Plus, a new phishing scam preys on job insecurity, and a database of over 300 million Facebook profiles sells for about $620 on the dark web
Security researchers found a vulnerability in iOS software that may have allowed hackers to steal data from almost a billion Apple devices over the past two years. Reuters reported that a California-based security firm discovered the bug while investigating a client’s cyberattack that occurred in late 2019. The attack exploited a flaw whereby a blank email sent to the victim triggers a crash and reset of the iOS Mail app, swinging open a backdoor for hackers in the process. The attackers then gain access to whatever information is kept in the Mail app, such as contact lists, photos, and confidential messages.
The researchers said they found evidence that the flaw was exploited as far back as January 2018, and it still exists even in the most current iOS version, rendering all iPhones and iPads vulnerable. In 2019, Apple claimed there were 900,000 iPhones in active use. The company acknowledged the vulnerability, stating that a fix has been developed and will be issued as a forthcoming update.
“This is an extremely serious vulnerability that allows any attacker access to a victim’s emails just by sending an email, and it has been around for years,” commented Avast Security Evangelist Luis Corrons. “The good news is that it seems the flaw has only been exploited by a state sponsored group, so it hasn’t been used to widely attack all iOS users. Nevertheless, now that it is known, groups of bad actors w ..
Support the originator by clicking the read the rest link below.
