HackDig : Dig high-quality web security articles for hackers

Apple releases iOS 14, watchOS 7 and more with security updates

This week Apple released updates to most of its operating systems and the macOS version of the Safari browser. Here’s a brief rundown of the security fixes included with each update as well as some of the non-security changes.iOS 14.0 and iPadOS 14.0Available for: iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and
Publish At:2020-09-19 02:22 | Read:152 | Comments:0 | Tags:Security News Security Updates IOS security

APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0iOS 14.0 and iPadOS 14.0 are now available and address the following:AppleAVDAvailable for: iPhone 6s and later, iPod touch 7th generation, iPadAir 2 and later, and iPad mini 4 and laterImpact: An application may be able to cause unexpected systemtermination or write
Publish At:2020-09-18 16:33 | Read:181 | Comments:0 | Tags: IOS

iOS 14 and iPadOS 14 Patch Vulnerabilities, Introduce New Privacy Features

Apple has patched nearly a dozen vulnerabilities and it has introduced new privacy features with the release of iOS 14 and iPadOS 14 this week.Each of the addressed security flaws impacts a different component of the operating system, namely AppleAVD, Assets, Icons, IDE Device Support, IOSurfaceAccelerator, Keyboard, Model I/O, Phone, Sandbox, Siri, and WebK
Publish At:2020-09-18 03:27 | Read:120 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Privacy Wireless Securit

Hands on with iOS 14's new data breach notification feature

With the release of iOS 14, Apple has introduced a new feature that warns users when their stored passwords have been compromised in data breaches.iOS includes the Keychain password manager that allows users to save credentials and automatically fill them into login forms on sites and apps.The password manager can be found under Settings > Passw
Publish At:2020-09-17 21:16 | Read:186 | Comments:0 | Tags:Apple Security IOS

Should You Back Up Your iOS Device to iCloud or Your Mac?

You probably know how important it is to back up your data, and there are a number of different backup options for Mac.But it’s also important to back up your iPhone or iPad. While you may not have a lot of documents on these devices that aren’t stored on a cloud server—which you can easily retrieve if necessary—you are likely to have photos and
Publish At:2020-09-17 11:15 | Read:152 | Comments:0 | Tags:How To back up backup backups iCloud iOS Device iTunes IOS C

Microsoft brings iOS' spacebar cursor control to Windows 10

Microsoft is bringing a popular Apple iOS feature to Windows 10 that allows you to control your cursor by pressing and holding the spacebar while moving your finger.Since iOS 12, you can hold and press the spacebar and then move your finger around to control the text input cursor, as shown in the video below.With the release of Windows 10 preview build 20206
Publish At:2020-09-03 17:07 | Read:192 | Comments:0 | Tags:Microsoft IOS

Apple’s notarization process fails to protect

In macOS Mojave, Apple introduced the concept of notarization, a process that developers can go through to ensure that their software is malware-free (and must go through for their software to run on macOS Catalina). This is meant to be another layer in Apple’s protection against malware. Unfortunately, it’s starting to look like notarization may
Publish At:2020-08-31 17:01 | Read:183 | Comments:0 | Tags:Mac Apple bundlore adware catalina fruitfly malware iOS ipad

Hackers are trying to exploit DoS flaw in Cisco IOS XR software running in carrier-grade routers

Cisco warns that threat actors are attempting to exploit a high severity DoS flaw in its Cisco IOS XR software that runs on carrier-grade routers. Cisco warned over the weekend that attackers are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability (CVE-2020-3566) affecting the Cisco IOS XR Network OS that ru
Publish At:2020-08-31 14:37 | Read:275 | Comments:0 | Tags:Breaking News Security CISCO Cisco IOS XR DOS Hacking hackin

Monitoring MISP with Nagios

Yesterday, a very interesting article was published on the MISP blog by my friend Koen about a solution to monitor a MISP instance with Cacti. Monitoring your threat intelligence platform is always a good idea because many other tools depend on it. You can feed other tools with MISP data and, if MISP is not running, you will probably break your detection cap
Publish At:2020-08-25 08:01 | Read:380 | Comments:0 | Tags:MISP Software monitoring Nagios IOS

SourMint SDK used by 1200 iOS apps shows malicious behavior

Experts at security firm Snyk discovered a malicious behavior in an advertising SDK that is used in more than 1,200 iOS apps available in the Apple App Store. Experts at security firm Snyk discovered a malicious behavior in the advertising SDK SourMint developed by Mintegral, a China-based mobile advertising platform provider. The Mintegral SDK is adverti
Publish At:2020-08-25 06:12 | Read:340 | Comments:0 | Tags:Breaking News Mobile Security ad fraud Hacking hacking news

Malicious Behavior Found in Advertising SDK Used by 1,200 iOS Apps

Researchers at developer security company Snyk claim to have identified malicious behavior in an advertising SDK that is present in more than 1,200 iOS applications offered in the Apple App Store.The SDK has been developed by Mintegral, a China-based mobile advertising platform provider that has offices in the United States, Europe and Asia. Snyk says it has
Publish At:2020-08-24 13:14 | Read:246 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Virus & Threats Frau

Safari Webkit For iOS 7.1.2 JIT Optimization Bug

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = GoodRanking include Msf::Post::File include Msf::Exploit::Remote::HttpServer::HTML def initialize(info = {}) super( update_info( info, 'Nam
Publish At:2020-08-15 11:50 | Read:495 | Comments:0 | Tags: IOS

With iOS's Privacy Nutrition Label, Apple Upstages Regulators

New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.In 2012, the National Telecommunications and Information Administration (NTIA) convened a series of meetings that were intended to develop a legally enforceable code of conduct to provide transparency in how companies provid
Publish At:2020-08-13 11:10 | Read:240 | Comments:0 | Tags: IOS

RTSP For iOS 1.0 Denial Of Service

# Exploit Title: RTSP for iOS 1.0 - 'IP Address' Denial of Service (PoC)# Author: Luis Martinez# Discovery Date: 2020-08-03# Vendor Homepage: https://appadvice.com/app/rtsp-viewer/1056996189# Software Link: App Store for iOS devices# Tested Version: 1.0# Vulnerability Type: Denial of Service (DoS) Local# Tested on OS: iPhone 7 iOS 13.5.1# Steps to
Publish At:2020-08-04 18:34 | Read:309 | Comments:0 | Tags: IOS

Mocha Telnet Lite For iOS 4.2 Denial Of Service

# Exploit Title: Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service (PoC)# Discovery by: Luis Martinez# Discovery Date: 2020-08-03# Vendor Homepage: https://apps.apple.com/us/app/telnet-lite/id286893976# Software Link: App Store for iOS devices# Tested Version: 4.2# Vulnerability Type: Denial of Service (DoS) Local# Tested on OS: iPhone 7 iOS
Publish At:2020-08-04 14:42 | Read:286 | Comments:0 | Tags: IOS

Tools

Tag Cloud