Sci-tech

Contacts on iPhones vulnerable to hack attack

Contacts on iPhones vulnerable to hack attack”

"Luckily for us, SQLite databases are not signed", the report quoted the Check Point researchers as saying. On a walled-garden system like iOS, there are no unknown apps.

How were the researchers able to insert malicious code in Apple's closed iOS ecosystem?

But the real shocker is why the Contacts app vulnerability exists in the first place: it capitalises on a known bug which Apple has failed to fix for four years. These will be out next year and will only be given to a select few to stop these flaws being sold on to those offering more money than Apple. "However, SQLite usage is so versatile that we can actually still trigger it in many scenarios".

As an example, the researchers demonstrated a simple attack that simply crashed the Contacts app.

Essentially, Apple hadn't prioritised the bug because it was believed it could only be triggered by an unknown application with access to the database. Check Point's hack works on devices running iOS 8 through the beta versions of iOS 13. Last week it was announced in Las Vegas at the Black Rock cybersecurity conference the tech giant is giving these specialists the task of hacking into the iPhone to find security flaws and vulnerabilities.

Apple users have been warned that an iMessage security vulnerability has been discovered - this means that an attacker can read the files on a users iPhone without needing physical access to the device. All they needed was some tape, a pair of spectacles, and an unconscious or sleeping iPhone user. Google researchers shared the vulnerabilities with the iPhone maker, which fixed most of the flaws before they were made public.

Putting their security systems to the test, Apple are offering up $1 million (£830,000) to anyone that can successfully hack an iPhone.

The bug bounty program, which was previously invite-only, is also now available to any researchers that would like to participate, which should widen the number of people looking for those issues.

Apple started its bounty program three years ago and only focused on its mobile platform, until now. Apple's new bounties are now in the same range as some published prices from contractors.



Like this

loading...
loading...

Latest


13 August 2019
Decision on neutral venue for Davis Cup to be taken after Eid
Since 2017, Pakistan have played four of their five home ties in Islamabad, hosting Korea, Thailand, Uzbekistan and Iran. It's a genuine request. "In the current circumstances, it is not conducive to play there", he said.

13 August 2019
RCMP find item that may be connected to McLeod and Schmegelsky investigation
Two firearms were also found near the area and police are analysing whether these weapons were connected to the homicides in B.C. Officials hope that the results of the autopsies will lead to more clues in the case, he added.

12 August 2019
Fortnite's 16-year-old solo champion was swatted during a stream
Part of what makes swatting so risky is the potential for law enforcement to harm the swatting target or their loved ones. Bugha said the incident de-escalated after he was recognized by one of the armed officers.

12 August 2019
Trump Admin Releases Final Version Of Widely Condemned 'Public Charge' Rule
Pregnant women, children and members of the military, as well as their families, will be exempt from this rule, however. It is scheduled for publication on Wednesday as a "final rule", and will go into effect 60 days from then.

12 August 2019
Red Bull promotes Alex Albon - demotes Pierre Gasly!
Albon has acquitted himself well in F1 so far, scoring five top-ten finishes in 2019, including an impressive P6 in Germany. Albon will make his Red Bull debut at the Belgian Grand Prix at Spa-Francorchamps on September 1.

12 August 2019
Russia, after protests, tells Google not to advertise "illegal" events
The city authorities insist that the registration was denied due to the candidates' failure to comply with the set procedures. The letter was sent by Roskomnadzor amid a wave of protests in Moscow, which have been ongoing since mid-summer.

12 August 2019
Asteroid whizzing by Earth this weekend won't come close to impact
Based on their latest findings, Earth is now not in danger of getting hit by one of these giant asteroids . According to CNEOS , the last time the asteroid approached Earth was on July 29, 2018.

12 August 2019
Giggs Believes Lukaku Cannot Be Faulted For Wanting Out Of Man United
There's a group of young players together and we can start to become what we decide to become. He then went on to express his feelings about the players United have signed.

12 August 2019
Your DSLR could be vulnerable to malware and ransomware
Security researchers have now warned that even DSLR cameras are not immune to ransomware and malware attacks. According to Check Point's report, this is possible through the picture transfer protocol of the cameras.

12 August 2019
Donald Trump lashes out at critics on visit to shooting victims
Dorothee Bouquet, who protested with her five-year-old daughter and two-year-old son, said she was there "to tell grown-ups to make better rules".