Skip to content
SSL and internet security news

Informations about SSL certificates and networks security

Category: ios

Auto Added by WPeMatico

Critical Vulnerability in libwebp Library

Posted on September 27, 2023 By infossl
chrome, Chrome OS, ios, operating systems, Security technology, Uncategorized, vulnerabilities, zero-day

Both Apple and Google have recently reported critical vulnerabilities in their systems—iOS and Chrome, respectively—that are ultimately the result of the same vulnerability in the libwebp library: On Thursday, researchers from security firm Rezillion published evidence that they said made it “highly likely” both indeed stemmed from the same bug, specifically in libwebp, the code … Read More “Critical Vulnerability in libwebp Library” »

Zero-Click Exploit in iPhones

Posted on September 13, 2023 By infossl
apple, exploits, ios, iphone, Security technology, spyware, Uncategorized, vulnerabilities

Make sure you update your iPhones: Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061, allowed the attackers to infect … Read More “Zero-Click Exploit in iPhones” »

Operation Triangulation: Zero-Click iPhone Malware

Posted on June 9, 2023 By infossl
exploits, forensics, ios, iphone, malware, Security technology, Uncategorized

Kaspersky is reporting a zero-click iOS exploit in the wild: Mobile device backups contain a partial copy of the filesystem, including some of the user data and service databases. The timestamps of the files, folders and the database records allow to roughly reconstruct the events happening to the device. The mvt-ios utility produces a sorted … Read More “Operation Triangulation: Zero-Click iPhone Malware” »

Apple Patches iPhone Zero-Day

Posted on December 16, 2022 By infossl
apple, ios, iphone, patching, Security technology, Uncategorized, zero-day

The most recent iPhone update—to version 16.1.2—patches a zero-day vulnerability that “may have been actively exploited against versions of iOS released before iOS 15.1.” News: Apple said security researchers at Google’s Threat Analysis Group, which investigates nation state-backed spyware, hacking and cyberattacks, discovered and reported the WebKit bug. WebKit bugs are often exploited when a … Read More “Apple Patches iPhone Zero-Day” »

Apple’s Device Analytics Can Identify iCloud Users

Posted on November 22, 2022 By infossl
apple, cloud computing, courts, identification, ios, privacy, Security technology, tracking, Uncategorized

Researchers claim that supposedly anonymous device analytics information can identify users: On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an iCloud account and can be linked directly to a specific user, including their name, date of birth, email, and associated information stored on iCloud. Apple … Read More “Apple’s Device Analytics Can Identify iCloud Users” »

Apple Only Commits to Patching Latest OS Version

Posted on October 31, 2022 By infossl
apple, ios, patching, Security technology, Uncategorized

People have suspected this for a while, but Apple has made it official. It only commits to fully patching the latest version of its OS, even though it claims to support older versions. From ArsTechnica: In other words, while Apple will provide security-related updates for older versions of its operating systems, only the most recent … Read More “Apple Only Commits to Patching Latest OS Version” »

Apple’s Lockdown Mode

Posted on July 26, 2022 By infossl
apple, cybersecurity, ios, Security technology, Uncategorized, usability, vulnerabilities

I haven’t written about Apple’s Lockdown Mode yet, mostly because I haven’t delved into the details. This is how Apple describes it: Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most … Read More “Apple’s Lockdown Mode” »

Faking an iPhone Reboot

Posted on January 12, 2022 By infossl
apple, ios, iphone, malware, Security technology, Uncategorized

Researchers have figured how how to intercept and fake an iPhone reboot: We’ll dissect the iOS system and show how it’s possible to alter a shutdown event, tricking a user that got infected into thinking that the phone has been powered off, but in fact, it’s still running. The “NoReboot” approach simulates a real shutdown. … Read More “Faking an iPhone Reboot” »

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered

Posted on August 18, 2021 By infossl
algorithms, apple, backdoors, cryptography, hashes, ios, iphone, reverse engineering, Security technology, Uncategorized

Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3, and someone noticed: Early tests show that it can tolerate image resizing and compression, but not cropping or rotations. We also have the first collision: two images that hash … Read More “Apple’s NeuralHash Algorithm Has Been Reverse-Engineered” »

iPhone Apps Stealing Clipboard Data

Posted on June 29, 2020 By infossl
apple, dataloss, eavesdropping, ios, Security technology, video

iOS apps are repeatedly reading clipboard data, which can include all sorts of sensitive information. While Haj Bakry and Mysk published their research in March, the invasive apps made headlines again this week with the developer beta release of iOS 14. A novel feature Apple added provides a banner warning every time an app reads … Read More “iPhone Apps Stealing Clipboard Data” »

Posts pagination

1 2 3 Next
fr_FR

Recent Posts

  • Chinese AI Submersible
  • Fake Student Fraud in Community Colleges
  • Another Move in the Deepfake Creation/Detection Arms Race
  • Friday Squid Blogging: Pyjama Squid
  • Privacy for Agentic AI

Tags

academicpapers airgaps android anonymity authentication borders cars cellphones censorship control courts crime cryptanalysis cryptography cryptowars deanonymization edwardsnowden encryption fbi fear geolocation guardian hacking intelligence ios jamming keyescrow lies malware medicine nationalsecuritypolicy nsa pointofsale printers privacy rc4 retail secrecy sidechannelattacks socialmedia squid surveillance tracking tradecraft whistleblowers

Categories

  • 3dprinters
  • 911
  • A Hacker's Mind
  • academic
  • academic papers
  • academicpapers
  • accountability
  • aclu
  • activism
  • adobe
  • advanced persistent threats
  • advancedpersistentthreats
  • adware
  • aes
  • AI
  • air travel
  • airgaps
  • airtravel
  • al Qaeda
  • alarms
  • algorithms
  • alqaeda
  • amazon
  • android
  • anonymity
  • Anonymous
  • antivirus
  • apache
  • apple
  • Applied Cryptography
  • appliedcryptography
  • artificial intelligence
  • artificialintelligence
  • assassinations
  • atms
  • att
  • attribution
  • audio
  • auditing
  • australia
  • authentication
  • authorization
  • automation
  • backdoors
  • backups
  • banking
  • baserate
  • behavioraldetection
  • Beyond Fear
  • beyondfear
  • bgp
  • biological warfare
  • biologicalwarfare
  • biometrics
  • bios
  • bitcoin
  • BitLocker
  • blackberry
  • blackmail
  • blockchain
  • bluetooth
  • bombs
  • books
  • borders
  • botnets
  • brazil
  • breaches
  • bribes
  • browsers
  • business of security
  • businessofsecurity
  • CALEA
  • cameras
  • camouflage
  • canada
  • captchas
  • cars
  • casinos
  • cell phones
  • cellphones
  • censorship
  • certificates
  • certifications
  • ch2ke
  • chatbots
  • ChatGPT
  • cheating
  • chelseamanning
  • chess
  • child pornography
  • childpornography
  • children
  • china
  • chipandpin
  • chrome
  • Chrome OS
  • cia
  • cisco
  • Citizen Lab
  • citizenlab
  • cloning
  • cloud computing
  • cloudcomputing
  • co3systems
  • coastguard
  • colombia
  • complexity
  • compliance
  • computer security
  • computersecurity
  • concealment
  • conferences
  • cons
  • consumerization
  • contests
  • control
  • cookies
  • cooperation
  • copyright
  • costbenefitanalysis
  • courts
  • cover-ups
  • coverups
  • COVID-19
  • covid19
  • cracking
  • credentials
  • credit cards
  • creditcards
  • crime
  • cross-site scripting
  • crowdsourcing
  • cryptanalysis
  • crypto wars
  • cryptocurrency
  • cryptography
  • cryptome
  • cryptowars
  • cuba
  • cyberattack
  • cybercrime
  • cyberespionage
  • cybersecurity
  • cyberterrorism
  • cyberwar
  • cyberweapons
  • dark web
  • darkweb
  • darpa
  • Data and Goliath
  • data breaches
  • data collection
  • data destruction
  • data loss
  • data mining
  • data privacy
  • data protection
  • dataandgoliath
  • databases
  • databreaches
  • datacollection
  • datadestruction
  • dataloss
  • datamining
  • dataprotection
  • dataretention
  • de-anonymization
  • dea
  • deaddrops
  • deanonymization
  • debates
  • deception
  • deep fake
  • deepfake
  • defense
  • democracy
  • deniability
  • denial of service
  • denialofservice
  • Department of Defense
  • departmentofdefense
  • dhs
  • disclosure
  • disguise
  • disinformation
  • dmca
  • dna
  • dns
  • doghouse
  • domain names
  • doxing
  • drm
  • drones
  • drug trade
  • drugtrade
  • e-mail
  • eavesdropping
  • ebay
  • ebooks
  • economics of security
  • economicsofsecurity
  • Edward Snowden
  • edwardsnowden
  • eff
  • egypt
  • email
  • embedded systems
  • embeddedsystems
  • employment
  • encryption
  • enigma
  • EPIC
  • epidemiology
  • espionage
  • essays
  • estonia
  • ethics
  • eu
  • EULA
  • exploits
  • externalities
  • extortion
  • face recognition
  • facebook
  • facerecognition
  • fake news
  • fakenews
  • false positives
  • falsenegatives
  • falsepositives
  • fbi
  • fear
  • feudalsecurity
  • filesharing
  • filtering
  • finance
  • fingerprints
  • firefox
  • firewall
  • firmware
  • fisa
  • foia
  • forensics
  • forgery
  • Fortuna
  • france
  • fraud
  • fsecure
  • ftc
  • g7
  • gambling
  • game theory
  • games
  • gametheory
  • gaming consoles
  • gchq
  • gdpr
  • generations
  • geolocation
  • Georgia
  • germany
  • gmail
  • google
  • googleglass
  • gps
  • Greece
  • Guardian
  • guns
  • hackback
  • hacking
  • hardware
  • hashes
  • healthcare
  • Hezbollah
  • history of computing
  • history of cryptography
  • history of security
  • historyofcomputing
  • historyofcryptography
  • historyofsecurity
  • hoaxes
  • homelandsecurity
  • homomorphic encryption
  • hotels
  • hp
  • https
  • human rights
  • humor
  • ibm
  • ics
  • idcards
  • identification
  • identity theft
  • identitytheft
  • impersonation
  • implants
  • incentives
  • incident response
  • incidentresponse
  • india
  • infrastructure
  • inrupt
  • insiders
  • insurance
  • intel
  • intelligence
  • internet
  • Internet and society
  • Internet of Things
  • internetandsociety
  • internetexplorer
  • internetofthings
  • interviews
  • intrusion detection
  • ios
  • iphone
  • iran
  • iraq
  • ireland
  • irs
  • isis
  • isps
  • israel
  • italy
  • jamming
  • japan
  • Juniper
  • kaspersky
  • kazakhstan
  • key logging
  • keyescrow
  • keylogging
  • keys
  • kidnapping
  • killswitch
  • law enforcement
  • lawenforcement
  • laws
  • leaks
  • lebanon
  • lenovo
  • Liars and Outliers
  • liarsandoutliers
  • lies
  • linkedin
  • linux
  • LLM
  • locks
  • loopholes
  • lotteries
  • machine learning
  • machinelearning
  • mail
  • malware
  • man-in-the-middle attacks
  • maninthemiddleattacks
  • marketing
  • mcafee
  • md5
  • medicine
  • Meta
  • metadata
  • microsoft
  • military
  • mitigation
  • monoculture
  • movieplotthreats
  • mozilla
  • music
  • national security policy
  • nationalism
  • nationalsecurityletters
  • nationalsecuritypolicy
  • natural security
  • naturalsecurity
  • networksecurity
  • New York Times
  • Nigeria
  • nist
  • no-fly list
  • Non classé
  • noncomputer hacks
  • North Korea
  • northkorea
  • norway
  • nsa
  • obscurity
  • onetimepads
  • open source
  • opensource
  • operating systems
  • operatingsystems
  • operational security
  • operationalsecurity
  • overreactions
  • pakistan
  • Password Safe
  • passwords
  • passwordsafe
  • patching
  • patents
  • patriotact
  • paypal
  • penetration testing
  • penetrationtesting
  • pgp
  • phishing
  • phones
  • photos
  • physical security
  • physicalsecurity
  • pins
  • plagiarism
  • point of sale
  • pointofsale
  • police
  • policy
  • pornography
  • power
  • press
  • printers
  • prison escapes
  • prisons
  • privacy
  • privilege escalation
  • programming
  • propaganda
  • protocols
  • proxies
  • pseudonymity
  • psychology of security
  • psychologyofsecurity
  • public interest
  • public transit
  • publicinterest
  • publictransit
  • qatar
  • QR codes
  • quantum computing
  • quantum cryptography
  • quantumcomputing
  • quantumcryptography
  • radio
  • random numbers
  • randomnumbers
  • ransomware
  • redaction
  • regulation
  • replayattacks
  • reports
  • reputation
  • resilience
  • Resilient Systems
  • resilientsystems
  • restaurants
  • retail
  • reverse engineering
  • reverseengineering
  • rfid
  • risk assessment
  • riskassessment
  • risks
  • robbery
  • robotics
  • rootkits
  • rsa
  • russia
  • sabotage
  • Safari
  • safes
  • samsung
  • saudiarabia
  • scada
  • scams
  • scanners
  • Schneier news
  • Schneier on Security (book)
  • schneiernews
  • schneierslaw
  • schools
  • sciencefiction
  • search engines
  • searches
  • secrecy
  • secretsharing
  • security analysis
  • security conferences
  • security education
  • security engineering
  • security standards
  • Security technology
  • security theater
  • security tokens
  • securityanalysis
  • securityawareness
  • securityconferences
  • securityeducation
  • securityengineering
  • securitymindset
  • securitymonitoring
  • securitypolicies
  • securityquestions
  • securitystandards
  • securitytheater
  • securitytokens
  • sensors
  • sha1
  • side-channel attacks
  • sidechannelattacks
  • signal
  • signatures
  • SIM cards
  • simcards
  • skimmers
  • skype
  • smart cards
  • smartcards
  • smartphones
  • sms
  • smuggling
  • snake oil
  • snakeoil
  • social engineering
  • social media
  • socialengineering
  • socialmedia
  • societalsecurity
  • software
  • software liability
  • softwareliability
  • sony
  • southkorea
  • spain
  • spam
  • spoofing
  • sports
  • spyware
  • SQL injection
  • sqlinjection
  • squid
  • ss7
  • ssh
  • ssl
  • stalking
  • steganography
  • stuxnet
  • supply chain
  • supplychain
  • surveillance
  • sweden
  • switzerland
  • symantec
  • syria
  • T-Mobile
  • Taiwan
  • tamper detection
  • tamperdetection
  • taxonomies
  • TED
  • telecom
  • telegram
  • television
  • tempest
  • terms of service
  • termsofservice
  • terrorism
  • Thailand
  • theft
  • threat models
  • threatalerts
  • threatmodels
  • tls
  • tor
  • torrents
  • torture
  • tpm
  • tracing
  • tracking
  • tradecraft
  • traffic analysis
  • trafficanalysis
  • transparency
  • transportation
  • treaties
  • trust
  • tsa
  • turkey
  • twitter
  • two-factor authentication
  • twofactorauthentication
  • twofish
  • uae
  • uber
  • uk
  • ukraine
  • un
  • Uncategorized
  • undercover
  • unitedarabemirates
  • usability
  • usb
  • usps
  • utilities
  • uzbekistan
  • verisign
  • verizon
  • video
  • videoconferencing
  • videos
  • violence
  • voice recognition
  • voicerecognition
  • voip
  • voting
  • vpn
  • vulnerabilities
  • war
  • war on the unexpected
  • warontheunexpected
  • watchlists
  • weapons
  • web
  • web privacy
  • webprivacy
  • whatsapp
  • whistleblowers
  • Wi-Fi
  • wifi
  • wikileaks
  • windows
  • wireless
  • yahoo
  • zero-day
  • zeroday

Archives

  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014

Copyright © 2025 SSL and internet security news.

Theme: Oceanly by ScriptsTown