS-targeting malware relies on the device being jailbroken. In general, Apple’s ‘iron hand’ approach to app-sandboxi
Publish At:2015-10-15 19:50 | Read:2818 | Comments:0 | Tags:David Harley App Store iPad Malware sandboxing IOS

Apple removes several apps that could spy on encrypted traffic

Apple has purged its iOS App Store of several titles that it said had the ability to compromise encrypted connections between end users and the servers they connect to. The company advised users to uninstall the apps from their iPhones and iPads to prevent potentially harmful monitoring, but it has yet to name any of the offending titles."Apple has removed a
Publish At:2015-10-09 17:15 | Read:2777 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab App Store apple

Bypassing Apple’s Gatekeeper

Ever since Apple first introduced Gatekeeper, malware creators have been trying to find a way around it. Many different pieces of malware have done so, but at the Virus Bulletin Conference in Prague, Patrick Wardle, a security researcher at Synack, presented his findings on some new and interesting ways to skirt Apple’s security. First, let’s tak
Publish At:2015-10-07 07:40 | Read:3190 | Comments:0 | Tags:Mac App Store Apple mac malware vulnerability

XcodeGhost apps haunting iOS App Store more numerous than first reported

Security researchers have both good and bad news about the recently reported outbreak of XcodeGhost apps infecting Apple's App Store. The bad: The infection was bigger than previously reported and dates back to April. The good: Affected apps are more akin to adware than security-invading malware.Further ReadingApple scrambles after 40 malicious “XcodeGhost”
Publish At:2015-09-23 08:25 | Read:2509 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

Apple Cleans House, Pulls XcodeGhost Malware-Riddled Apps From App Store

The Apple security team has been on high alert following news of the XcodeGhost malware impacting about 39 iOS apps on the App Store, which were made with an unofficial Xcode version. Xcode is the tool developers use to create OS X and iOS apps.Apple confirmed on Sunday that a tool used by app developers for iOS devices was copied and modified by hackers to
Publish At:2015-09-22 09:25 | Read:3954 | Comments:0 | Tags:Apple Malware App Store iOS Xcode XcodeGhost

Apple scrambles after 40 malicious “XcodeGhost” apps haunt App Store

Apple officials are cleaning up the company's App Store after a security firm reported that almost 40 iOS apps contained malicious code that made iPhones and iPads part of a botnet that stole potentially sensitive user information.The 39 affected apps—which included version 6.2.5 of the popular WeChat for iOS, CamScanner, and Chinese versions of Angry Birds
Publish At:2015-09-21 21:15 | Read:3262 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

XcodeGhost malware infiltrates App Store

Late last week, Claud Xiao, a researcher at Palo Alto Networks, announced the discovery of new malware that he calls XcodeGhost. As the story has developed over the weekend, it turns out that this malware has infected at least 39 known iOS apps as of early this morning, all of which made it into the App Store. The malware uses a method of attack that is new
Publish At:2015-09-21 17:40 | Read:3329 | Comments:0 | Tags:Mac App Store Apple iOS mac malware

Apple Patches Remote ‘Invoice Vulnerability’ in iTunes, App Store

Apple recently patched a serious issue in its App Store and iTunes Store web app that could have let a remote attacker inject malicious script into invoices that come from Apple and subsequently lead to session hijacking, phishing, and redirect.The vulnerability was unearthed in June by Benjamin Kunz Mejri, a researcher with Vulnerability Lab, and reported t
Publish At:2015-07-29 02:35 | Read:3135 | Comments:0 | Tags:Apple Vulnerabilities App Store apple Apple vulnerabilities

iOS 8.3 Lets You Skip Password Entry to Download Free Apps. Good Idea?

The new version of iOS, version 8.3, is getting ever closer and pre-release beta testers are stumbling across new hidden features and tweaks that Apple has made with the iPhone and iPad operating system.An iOS 8.3 update (beta 4, build reference ‘12F5061’) issued this week contains what appears to be new functionality allowing users to disable password authe
Publish At:2015-03-25 16:45 | Read:4245 | Comments:0 | Tags:Apple App Store iOS iOS 8.3 password IOS

Mobile Android, iOS Apps Still Vulnerable to FREAK Attacks

In the shadow of a major OpenSSL vulnerability scheduled to be announced tomorrow, lingering issues remain with mobile platforms and applications that still run versions of the crypto library vulnerable to FREAK attacks.A report published Tuesday by FireEye paints a bleak picture of vulnerable versions of iOS and Android applications that have been downloade
Publish At:2015-03-18 17:00 | Read:2060 | Comments:0 | Tags:Apple Hacks Mobile Security Vulnerabilities 512-bit RSA keys

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud