gizmosure

Tag: Security

  • Twitter Users on Android May Have Had Their Personal Data Compromised

    Twitter Users on Android May Have Had Their Personal Data Compromised

    Twitter and Facebook have announced that personal data of hundreds of users may have been compromised after they used their accounts to log in to certain third-party apps. This includes their names, gender, email addresses, usernames, and possibly their most recent tweets.

    Both companies received a report from security researchers who found that a software development kit called One Audience, allowed third party developers to access personal data.

    “We recently received a report about a malicious mobile software development kit (SDK) maintained by oneAudience. We are informing you about this today because we believe we have a responsibility to inform you of incidents that may impact the safety of your personal data or Twitter account,” Twitter wrote in a blog post on Monday.

    Apps usually ask for access to users’ social media accounts such as Facebook and Twitter to offer extra features such as the ability to share achievements and in-game leaderboards. However, apps using this SDK potentially allowed third-party developers to access much more data than users originally intended to.

    The company also notes that it might have been possible for someone to take control of someone else’s Twitter account using this vulnerability, however, no evidence in this regard has been found yet.

    “We think it’s important for people to be aware that this exists out there and that they review the apps that they use to connect to their accounts,” said Lindsay McCallum, a Twitter spokeswoman.

    For now, the vulnerability only seems to affect Twitter users on Android, as no evidence has been found yet that suggests iOS users were also impacted.

    Twitter said it has informed Google and Apple about the vulnerability so that they can take evasive measures. The company also said it will be informing Twitter users impacted by this vulnerability.

  • Whatsapp Fixes Major Mp4 Security Vulnerability

    Whatsapp Fixes Major Mp4 Security Vulnerability

    WhatsApp has fixed a critical security flaw in the Android and iOS version of its app, which could give hackers access to messages and files stored on a vulnerable device using a specially-crafted MP4 file. WhatsApp confirmed that along with the consumer versions of its app, the issue affects the Enterprise client versions of its app, as well as Business for Android and Business for iOS versions of WhatsApp.

    While reports suggest that the vulnerability hasn’t been exploited so far, as there are no signs of attacks happening in the wild. That said, WhatsApp warns that a successful attack would have led to a denial of service or remote code execution.

    “A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100,” CVE-2019-11931 reads.

    Readers are advised to update to the latest version of WhatsApp to keep themselves protected against this vulnerability.

    Facebook-owned WhatsApp is currently the most popular messaging app on both iOS and Android. According to sources, the service currently has over 1.5 billion active users on all supported platforms.

    The news comes shortly after WhatsApp confirmed that spyware developed by NSO Group was used to target 1400 selected users globally and in India, which included human rights activists and journalists. That said, there’s no indication that the MP4 flaw was used in similar attacks. Besides, the Indian government clearly denied that it purchased or used the spyware in question to target its citizens.

  • Facebook Working on Fixing Bug That Activates Your Iphone’s Camera

    Facebook Working on Fixing Bug That Activates Your Iphone’s Camera

    Facebook is reportedly working on fixing a bug that automatically activates users’ iPhone camera while using its iOS app. The social networking giant is aware of the bug and has promised to roll out a fix for the same by today.

    The bug was discovered earlier this month when Facebook slang words users started noticing that their iPhone’s camera was automatically activated while viewing photos and videos. Sources suggest that the bug appears to be limited to iOS as no Android user has noticed the glitch so far.

    Users reported that while viewing videos in full screen, the camera was running in the background while scrolling Facebook. The company has acknowledged the issue and says the glitch was introduced while it fixed another bug in version 244 of the Facebook iOS app.

    “We recently discovered that version 244 of the Facebook iOS app would incorrectly launch in landscape mode. In fixing that issue last week in v246 (launched on November 8th) we inadvertently introduced a bug that caused the app to partially navigate to the camera screen adjacent to News Feed when users tapped on photos. We have seen no evidence of photos or videos being uploaded due to this bug. We’re submitting the fix for this to Apple today,” Facebook said in a statement.

    Until the bug fix arrives, users are recommenced to deny camera access for the Facebook app. Facebook’s reputation when it comes to user privacy has taken a hit in recent years. In 2018, a study revealed how Facebook exposed information about nearly 87 million users to a political analysis firm for Donald Trump’s 2016 presidential campaign. It was later found that the data was used for targeted political advertising.

    While earlier this year, a security firm also found out that hundreds of millions of Facebook records were exposed on Amazon cloud servers.

  • Safari in iOS sends user browsing data to Chinese company Tencent

    Safari in iOS sends user browsing data to Chinese company Tencent

    Apple has seemingly found itself tangled in yet another controversy related to China, as reports indicate that Chinese tech giant Tencent gets user browsing data from its Safari browser. The data sent includes the IP address of the user along with websites visited by the user.

    In case you aren’t aware, such data sharing is done to help protect users from malicious websites. Apple has long been a part of Google’s Safe Browsing to help protect users from phishing scams using its fraudulent website warning feature. For instance, if a user tries to visit a website that has been flagged as fraudulent by Google, a warning is shown in Safari advising users not to visit the website. However, the fact that a Chinese company also receives such data has raised some eyebrows.

    Johns Hopkins University professor and cryptographer Matthew Green suggests this could have consequences as it may reveal both the webpage a user is trying to visit, as well as his IP address. Besides, it could also leave a cookie on a device, and the data could possibly be used to build up a profile of a user’s browsing behavior.

    However, evidence suggests that Apple sends browsing data to Tencent only when a user’s iOS region is set to China. That said, it’s still unclear as Green adds that the warning not only appears on Chinese-registered iPhones’, but also shows up on iPhones’ operating in the US.

    Apple is one of the companies along with a few others who’ve long been criticized for appearing to bend over backward to China’s demands. Industry experts and users are concerned about China’s bullish influence on tech companies.

    Apple came under fire last week when it removed the HKmap Live app from the App Store after pressure from Chinese authorities. Apple removed the app stating that it was violating local laws that targeted individuals and police. Besides, the company also removed the app of news outlet Quartz from China’s app store, on grounds that content found in the app is illegal in China.

    Several American organizations operating in China have come under immense scrutiny and criticism for yielding to China’s censorship demands. Recently, Blizzard came under immense scrutiny after it imposed a ban on a pro-Hearthstone player who showed up in an interview and appeared to shout a slogan associated with Hong Kong protesters: “Liberate Hong Kong, revolution of our time”.

  • Critical iOS exploit impacts millions of devices from iPhone 4S to the iPhone X

    Critical iOS exploit impacts millions of devices from iPhone 4S to the iPhone X

    A newly discovered bootrom exploit in iOS, dubbed as ‘checkm8’, could lead to permanent jailbreak on iOS devices that run on Apple’s A-series processors.

    According to security researcher axiomX, the vulnerability affects hundreds of millions of iOS devices starting from the iPhone 4S, to the iPhone 8, as well as the iPhone X. The affected devices also include iPad models starting with the iPad 2 up to the 2017 iPad Pro.

    The vulnerability could give attackers deep access to iOS devices. axiomX claims that ‘checkm8’ is possibly one of the biggest news in the iPhone hacking community for years. Being a bootrom exploit, it affects devices at bootrom level instead of taking advantage of vulnerabilities in the OS or software. Now, this essentially means that Apple won’t be able to fix the issue with a simple patch or an update. To fix the issue, Apple would need to make physical changes directly to its A-series processors.

    As expected, the new flaw has some serious security concerns, as the vulnerability can offer root access to affected devices. Therefore, it’s possible that attackers could use the exploit to take control and delete sensitive information from other user’s devices.

    However, there’s some good news as axiomX explained that the vulnerability can’t be used remotely. Now, this means that attackers would need physical access to an iOS device to take undue advantage of this vulnerability. Therefore, just make sure you’re iPhone or iPad is passcode protected.

    Apple is yet to make any official statement regarding this exploit, though we’ll update you as soon as Apple responds to the matter.

    iPhone jailbreaking isn’t as popular as it was 7 years from now. During the early days of the iPhone, jailbreaking was primarily done to install third party apps that were not available via the App Store. Jailbreaking allows iOS users to add apps and other functions that Apple wouldn’t usually allow users to perform on their iPhones. iOS has rather strict limitations that are designed to protect users from malicious apps but also gives Apple’s more control over the ecosystem. Therefore, jailbreaking hurts your iPhone’s security, but at the same time gives users more control over the phone.

    The last jailbreak we heard was back in August this year when a new vulnerability was found in iOS 12.4. It was the first iOS jailbreak to be publicly revealed in years.

  • State-backed effort responsible for the massive iPhone hack: Report

    State-backed effort responsible for the massive iPhone hack: Report

    Google’s Project Zero team recently found multiple flaws in iOS that allowed hackers to gain access to an iPhone. The attack involved a small group of websites which targeted visitors’ devices to gain access to their personal information, as well as location data. Besides, the attack could also gather encrypted information from apps such as WhatsApp, iMessage, and Telegram.

    According to sources, such websites have been running for two years, during which thousands of visitors possibly accessed them every week. Apple, however, was quick to roll out a fix for the flaw in iOS 12.1.4. Apple revealed in the update that the vulnerability, referred to as ‘memory corruption issues’, was fixed with ‘improved input validation. Hence, iPhone owners are most likely protected against these exploits, as a fix was rolled out for the same with iOS 12.1.4 on February 7.

    That said, the perpetrator behind these attacks remained a mystery. Now, thanks to some digging by TechCrunch, it turns out that the culprit behind these attacks was the Chinese government.

    The attack was apparently part of a campaign to gather surveillance on a minority Muslim group in China, the Uyghur community, residing in China’s Xinjiang territory. The Chinese government claims that Islamists militants and separatists target the country’s Xinjiang region. Reports indicate that China has forced nearly 2 million people from the Uyghur community and Muslim minorities into camps for indoctrination, prompting activists to call on China to stop such mass detention efforts.

    Google revealed in its disclosure that merely visiting the infected sites was enough for the exploit to attack your device. Therefore, even people outside the Uyghur community may have been affected by this state-sponsored spy effort. Key sources also indicate that not only iPhone users were affected by the attack, but even devices running Android and Microsoft’s operating systems. With thousands of visitors accessing such malicious websites, it allowed the Chinese government to capture their private data as well as their location data.

  • iOS 12.4 bug lets anyone jailbreak an iPhone

    iOS 12.4 bug lets anyone jailbreak an iPhone

    During the early days of the iPhone, jailbreaking was primarily done to install third-party apps that were not available via the App Store. Since then, there’s been no need to jailbreak iPhone thanks to the availability of thousands of apps and more customizable operating systems. That said, a new vulnerability was found this week in iOS 12.4, making it the first iOS jailbreak to be publicly revealed in years.

    First reported by Motherboard, the latest iOS 12.4 has a bug that Apple apparently fixed in iOS 12.3. Now, this essentially makes it possible to exploit the vulnerability to jailbreak iOS 12.4. Security researcher Pwn20wnd released the first free public version of the jailbreak that users are already using to customize the look of their Homescreen or to download unauthorized apps. That said, readers are advised not to do so, as jailbreaking makes your iPhone more susceptible to risks and hacks.

    Therefore, until Apple rolls out a fix for the same in iOS 12.4.1, many iPhones are at risk as the bug makes it easier to hack iPhones. A security researcher told Motherboard that hackers could exploit this vulnerability to develop a malicious app that could steal data from other apps on your iPhone. Given the security risks, readers are advised not to jailbreak their iPhones. Besides, they should also beware of the apps downloaded from the App Store until Apple rolls out a fix.

    Jailbreaking allows iOS users to add apps and other functions that Apple wouldn’t usually allow users to perform on their iPhones. iOS has rather strict limitations that are designed to protect users from malicious apps but also gives Apple more control over the ecosystem. Therefore, jailbreaking has an adverse effect on your iPhone’s security, but at the same time gives users more control over the phone.

  • Cellebrite claims its hacking tools can bypass any iPhone or iPad

    Cellebrite claims its hacking tools can bypass any iPhone or iPad

    Israeli forensics company Cellebrite claims its hacking tools can break into any iPhone or iPad. The company also adds that devices running the latest version of iOS can be broken into.

    Cellebrite recently announced that it has ability to perform a ‘full system extraction on any iOS device’, and notably, its services are for sale, though only to law enforcement agencies.

    In case you didn’t know, Cellebrite is a well-known Israeli security company whose expertise was used by the FBI in 2016 in order to crack into the iPhone 5c belonging to San Bernardino killer Syed Rizwan Farook. And the company’s latest product, called UEFD Premium, can nullify any and all passcodes on an iOS device to unlock them. The company also brags that its newest product can even unlock iPhones and iPads running latest iOS 12.3.

    However, the good news is that Cellebrite promised its hacking devices are specifically designed for law enforcement agencies. The company explains that agencies can use its tools to unlock devices belonging to a suspect who is unwilling to provide his passcode or biometric authentication.

    Besides, Celleibrite also stated that its tools require you to physically have possession of the iPhone or iPad, if you want to use its brute force methods to hack into smartphones and tablets. Additionally, the Israeli-company also claims it performs proper security checks to determine whether its hacking tools fall in the right hands.

    That said, despite all the security measures, there’s always a risk that these hacking tools could fall into the wrong hands. Not to mention, some of Cellebrite’s iPhone hacking tools have been found listed on eBay for as little as $100. Besides iOS devices, Cellebrite also claims its hacking tools can infiltrate Android devices from Samsung, Motorola, Huawei, and Xiaomi.

  • Massive breach exposes 773 million emails, 21 million passwords

    Massive breach exposes 773 million emails, 21 million passwords

    We’ve come across security hacks time and again. However, the latest breach takes it a whole new level exposing 773 million email addresses and over 21 million unique passwords. Experts believe it’s possibly the largest data breach in history, as more than 87GB of emails addresses and passwords were leaked by hackers.

    The breach was first reported by security researcher Troy Hunt, who explains that the hack was a collection of numerous other data breaches, going all the way back to 2008. The trove of leaked data was posted popular hacking forum, Mega, though was shortly taken down. The leaked data was dumped in a folder called #Collection1, which had over 12,000 files with a size of over 87GB.

    “Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. It’s made up of many different individual data breaches from literally thousands of different sources,” explained Hunt.

    Is it a big deal?

    So, how serious is this issue? Hunt suggests it’s pretty big despite the fact that information such as credit card and social security numbers have not been leaked. For one, he says the way in which passwords were dumped in #Collection1. They were all in plain text, compared to other data breaches where passwords were cryptographically hashed, making them very difficult to read. Besides, Hunt found that nearly 140 million email accounts and over 100 million unique passowrds in the breach were new to his new database.

    Hunt has also loaded the email addresses and passwords on Have I Been Pwned. It’s a database where you can check whether your email or password was affected by the breach. He further advises users to look into Password Manager to secure all their sensitive information such as passwords and banking info.

    “A password manager provides you with a secure vault for all your secrets to be stored in (not just passwords, I store things like credit card and banking info in mine too), and its sole purpose is to focus on keeping them safe and secure”, further added Hunt.

  • Google gets rid of 85 malicious apps from the Play Store

    Google gets rid of 85 malicious apps from the Play Store

    Google has removed 85 dangerous apps from the PlayStore, after security experts found such apps to contain adware. According to researchers at TrendMicro, these apps were available on the Play Store as games, TV, and remote control simulator apps.

    “This adware is capable of displaying full-screen ads, hiding itself, monitoring a device’s screen unlocking functionality, and running in the mobile device’s background,” explained the researchers at Trend Micro in the blog.

    The report further notes that these malicious apps have witnessed over nine million downloads on the Android PlayStore. One of these apps, called ‘Easy Universal TV Remote’, was the most downloaded among the 85 malicious apps, with over 5 million downloads.

    It’s also worth noting that these apps showed and shared the same source code, despite coming from different developers and different APK certificates. Once installed, as soon as the user launched these apps, a full-screen pop-up would appear asking users to perpetually press several buttons to continue.

    Every button press would then open a new ad page, and this kept on happening until the app finally crashed. That said, they would still run in the background and suddenly show up after every hour or so on the device. For more information, click on the source link below.

    Well, this isn’t the first time Google has removed malcious apps from the PlayStore. In November 2018, Google removed 13 malware-infested apps from the PlayStore. Back then, popular malware researcher researcher, Lukas Stefanko, found 13 malicious apps on the Play Store, which tricked users to install malware on their handsets.

    Besides, Stefanko also found 29 other malicious apps on the PlayStore between August until early October 2018 in the Google Play store, which also masked themselves as authentic banking apps and used phishing forms to collect a user’s personal banking information.

  • Facebook bug exposes photos of 6.8 million users

    Facebook bug exposes photos of 6.8 million users

    Facebook has officially announced that a bug on its network has exposed photos of 6.8 million users without their consent. The social network states that a photo API bug gave third-party app developers access to users’ photos they may not have publically shared.

    “Photos that users started to upload to Facebook but did not post could have been accessed, along with images posted to Facebook Stories. We’re sorry this happened,” wrote Tomer Bar, an engineering director at Facebook, in a blog post.

    According to Facebook, photos could have been accessed by 1500 apps created by 876 developers as a result of this bug. Next week, the company plans to offer tools for app developers which will allow them to find users that may have been impacted by the bug.

    Besides, the company added it will notify users who may been affected by the bug through a Facebook notification that will redirect them to the Help Centre. You can find a mock-up of that notification in the image below:

    facebook bug

    “Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers. The only apps affected by this bug were ones that Facebook approved to access the photos API and that individuals had authorized to access their photos,” further explained Facebook.

    Facebook added that the bug was live for 12 days from September 13th to September 25th. The company said it discovered the bug on September 25th, and informed the Office of Data Protection Commissioner (IDPC) on November 22nd.

    As to why they waited so long to disclose the bug, Facebook reportedly said that it took time to investigate the issue and find out how many users were affected.

    For now, Facebook recommends users to log into any apps with which they might’ve shared their Facebook photos with to find out which photos they’ve gained access.

  • Sennheiser headphone app susceptible to hacking

    Sennheiser headphone app susceptible to hacking

    Sennheiser’s HeadSetup and HeadSetup Pro applications are susceptible to hacking, according to Germany’s Secorvo Security Consulting. Sennheiser has now advised users to update to the latest versions of the app after researchers discovered they added two Certification Authority CA certificates into the local system’s Trusted Root CA store, which could potentially allow man-in-the-middle (MITM) attacks.

    Sennheiser claims that the update removes these vulnerable certificates from its HeadSteup app. Besides, Secorvo Security Consulting has also published a report with detailed information about this vulnerability, along with a list of mitigation measures. Users who’ve downloaded the HeadSetup app on their systems are advised to manually uninstall the certificate. For more information on how to uninstall the certificate, follow the link here.

    In the wake of this vulenrability, Microsoft has also published an advisory which informs customers of two disclosed digital certificates that can be used to remotely spoof website or contents. In addition, the Windows-maker has also updated the Certificate Trust List to ensure that user-mode trust has been ousted from the two Certification Authority certificates installed by Sennheiser’s apps in the local system’s Trusted Root CA store.

  • Dell discloses cyber attack with a possibility of data breach

    Dell discloses cyber attack with a possibility of data breach

    Dell has revealed that a cyber attack was detected in early November, and the company has now reset all customer passwords in order to avoid possible data breach.

    The company is yet to find any solid evidence of customer information being stolen from their servers, but they did suggest there’s a chance that their personal data could be at a risk.

    “On November 9, 2018, Dell detected and disrupted unauthorized activity on its network attempting to extract Dell.com customer information, which was limited to names, email addresses and hashed passwords,” says Dell.

    As a precaution, the company has reset all customer passwords to protect personal information. In fact, the company has asked all users to go through a multi step authentication process to get access to their accounts as a safety measure. All customers will get a notification by default to reset their passwords when they try to log into their accounts via Dell.com.

    “Dell cybersecurity measures include the hashing of our customers’ passwords and a mandatory Dell.com password reset. Hashed passwords, along with the password reset, limit exposure of customers’ account information. Customers are encouraged to change passwords for other accounts if they use the same password for their Dell.com account,” further added Dell.

    Interestingly, the company was tight lipped about the attack and disclosed it 20 days later only after the investigation was over. The reason being that they wanted independent digital forensics agencies to finish the investigation before disclosing it to the public.

    According to Dell, the online services that were disprupted by the mass password reset were Dell.com, Global Portal, Premier, and support.dell.com

  • Company claims its software allows anyone to bypass iPhone passcode

    Company claims its software allows anyone to bypass iPhone passcode

    Hacking into iPhones is always a hot topic, and now a company called DriveSavers claims that anyone can hack into an iPhone using its software, even if it’s guarded by a long passcode. The company which specializes in data recovery services, touts that its software has a success rate of 100 percent.

    “Utilizing new technology, we have a 100% success rate with unlocking and recovering data from passcode-protected smartphones of every make, model and operating system with any length passcode, including phones and tablets with more complicated passcodes of six digits or more,” explains DriveSafe.

    For now, it’s unclear how the company’s software allows anyone to easily hack into an iPhone, despite being passcode protected. Interestingly, DriveSavers says this service is offered to consumers at a very affordable price. The company says customers can get in touch with the them for more information about pricing and other details.

    That said, the company also has safety protocols so that its services aren’t misused. DriveSavers says its software won’t unlock an iPhone if you aren’t the owner. In fact, it runs a detailed background check to make sure only the owner of an iPhone is able to unlock the device using its software.

    “We attempt to validate the legal right to access the data during all phases of the recovery process. This starts with the information gathered during the intake process. We also have a legal authorization form requiring specific information identifying the right to the data,” the company says.

    Though, it’s still unclear right now how the software works. Besides, one can’t even be sure whether the solution has a 100 percent rate of success.

    Apple is yet to provide an official statement regarding the matter, though there’s a high possibilty the company is already looking into this software to avoid potential misuse and exploits. Hence, we won’t be surpised if Apple rolls out a patch for the same in the next iOS update.

    DriveSavers also claims its software can hack into Android smartphones as well, such as handsets from BlackBerry, LG, Samsung, as well as Windows PCs.

  • Google removes 13 malware infested apps from the Play Store

    Google removes 13 malware infested apps from the Play Store

    A security researcher has found over a dozen malware infested apps have on the Play Store that trick users to install malware on their handsets. Renowned malware security researcher, Lukas Stefanko, has found 13 malicious apps on the Play Store, all of which happen to be motor racing games.

    According to Stefanko, these apps were created the same cybercriminal Luiz Pinto. Stefanko also notes that these apps have been downloaded by users nearly 560,000 times. Besides, he also added that a few of them also happen to be top trending apps.

    Reports suggest that once users were tricked into installing these malware infested apps, these apps never functioned properly as they crashed whenever a user tried opening them. And over a period of time, these apps could hide the icon from a user’s view and then asked users to install in-app application Game Center.

    Users were mostly unaware, and without their consent it used to install malware in the background to steal sensitive information. Researcher Stefanko informed Google about such malicious apps thriving on the Play Store.  Thankfully, Google came out with a swift response as the company has now removed 13 such malicious apps from Play Store.

    That said, the search engine giant continues to fail in its efforts to stop such malware ridden apps popping up on the Ply Store. As this isn’t the first time malware researcher Lukas Stefanko has found malicious apps on the Play Store.

    Earlier, this month, he found a Trojan-ridden call recording app which disguized itself as a normal call recording app and tricked users into downloading an additional app. While back in September, he found a Trojanized banking app which stole banking information from compromised Android devices.

    Stefanko suggests that if an Android app asks you to download Flash Player from servers besides Adobe, it should be taken as a warning sign as the app is most likely infected.

    One of the primary reasons that such apps are constantly showing app on the Play Store could be Google’s open source code policy. In contrast, Apple controls almost everything for its iOS store apps and allows developers to work within stringent parameters only. Hopefully, Google takes a cue from Apple to prevent such instances from happening in the future.