Malicious JPEGs can compromise your iPhone
A vulnerability in the iOS CoreGraphics component allows attackers to compromise iDevices by tricking victims into viewing a maliciously crafted JPEG file. The good news is …
Signal users can now make their messages disappear
Open Whisper Systems’ Signal, the messaging app favoured by Edward Snowden and many other users who want and need to keep their communication safe and private, is now …
Enhance iMessage security using Confide
One of the new features in iOS 10 offers the possibility of deploying specially crafted applications within iMessage. Most users will probably (ab)use this new functionality …
Mobile security stripped bare: Why we need to start again
We’re all familiar with the cartoon image of a character stopping a water leak by plugging a finger into the hole, only for another leak to start, needing another finger, and …
Looking for an iOS jailbreak? Beware of scammy offers
Users searching for a way to jailbreak an iDevice should be extremely careful not to fall for fake offers such as that on the taig9.com website. TaiG is the name of a …
Apple plugs three actively exploited iOS zero-days
Owners of Apple’s mobile devices are advised to upgrade to iOS version 9.3.5 as soon as possible, as it fixes three zero-day vulnerabilities actively exploited in the …
Proxy authentication flaw can be exploited to crack HTTPS protection
Mistakes made in the implementation of proxy authentication in a variety of operating systems and applications have resulted in security vulnerabilities that allow MitM …
Google Duo: Simple, encrypted, video calling app
Google Duo is a simple 1-to-1 video calling app available for Android and iOS. In order to use Google Duo all you need is your phone number, no separate account is necessary. …
Kaspersky Safe Browser iOS app sports MITM SSL certificate bug
Security researcher David Coomber has unearthed a vulnerability (CVE-2016-6231) in the Kaspersky Safe Browser iOS app that effectively contradicts its name. As it turns out, …
Needle iOS security testing tool to be unveiled at Black Hat Arsenal
In a session at Black Hat USA 2016 on Wednesday, Marco Lancini, Security Consultant at MWR InfoSecurity, will demonstrate publicly for the first time a new iOS security …
Review: True Key for iOS
I’ve been using 1Password for years – both their desktop and mobile products. Altough it works fine, I was curious to see what are the alternatives I can use on my …
Pokémon GO gets full access to players’ Google account
Pokémon GO, the mobile augmented reality game that has become hugely popular in record time, brings with it a lot of unexpected dangers. Its popularity has been exploited by …
Featured news
Resources
Don't miss
- Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)
- Phishers are increasingly impersonating electronic toll collection companies
- 7 ways to get C-suite buy-in on that new cybersecurity tool
- Building a cybersecurity strategy that survives disruption
- Open-source malware doubles, data exfiltration attacks dominate