Sci-tech

Contacts on iPhones vulnerable to hack attack

Contacts on iPhones vulnerable to hack attack”

"Luckily for us, SQLite databases are not signed", the report quoted the Check Point researchers as saying. On a walled-garden system like iOS, there are no unknown apps.

How were the researchers able to insert malicious code in Apple's closed iOS ecosystem?

But the real shocker is why the Contacts app vulnerability exists in the first place: it capitalises on a known bug which Apple has failed to fix for four years. These will be out next year and will only be given to a select few to stop these flaws being sold on to those offering more money than Apple. "However, SQLite usage is so versatile that we can actually still trigger it in many scenarios".

As an example, the researchers demonstrated a simple attack that simply crashed the Contacts app.

Essentially, Apple hadn't prioritised the bug because it was believed it could only be triggered by an unknown application with access to the database. Check Point's hack works on devices running iOS 8 through the beta versions of iOS 13. Last week it was announced in Las Vegas at the Black Rock cybersecurity conference the tech giant is giving these specialists the task of hacking into the iPhone to find security flaws and vulnerabilities.

More news: Fortnite's 16-year-old solo champion was swatted during a stream

Apple users have been warned that an iMessage security vulnerability has been discovered - this means that an attacker can read the files on a users iPhone without needing physical access to the device. All they needed was some tape, a pair of spectacles, and an unconscious or sleeping iPhone user. Google researchers shared the vulnerabilities with the iPhone maker, which fixed most of the flaws before they were made public.

Putting their security systems to the test, Apple are offering up $1 million (£830,000) to anyone that can successfully hack an iPhone.

The bug bounty program, which was previously invite-only, is also now available to any researchers that would like to participate, which should widen the number of people looking for those issues.

Apple started its bounty program three years ago and only focused on its mobile platform, until now. Apple's new bounties are now in the same range as some published prices from contractors.



Like this

loading...
loading...

Latest


12 August 2019
Chelsea ace Cesar Azpilicueta sends message to stars after Man Utd defeat
Manchester United were in need of a fast start to the campaign to erase memories of a awful end to last season and got it. He also said that the selection of inexperienced trio Mason Mount, Andreas Christiansen and Tammy Abraham was a bad idea.

12 August 2019
Redmi Note 8, 64MP & 100MP camera phones: What is Xiaomi up to?
Unfortunately, at the current time neither Samsung or Xiaomi have not confirmed any arrival date for the new 100-megapixel camera. There's no concrete timeline on the launch of the 100MP camera phone, but we hope to learn more details on the same soon.

12 August 2019
'The Morning Show' Trailer: Aniston, Carell and Witherspoon
Witherspoon made her main role television debut in last year's Big Little Lies , for which she also executive produced the series. As the camera pushes into the control room, Witherspoon says, "I think they want to know the person behind the facade".

12 August 2019
Scaramucci: GOP May Need to Replace Trump for 2020 Election
Scaramucci said that he's now "neutral" on Trump. "We can't afford a full nuclear contamination site post 2020". He remained supportive and in October 2018 released a book, Trump: The Blue-Collar President .

12 August 2019
Red Bull promotes Alex Albon - demotes Pierre Gasly!
Albon has acquitted himself well in F1 so far, scoring five top-ten finishes in 2019, including an impressive P6 in Germany. Albon will make his Red Bull debut at the Belgian Grand Prix at Spa-Francorchamps on September 1.

12 August 2019
Russia, after protests, tells Google not to advertise "illegal" events
The city authorities insist that the registration was denied due to the candidates' failure to comply with the set procedures. The letter was sent by Roskomnadzor amid a wave of protests in Moscow, which have been ongoing since mid-summer.

12 August 2019
LG G8X Renders Leak, Tip Dewdrop Notch, Dual Rear Cameras, Headphone Jack
It has a dual rear camera setup accompanied with an LED flash, aligned horizontally, like the one we have seen in G8 ThinQ. If the reports are to be believed, the device will be the successor to the G8 ThinQ that was launched earlier this year.

12 August 2019
Asteroid whizzing by Earth this weekend won't come close to impact
Based on their latest findings, Earth is now not in danger of getting hit by one of these giant asteroids . According to CNEOS , the last time the asteroid approached Earth was on July 29, 2018.

12 August 2019
Walmart Pulls Violent Video Game Ads (But Not Guns) From Stores
Walmart is removing displays and signs for violent video games from its stores in the wake of shootings in recent weeks. Walmart is making changes to the video game and hunting departments, but it's not doing anything new about guns.

12 August 2019
Your DSLR could be vulnerable to malware and ransomware
Security researchers have now warned that even DSLR cameras are not immune to ransomware and malware attacks. According to Check Point's report, this is possible through the picture transfer protocol of the cameras.