Tag: apple
-
UK Gov demands backdoor to access Apple iCloud backups worldwide
UK secretly demands Apple create an iCloud backdoor via a Technical Capability Notice, raising privacy concerns over end-to-end encryption. The UK demands Apple to create a backdoor to access any iCloud backups, the request raises concerns about user privacy and undermines Apple’s security commitments. >>The British government’s undisclosed order, issued last month, requires blanket capability…
-
Hey, UK, Get Off of My Cloud
The United Kingdom has made a bold demand to Apple, purporting to require the company to create a backdoor to access encrypted cloud backups of all users worldwide. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/hey-uk-get-off-of-my-cloud/
-
Tech companies brace after UK demands back door access to Apple cloud
The UK has served a notice on Apple demanding back door access to encrypted data stored by users anywhere in the world on Apple’s cloud service First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366618999/Tech-companies-brace-after-UK-demands-back-door-access-to-Apple-cloud-Tech-companies-brace-for-more
-
Core-Media-Framework Day-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/apple-core-media-framework-sicherheitsluecke-a-b1e972a48d78893f3808f22de82f36b6/
-
UK Is Ordering Apple to Break Its Own Encryption
The Washington Post is reporting that the UK government has served Apple with a “technical capability notice” as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data Protection encryption in iCloud for the benefit of law enforcement. This is a big deal, and something we in the security community have…
-
Snoopers’ Charter: Großbritannien will Zugriff auf iCloud-Backups weltweit
Die britische Regierung verpflichtet Apple, eine Backdoor für verschlüsselte iCloud-Backups von Nutzern weltweit einzurichten. First seen on golem.de Jump to article: www.golem.de/news/snoopers-charter-grossbritannien-will-zugriff-auf-icloud-backups-weltweit-2502-193159.html
-
UK Secret Order Demands That Apple Give Access to Users’ Encrypted Data
Plus: Benjamin Netanyahu gives Donald Trump a golden pager, Hewlett Packard Enterprise blames Russian government hackers for a breach, and more. First seen on wired.com Jump to article: www.wired.com/story/uk-secret-order-apple-users-encrypted-data/
-
UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access
United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all encrypted content stored in its iCloud service. The demand, issued under the U.K.’s controversial Investigatory Powers Act of 2016, has raised alarm among privacy advocates and tech experts. If implemented, this order would allow British authorities to bypass encryption protections not…
-
UK Government Reportedly Demands Access to Encrypted iCloud Files Worldwide
As reported by The Washington Post, Apple received notice of a possible request in March 2024, but the official ask occurred in January 2025. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/uk-apple-encryption-icloud/
-
UK Home Office silent on alleged Apple backdoor order
Blighty’s latest stab at encryption? A secret order to pry open iCloud, sources claim First seen on theregister.com Jump to article: www.theregister.com/2025/02/07/home_office_apple_backdoor_order/
-
DeepSeek App Transmits Sensitive User and Device Data Without Encryption
A new audit of DeepSeek’s mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks.The assessment comes from NowSecure, which also found that the app fails to adhere to best security…
-
UK reportedly demands secret ‘back door’ to Apple users’ iCloud accounts
The British government has reportedly issued a secret legal demand to Apple to allow access to encrypted iCloud accounts. First seen on therecord.media Jump to article: therecord.media/uk-government-reportedly-demands-backdoor-apple-icloud
-
Encryption Debate: Britain Reportedly Demands Apple Backdoor
Secret Order Seeks to Compel Apple to Weaken Encryption, Washington Post Reports. The British government has unexpectedly reignited the long-running encryption debate, reportedly issuing a secret order to Apple requiring that it provide direct access to global users’ fully encrypted cloud backups and prohibited the technology giant from alerting any targeted accountholders. First seen on…
-
UK government demands Apple backdoor to encrypted cloud data: report
Apple is likely to stop providing its encrypted cloud service to U.K. users First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/07/uk-government-demands-apple-backdoor-to-encrypted-cloud-data-report/
-
Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims
OCR plugin great for extracting crypto-wallet secrets from galleries First seen on theregister.com Jump to article: www.theregister.com/2025/02/07/infected_apps_google_apple_stores/
-
DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers
Apple’s defenses that protect data from being sent in the clear are globally disabled. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/02/deepseek-ios-app-sends-data-unencrypted-to-bytedance-controlled-servers/
-
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple’s and Google’s respective app stores to steal victims’ mnemonic phrases associated with cryptocurrency wallets. The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2) server,…
-
Password Stealing Malware Attacking macOS Users Increasing Rapidly
In a concerning trend, macOS users are facing an unprecedented rise in password-stealing malware attacks. Recent cybersecurity reports reveal a 101% surge in macOS infostealers during the latter half of 2024, marking these threats as the most significant category of new malware targeting Apple devices. Infostealers such as Atomic Stealer, Poseidon Stealer, and Cthulhu Stealer…
-
How to customize Safari for private browsing on iOS
Apple’s Safari browser includes several features aimed at enhancing privacy while browsing the web. Two of the most notable privacy features are Intelligent Tracking … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/06/safari-privacy-features/
-
Crypto-stealing apps found in Apple App Store for the first time
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/mobile/crypto-stealing-apps-found-in-apple-app-store-for-the-first-time/
-
Apple’s macOS Kernel Vulnerability (CVE-2025-24118) Exposes Users to Privilege Escalation Attacks PoC Released
A critical privilege escalation vulnerability in Apple’s macOS kernel has been revealed, posing a significant risk to users. The flaw, identified as CVE-2025-24118, affects multiple versions of macOS, iPadOS, and macOS Sequoia. Security researcher Joseph Ravichandran (@0xjprx) from MIT CSAIL brought this issue to light, demonstrating how a race condition in the macOS XNU kernel could lead to…
-
MacOS Ferret operators add a deceptive bite to their malware family
The macOS Ferret family, variants of malware used by North Korean APTs for cyber espionage, has received a new member as samples of a detection-resistant variant, Flexible-Ferret, appear in the wild.The discovery of the samples was made by SentinelOne researchers who noted the variant’s capability to evade the recent XProtect signature update that Apple pushed…
-
Crypto-stealing iOS, Android malware found on App Store, Google Play
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/05/crypto-stealing-ios-android-malware-found-on-app-store-google-play-sparkcat-malicious-sdk/
-
Google Play, Apple App Store apps caught stealing crypto wallets
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/mobile/google-play-apple-app-store-apps-caught-stealing-crypto-wallets/
-
State-linked hackers deploy macOS malware in fake job interview campaign
Actors linked to North Korea bypassed Apple security using malware called FlexibleFerret. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korean-hackers–fake-interview/739165/
-
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process.”Targets are typically asked to communicate with an interviewer through a link that throws an error message and a request to install or update some…
-
Apple Service Ticket Portal Vulnerability Leaks Sensitive Information
Apple, one of the most trusted technology brands in the world, recently faced a critical security exposure in its service ticket portal. The vulnerability, discovered by a tech enthusiast while submitting a repair request uncovered severe flaws in Apple’s system that could have resulted in a massive breach of customer data. The Vulnerability Explained This…
-
First Apple-notarized porn app available to iPhone users in Europe
The first Apple-notarized porn app, “Hot Tub,” is now available to iPhone users in Europe through the alternative app marketplace, AltStore PAL. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/apple/first-apple-notarized-porn-app-available-to-iphone-users-in-europe/
-
GarageBand: Böser Fehler kann zu Code-Ausführung führen
Die Mac-Version von Apples Gratis-DAW enthält eine Lücke, die sich offenbar durch Angreifer ausnutzen lässt. Ein Update liegt vor. First seen on heise.de Jump to article: www.heise.de/news/GarageBand-Boeser-Fehler-kann-zu-Code-Ausfuehrung-fuehren-10265857.html