A single iMessage might now compromise your iPhone—no clicks needed. Graphite spyware is targeting journalists worldwide and raising serious questions about our digital safety. Curious to learn more?
https://thedefendopsdiaries.com/graphite-spyware-a-zero-click-threat-to-journalists/
#graphitespyware
#zeroclickexploit
#iossecurity
#cyberthreats
#journalistprotection
Installing unsigned or fake-signed iOS apps for testing without a Mac, Xcode, or access to proper signing tools can be a challenge.
Since iOS normally relies on the App Store to handle signing, getting apps onto a device manually isn’t always straightforward.
In our latest blog, we break down the main approaches to sideloading using tweaks on jailbroken devices, sideloading platforms like AltStore and Sideloadly, and on-device tools like TrollStore.
Whether your device is jailbroken or not, you’ll find a method that works.
📌Read here: https://www.pentestpartners.com/security-blog/how-to-load-unsigned-or-fake-signed-apps-on-ios/
#iOSSecurity #MobileAppTesting #Sideloading #CyberSecurity #infosec
🚨 iVerify's iOS app detected 11 new Pegasus infections in December 2024! 🦠 Shockingly, about half of the affected devices didn’t receive Threat Notifications from Apple. A major security concern! 🔐 #iOSSecurity #PegasusSpyware #Apple #TechNews #Privacy
https://posivi.com/iverifys-ios-app-detected-11-new-pegasus-infections-in-december-2024/
I always find these kinds of posts fascinating and can usually pick up a glimpse of iOS design from them. In this case, the article talks a lot about the Secure Enclave and how it interacts with other parts of the phone. I also appreciate the before first unlock / after first unlock call outs.
#ios #security #iossecurity #blogposts #iphone https://naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html
iOS 18 update brings cutting-edge AI security features to iPhones, enhancing user protection. #iOSsecurity #AItechnology #iPhoneupdate https://us.technoholic.me/ya9ExWa
Gold Pickaxe iOS Technical Analysis: IPA Overview and C2 Communication Start up
https://syrion.me/goldpickaxe-technical-analysis-ipa-c2/
#iossecurity #mobilesecurity #applesecurity #malware #malwareanalysis #reverseengineering
Operation Triangulation’ #Spyware Attackers Bypass #iPhone Memory Protections...iMessage attachment, exploiting the remote code execution (#RCE) #vulnerability CVE-2023-41990.
#apple #cybersecurity #technology #news #iPhones #ios #iossecurity
iOS Bug Hunting – Web View XSS
https://www.allysonomalley.com/2018/12/03/ios-bug-hunting-web-view-xss/
Wednesday == hump day == patch yo shit day!
https://support.apple.com/en-us/HT201222
https://support.apple.com/kb/HT213813
https://support.apple.com/kb/HT213814
https://support.apple.com/kb/HT213813
https://support.apple.com/kb/HT213810
https://support.apple.com/kb/HT213809
https://support.apple.com/kb/HT213812
https://support.apple.com/kb/HT213808
Mobile Pentesting 101 – How To Set Up Your Ios Environment
https://securitycafe.ro/2023/06/12/mobile-pentesting-101-how-to-set-up-your-ios-environment/
Develop your own zero day vulnerabilities in iOS : https://faisalmemon.github.io/the-road-to-zero/ #iOSSecurity #MobileSecurity
RT @mobilesecurity_: A Deep Dive into iOS Code Signing
#MobileSecurity #iOSsecurity by @umanghere
https://t.co/L9Zgj4WUyV
RT @mobilesecurity_@twitter.com
A technical deep-dive into the NHS COVID-19 contact tracing app
#MobileSecurity #iOSsecurity by @reincubate@twitter.com
https://reincubate.com/blog/nhs-covid-19-background-tracing-details/
🐦🔗: https://twitter.com/mobilesecurity_/status/1258807517418749956
Popular iPhone and iPad Apps Reportedly 'Snooping' on Pasteboard Data
According to new research by Talal Haj Bakry and Tommy Mysk, dozens of popular iOS apps are reading the contents of the pasteboard without user consent, which could include sensitive information.
The investigation discovered that many popular apps, such as TikTok, 8 Ball Pool™, and Hotels.com, quietly read any text found in the pasteboard every time the app is opened.
iOS and iPadOS apps have unrestricted access to the system-wide pasteboard, also known as the clipboard, as of iOS 13.3.
Text left in the pasteboard may be inconsequential, but it could also be highly sensitive data such as passwords or financial information. The potential security risks of this vulnerability have previously been investigated by Bakry and Mysk, where they found that precise location information was leaking through the system pasteboard.
A diverse range of apps, from popular games and social networking apps, to news apps of major news organizations such as Fox News or The Wall Street Journal, were examined using standard Apple development tools. Many of these apps do not provide any UI that manages text, yet they read the text content of the pasteboard every time they are opened.
It is also of note that if Universal Clipboard is enabled, an app may also access whatever has been copied on a Mac.
What exactly these apps do with the contents of the pasteboard once they have read it is unknown.
Tag: iOS 13
This article, "Popular iPhone and iPad Apps Reportedly 'Snooping' on Pasteboard Data" first appeared on MacRumors.com
Discuss this article in our forums
feeds.macrumors.com/~ff/MacRum… feeds.macrumors.com/~ff/MacRum… feeds.macrumors.com/~ff/MacRum…
#MacSecurity #iOSSecurity #KRACK
Apple released:
• AirPort Firmware Update 7.6.9 for AirPort Express/Extreme & Time Capsule 802.11n
• AirPort Firmware Update 7.7.9 for AirPort Extreme & Time Capsule 802.11ac
Both of whoich are fixing WPA2/KRACK!
https://support.apple.com/en-us/HT208258
https://support.apple.com/en-us/HT208354
Update your AirPort Base Stations and Time Capsules NOW!
