iOS

Pierluigi Paganini May 27, 2016
Installing rogue apps on iOS devices via SandJacking Attack

The security expert Chilik Tamir from Mi3 Security has devised a new attack dubbed SandJacking to install rogue apps on iOS devices. The security expert Chilik Tamir from Mi3 Security has devised some new attack methods that can be exploited by threat actors to install malicious apps on non-jailbroken iOS devices. Tamir presented his attack methods at […]

Pierluigi Paganini April 06, 2016
How to easily bypass iPhone 6s Lockscreen to access to Photos and Contacts

iPhone 6s and 6s Plus running the latest iOS version are plagued by a vulnerability that can be exploited to bypass the lockscreen. Another flaw plagues the new Apple iPhone 6s and 6s Plus, this time the mobile devices are affected by a Lockscreen Bypass vulnerability that could be exploited by local attackers to access […]

Pierluigi Paganini April 01, 2016
SideStepper method allows to infect iOS devices via MDM Solutions

SideStepper is a method to install malicious apps on iOS devices by abusing the mobile device management (MDM) solutions. Security researchers from the Check Point firm have devised a method to install a malicious code on iOS devices by abusing the mobile device management (MDM) solutions used by many enterprises. The technique relies on a vulnerability dubbed by […]

Pierluigi Paganini March 21, 2016
An iOS zero-day allows iCloud photos and videos decryption

A group of researchers found an iOS zero-day that would let a skilled attacker decrypt photos and videos that were sent as secure instant messages. The bad news is that Matthew Green, a professor at Johns Hopkins University revealed that a zero-day vulnerability in iOS encryption allows skilled attackers to decrypt intercepted iMessages, the good […]

Pierluigi Paganini March 17, 2016
How to install the AceDeceiver malware onto any iOS Device

AceDeceiver is the first iOS malware that abuses certain design flaws in Apple’s FairPlay DRM to install malicious apps on iOS devices even non-jailbroken. Hackers are exploiting a flaw affecting the Apple digital rights management technology (DRM) to install malicious apps on every iOS device, even non-jailbroken ones. Last month, security experts at Palo Alto Networks […]

Pierluigi Paganini March 15, 2016
The DoJ threatens to force Apple to hand over iOS source code

DOJ released a brief filing that threatens to force Apple to hand over the iOS source code if it will not help FBI in unlocKing the San Bernardino shooter’s iPhone. The battle between Apple and the FBI is going on while the debate on the case is monopolizing the media.  Last news in order of […]

Pierluigi Paganini March 08, 2016
How to bypass Apple Passcode in 9.1 and later

A number of bypass vulnerabilities still affect iOS devices and could be exploited by an attacker to bypass the passcode authorization screen. A number of bypass vulnerabilities still affect iOS devices and could be exploited by an attacker to bypass the passcode authorization screen on Apple mobile devices (iPhones and iPads) running iOS 9.0, 9.1, and […]

Pierluigi Paganini March 05, 2016
New exploit steals secret cryptographic keys from mobile devices

A group of security researchers has devised a new attack scheme to steal cryptographic keys from both Android and iOS devices. A team of security researchers from Tel Aviv University, Technion and The University of Adelaide has elaborated a new attack scheme to steal cryptographic keys from both Android and iOS devices. Last month, the same team […]

Pierluigi Paganini December 21, 2015
iOS Mobile Banking Apps, what is changed from 2013 tests?

The security expert Ariel Sanchez presented the results of the test conducted on 40 iOS banking apps, comparing them to the ones obtained 2 years ago. The banking industry is looking with an increasing interest in mobile platform, financial institutes are offering a growing number of services accessible through mobile devices, but what about security? The security […]

Pierluigi Paganini October 12, 2015
Apple has several apps from the official iOS App Store

Apple has removed mobile apps from the iOS Apple store that are installing root CA certificates that enable traffic to be intercepted. Apple has pulled several apps out from the official iOS App Store over SSL/TLS security concerns, this means that the security issues could allow threat actors to compromise encrypted connections between the servers […]