Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Apple. Show all posts
UMI
AI technology Apple CyberCrime Cyberhackers Cybermedia Cybersecurity CyberThreat iOS iPhone Users Privacy reboot Software Updates UMI

Reboot Revolution Protecting iPhone Users

 


Researchers at the University of Michigan (UMI) believe that Apple's new iPhone software has a novel security feature. It presents that the feature may automatically reboot the phone if it has been unlocked for 72 hours without being unlocked. 

As 404 Media reported later, a new technology called "inactivity reboot" was introduced in iOS 18.1, which forces devices to restart if their inactivity continues for more than a given period.  Aside from the Inactivity Reboot feature, Apple continues to enhance its security framework with additional features as part of its ongoing security enhancements. Stolen Data Protection is one of the features introduced in iOS 17.3. It allows the device to be protected against theft by requiring biometric authentication (Face ID or Touch ID) before allowing it to change key settings. 

There are various methods to ensure that a stolen device is unable to be reconfigured easily, including this extra layer of security. With the upcoming iOS 18.2 update, Apple intends to take advantage of a feature called Stolen Data Protection, which is set to be turned off by default to avoid confusing users. However, Apple plans to encourage users to enable it when setting up their devices or after a factory reset to maintain an optimal user experience. 

As a result, users will be able to have more control over the way their personal information is protected. Apple has quietly introduced a new feature to its latest iPhone update that makes it even harder for anyone to unlock a device without consent—whether they are thieves or law enforcement officers. With this inactivity reboot feature, Apple has made unlocking even more difficult for anyone. When an iPhone has been asleep or in lock mode for an extended period, a new feature is introduced with iOS 18.1 will automatically reboot it in addition to turning it off. 

A common problem with iPhones is that once they have been rebooted, they become more difficult to crack since either a passcode or biometric signature is required to unlock them. According to the terms of the agreement, the primary objective of this measure is to prevent thieves (or police officers) from hacking into smartphones and potentially accessing data on them. There is a new "inactivity reboot" feature included in iOS 18 that, according to experts who spoke to 404 Media, will restart the device after approximately four days of dormancy if no activity is made.

A confirmation of this statement was provided by Magnet Forensics' Christopher Vance in a law enforcement group chat as described in Magnet Forensics' Christopher Vance, who wrote that iOS 18.1 has a timer which runs out after a set amount of time, and the device then reboots, moving from an AFU (After First Unlock) state to a BFU (Before First Unlock) state at the end of this timer. According to 404 Media, it seems that the issue was discovered after officers from the Detroit Police Department found the feature while investigating a crime scene in Detroit, Michigan.

When officers were working on iPhones for forensic purposes in the course of their investigation, they noticed that they automatically rebooted themselves frequently, which made it more difficult for them to unlock and access the devices. As soon as the devices were disconnected from a cellular network for some time, the working theory was that the phones would reboot when they were no longer connected to the network.  

However, there are actually much simpler explanations that can be provided for this situation. The feature, which AppleInsider refers to as an inactivity reboot, is not based on the current network connection or the state of the battery on the phone, which are factors that may affect the reboot timer. The reboot typically occurs after a certain amount of time has elapsed -- somewhere around 96 hours in most cases.  Essentially, the function of this timer is identical to the Mac's hibernation mode, which is intended to put the computer to sleep as a precaution in case there is a power outage or the battery is suddenly discharged. 

During the BFU state of the iPhone, all data on the iPhone belongs to the user and is fully encrypted, and is nearly impossible for anyone to access, except a person who knows the user's passcode to be able to get into the device. However, when the phone is in a state known as "AFU", certain data can be extracted by some device forensic tools, even if the phone is locked, since it is unencrypted and is thus easier to access and extract.  

According to Tihmstar, an iPhone security researcher on TechCrunch, the iPhones in these two states are also known as "hot" devices or "cold" devices depending on their temperature.  As a result, Tihmstar was making a point to emphasize that the majority of forensic firms are focusing on "hot" devices in an AFU state as they can verify that the user entered the correct passcode in the iPhone's secure enclave at some point. A "cold" device, on the other hand, is considerably more difficult to compromise because its memory can not be easily accessed once the device restarts, so there is no easy way to compromise it.

The law enforcement community has consistently opposed and argued against new technology that Apple has implemented to enhance security, arguing that this is making their job more difficult. According to reports, in 2016, the FBI filed a lawsuit against Apple in an attempt to force the company to install a backdoor that would enable it to open a phone owned by a mass shooter. Azimuth Security, an Australian startup, ultimately assisted the FBI in gaining access to the phone through hacking. 

These developments highlight Apple’s ongoing commitment to prioritizing user privacy and data security, even as such measures draw criticism from law enforcement agencies. By introducing features like Inactivity Reboot and Stolen Data Protection, Apple continues to establish itself as a leader in safeguarding personal information against unauthorized access. 

These innovations underscore the broader debate between privacy advocates and authorities over the balance between individual rights and security imperatives in an increasingly digitized world.
Read more »
Software Bug
Apple Bug Data Breach data security Data Theft Employee Data iPhone theft macOS Personal Data Privacy Risks Software Bug

Sevco Report Exposes Privacy Risks in iOS and macOS Due to Mirroring Bug

 

A new cybersecurity report from Sevco has uncovered a critical vulnerability in macOS 15.0 Sequoia and iOS 18, which exposes personal data through iPhone apps when devices are mirrored onto work computers. The issue arose when Sevco researchers detected personal iOS apps showing up on corporate Mac devices. This triggered a deeper investigation into the problem, revealing a systemic issue affecting multiple upstream software vendors and customers. The bug creates two main concerns: employees’ personal data could be unintentionally accessed by their employers, and companies could face legal risks for collecting that data.  

Sevco highlighted that while employees may worry about their personal lives being exposed, companies also face potential data liability even if the access occurs unintentionally. This is especially true when personal iPhones are connected to company laptops or desktops, leading to private data becoming accessible. Sean Wright, a cybersecurity expert, commented that the severity of the issue depends on the level of trust employees have in their employers. According to Wright, individuals who are uncomfortable with their employers having access to their personal data should avoid using personal devices for work-related tasks or connecting them to corporate systems. Sevco’s report recommended several actions for companies and employees to mitigate this risk. 

Firstly, employees should stop using the mirroring app to prevent the exposure of personal information. In addition, companies should advise their employees not to connect personal devices to work computers. Another key step involves ensuring that third-party vendors do not inadvertently gather sensitive data from work devices. The cybersecurity experts at Sevco urged companies to take these steps while awaiting an official patch from Apple to resolve the issue. When Apple releases the patch, Sevco recommends that companies promptly apply it to halt the collection of private employee data. 

Moreover, companies should purge any previously collected employee information that might have been gathered through this vulnerability. This would help eliminate liability risks and ensure compliance with data protection regulations. This report highlights the importance of maintaining clear boundaries between personal and work devices. With an increasing reliance on seamless technology, including mirroring apps, the risks associated with these tools also escalate. 

While the convenience of moving between personal phones and work computers is appealing, privacy issues should not be overlooked. The Sevco report emphasizes the importance of being vigilant about security and privacy in the workplace, especially when using personal devices for professional tasks. Both employees and companies need to take proactive steps to safeguard personal information and reduce potential legal risks until a fix is made available.
Read more »
Trading
Apple cryptocurrency Cyber Fraud Cybersecurity Fake Apps Fraud Google investment phishing Scam Trading

Massive Global Fraud Campaign Exploits Fake Trading Apps on Apple and Google Platforms

 

A recent investigation by Group-IB revealed a large-scale fraud operation involving fake trading apps on the Apple App Store and Google Play Store, as well as phishing sites to deceive victims. The scheme is part of a wider investment scam known as "pig butchering," where fraudsters lure victims into investments by posing as romantic partners or financial advisors.

Victims are manipulated into losing funds, with scammers often requesting additional fees before disappearing with the money.

Group-IB, based in Singapore, noted that the campaign targets victims globally, with reports from regions like Asia-Pacific, Europe, the Middle East, and Africa. The fraudulent apps, created using the UniApp Framework, are labeled under "UniShadowTrade" and have been active since mid-2023, offering promises of quick financial gains.

One app, SBI-INT, even bypassed Apple’s App Store review process, giving it an illusion of legitimacy. The app disguised itself as a tool for algebraic formulas and 3D graphics calculations but was eventually removed from the marketplace.

The app used a technique that checked if the date was before July 22, 2024, and, if so, displayed a fake screen with mathematical formulas. After being taken down, scammers began distributing it via phishing websites for Android and iOS users.

For iOS, downloading the app involved installing a .plist file, requiring users to trust an Enterprise developer profile manually. Once done, the fraudulent app became operational, asking users for their phone number, password, and an invitation code.

After registration, victims went through a six-step process involving identity verification, providing personal details, and agreeing to terms for investments. Scammers then instructed them on which financial instruments to invest in, falsely promising high returns.

When victims tried to withdraw their funds, they were asked to pay additional fees to retrieve their investments, but the funds were instead stolen.

The malware also included a configuration with details about the URL hosting the login page, hidden within the app to avoid detection. One of these URLs was hosted by a legitimate service, TermsFeed, used for generating privacy policies and cookie consent banners.

Group-IB discovered another fake app on the Google Play Store called FINANS INSIGHTS, which had fewer than 5,000 downloads. A second app, FINANS TRADER6, was also linked to the same developer. Both apps targeted countries like Japan, South Korea, Cambodia, Thailand, and Cyprus.

Users are advised to be cautious with links, avoid messages from unknown sources, verify investment platforms, and review apps and their ratings before downloading.
Read more »
Privacy
Apple iCloud iOS18 Login Security Online Security Passwords Privacy

Say Goodbye to Login Struggles with Apple’s New ‘Passwords App’

 


With its much-awaited iOS 18, Apple is now launching an app called Passwords, created to help improve one of the oldest but least-tampered-with needs when it comes to digital security: password management. Now, the 'Passwords' app is downloadable on iPhones, iPads, and Macs. In an effort to make the habits of how users store and protect their digital credentials seem less mysterious, Apple is hoping to bring about better password security to millions of people with this long-standing feature being moved into a dedicated application.


All New Standalone Password Manager

Years ago, Apple's Keychain system stealthily protected its users' passwords, so they never had to remember complex login information for every app and website. But with iOS 18, Keychain is revamped and placed into an app that is not only visible but friendly to users: the new passwords app gathers all login credentials and passkeys in one place, thus making them easier to control. And this finally speaks to the increasing focus of Apple on usability as well as security- the app promises to be easier to use than ever before for consumers who are hardly familiar with password managers.

Apple's new app was warmly welcomed by Talal Haj Bakry and Tommy Mysk from the security firm Mysk because it represented a far easier approach toward password management. According to them, it will also make users realise that password management is quite essential by giving users a secure default tool preinstalled on every Apple device. Interestingly, Passwords makes use of end-to-end encryption, meaning no one, including Apple, knows what is saved in your credentials.


Password Manager Features and Design

In terms of design, the Passwords app presents a minimal interface with six main sections: All, Passkeys, Codes, Wi-Fi, Security, and Deleted. All these can be used to securely store several types of information. It's particularly noteworthy in the Security section, as this would identify weak or compromised passwords so that one can work out improved login credentials.

Apple saves all the login details synchronised through iCloud, hence a user can always access his or her account in whichever device he may be using. However, users who want to maintain their privacy are given the option of turning off the syncing feature for certain devices. With Face ID protection, the app is secured from unauthorised access by others.

All the information previously saved will automatically migrate from Keychain to Passwords, including sign-in details from the Sign In feature from Apple.


Why Improve Your Password Habits?

Part of that effort is Apple's Passwords, introducing passwords with the goal of streamlining and encouraging better password practices among users. According to cybersecurity expert Siamak Shahandashti, making the Passwords app more notable is encouraging users to start embracing stronger passwords and be more meticulous in the digital sphere in general. To Shahandashti, existing authentication systems are too complex for everyday folks, and that's what he sees the Apple app doing- filing in the gap.

The other feature is that the app supports passkeys, which are considered to be the next-generation replacement for passwords. Passkeys provide better security without having you remember such long, convoluted passwords. To promote the passwordless security feature, Apple automatically activated an option available in the security setting that enables existing accounts to be updated to utilise passkeys when possible.


Impact on the Password Management Industry

With its entry into the password management space, Apple holds high potential to seriously disrupt long-standing players in this area, namely third-party apps. As the new Passwords app on Apple is integrated throughout its ecosystem and synced through iCloud, it can easily attract many users searching for an easy included solution instead of seeking third-party apps. Critics instead point out that Apple locks users into the system when it constrains ease of exporting data to other platforms.

Ultimately, with so many options in the market for password management, this new application from Apple can turn out to be the "one stop shop" for millions of users. It simplifies password management and strengthens security, and hence forms a great option for those who haven't adopted a password manager yet or are looking for an integrated solution.

All in all, Apple's Passwords app is a meaningful step forward in digital security, letting people manage their passwords and passkeys in a streamlined and secure way. For many, it may be the perfect solution toward solving log-in issues while also amplifying online security.


Read more »
Technology
Apple Chrome Google Internet Safari Safe Browsing Technology

Choosing the Right Browser: Privacy Tips from Apple and Google

Apple vs. Google: The Battle for Browser Privacy

Apple has launched an ad campaign urging over a billion iPhone users to stop using Google Chrome, citing privacy concerns. This campaign has sparked a heated debate between two tech giants, Apple and Google, over the best way to protect user privacy online.

Apple’s Stance on Privacy

Apple has long positioned itself as a champion of user privacy. In its latest campaign, Apple highlights the extensive use of tracking cookies by Google Chrome. These cookies, Apple claims, follow users across the web, collecting data on their browsing habits. Apple argues that Chrome’s Incognito mode, which many users rely on for private browsing, isn’t truly private. According to Apple, Incognito mode still allows websites to track user activity, albeit to a lesser extent.

To counter these privacy concerns, Apple promotes its own browser, Safari, as a more secure alternative. Safari, Apple claims, uses Intelligent Tracking Prevention (ITP) to limit the ability of advertisers to track users across websites. This feature, combined with other privacy-focused tools, makes Safari a more attractive option for users who prioritize their online privacy.

Google’s Response

Google, on the other hand, has defended Chrome’s privacy practices. In response to Apple’s campaign, Google emphasized that Chrome is designed to keep user data safe and give users control over their privacy settings. Google points out that Chrome offers a range of privacy features, including the ability to block third-party cookies and manage site permissions.

Google also highlights its commitment to transparency. The company regularly updates its privacy policies and provides users with clear information about how their data is collected and used. Google argues that this transparency, combined with robust privacy controls, makes Chrome a trustworthy choice for users.

The Broader Context

This clash between Apple and Google is part of a larger conversation about online privacy. As more of our lives move online, the amount of data we generate has skyrocketed. This data is incredibly valuable to advertisers, who use it to target ads more effectively. However, this data collection has raised significant privacy concerns.

Many users are unaware of the extent to which their online activities are tracked. Even when using private browsing modes, such as Chrome’s Incognito mode, users may still be tracked by websites and advertisers. This has led to calls for greater transparency and stronger privacy protections.

Choosing the Right Browser

So, what does this mean for the average user? When choosing a browser, it’s important to consider your privacy needs. If you prioritize privacy and want to limit tracking as much as possible, Safari may be the better choice. Apple’s Intelligent Tracking Prevention and other privacy features can help protect your data from advertisers.

However, if you value customization and control over your browsing experience, Chrome offers a range of privacy tools that can be tailored to your needs. Google’s transparency about its data collection practices also provides users with a clear understanding of how their data is used.

Ultimately, the choice between Safari and Chrome comes down to personal preference. Both browsers have their strengths and weaknesses, and the best choice will depend on your individual privacy needs and browsing habits.

Read more »
Tracking
Apple Chrome Cookies Google Privacy Tracking

Google Delays Plan to Replace Cookies, Leaving Users and Industry in Limbo


In unexpected turn of events, Google has delayed its plan to replace tracking cookies in its Chrome browser, affecting its three billion users worldwide. The company had intended to transition to new, anonymised tracking methods to enhance user privacy, but these alternatives have faced regulatory and privacy challenges.

Cookie Controversy and Privacy Concerns

Originally, Google aimed to retire cookies and introduce Privacy Sandbox, which would use less invasive tracking methods by grouping users into like-minded cohorts. However, this initiative encountered significant pushback due to concerns over its effectiveness and potential industry impact. Critics argue that these new methods might still compromise user privacy and could harm the digital advertising ecosystem.

Google's Alex Cone, Product Manager for Privacy Sandbox, recently acknowledged the lack of progress, stating, “We’re at work on those [new] designs, and we’ll discuss those with regulators as we advance… there’s no new information to provide.” This indefinite delay has left many in the industry frustrated and uncertain about the future of digital tracking.

Reports indicate that Google is now in "damage control mode," attempting to soothe the industry's nerves. Meetings, forums, and panels have been held to address concerns, but concrete solutions remain elusive. Many ad tech executives feel like they're at the mercy of Google's decisions, which immensely impact their operations.

The Privacy Sandbox was seen as a necessary evolution from cookies, but now, with no clear timeline, the advertising industry is left in limbo. This delay means that the status quo of invasive tracking will continue for the foreseeable future, much to the dismay of privacy advocates.

Google vs. Apple: A Privacy Battle

The timing of these developments is noteworthy. Apple's recent ad campaign criticised Chrome's privacy practices, aligning closely with Google’s announcement of cookie delays. Apple has been a strong proponent of privacy, introducing features like App Tracking Transparency (ATT) that significantly restrict user tracking. The effectiveness of Apple's approach has been debated, with opt-in rates for tracking remaining low.

Google’s struggle with Privacy Sandbox could lead to similar outcomes as Apple’s ATT, where user tracking becomes more transparent but less prevalent. However, this shift requires careful consideration and regulatory approval, which is currently lacking.

The Future of Digital Tracking

The UK's Competition and Markets Authority (CMA) is closely watching Google's revised approach, emphasising the need for balanced solutions that protect consumers and market dynamics. The Electronic Frontier Foundation (EFF) has long advocated for banning behavioural advertising based on online activity, underscoring the urgent need for robust privacy legislation.

The advertising industry, having prepared for a post-cookie world, now faces uncertainty. Investments in Privacy Sandbox-related technologies may stall, and the transition to new tracking methods could be delayed indefinitely.

For Chrome users, this means continued exposure to current tracking practices, with no immediate improvements in privacy. Meanwhile, the digital advertising industry grapples with Google's unpredictable policy changes. As the debate over user privacy and tracking continues, the need for clear, effective, and timely solutions becomes ever more critical.

Read more »
user consent
Apple CMA Cookies Digital Advertising Google Privacy user consent

Google Backtracks on Cookie Phaseout: What It Means for Users and Advertisers


 

In a surprising announcement, Google confirmed that it will not be eliminating tracking cookies in Chrome, impacting the browsing experience of 3 billion users. The decision came as a shock as the company struggled to find a balance between regulatory demands and its own business interests.

Google’s New Approach

On July 22, Google proposed a new model that allows users to choose between tracking cookies, Google’s Topics API, and a semi-private browsing mode. This consent-driven approach aims to provide users with more control over their online privacy. However, the specifics of this model are still under discussion with regulators. The U.K.’s Competition and Markets Authority (CMA) expressed caution, stating that the implications for consumers and market outcomes need thorough consideration.

Privacy Concerns and Industry Reaction

Privacy advocates are concerned that most users will not change their default settings, leaving them vulnerable to tracking. The Electronic Frontier Foundation (EFF) criticised Google’s Privacy Sandbox initiative, which was intended to replace tracking cookies but has faced numerous setbacks. The EFF argues that Google’s latest move prioritises profits over user privacy, contrasting sharply with Apple’s approach. Apple’s Safari browser blocks third-party cookies by default, and its recent ad campaign highlighted the privacy vulnerabilities of Chrome users.

Regulatory and Industry Responses

The CMA and the U.K.’s Information Commissioner expressed disappointment with Google’s decision, emphasising that blocking third-party cookies would have been a positive step for consumer privacy. Meanwhile, the Network Advertising Initiative (NAI) welcomed Google’s decision, suggesting that maintaining third-party cookie support is essential for competition in digital advertising.

The digital advertising industry may face unintended consequences from Google’s shift to a consent-driven privacy model. This approach mirrors Apple’s App Tracking Transparency, which requires user consent for tracking across apps. Although Google’s new model aims to empower users, it could lead to an imbalance in data access, benefiting large platforms like Google and Apple.

Apple vs. Google: A Continuing Saga

Apple’s influence is evident throughout this development. The timing of Apple’s privacy campaign, launched just days before Google’s announcement, underscores the competitive dynamics between the two tech giants. Apple’s App Tracking Transparency has already disrupted Meta’s business model, and Google’s similar approach may further reshape the infrastructure of digital advertising.

Google’s Privacy Sandbox has faced criticism for potentially enabling digital fingerprinting, a concern Apple has raised. Despite Google’s defense of its Topics API, doubts about the effectiveness of its privacy measures persist. As the debate continues, the primary issue remains Google’s dual role as both a guardian of user privacy and a major beneficiary of data monetisation.

Google’s decision to retain tracking cookies while exploring a consent-driven model highlights the complex interplay between user privacy, regulatory pressures, and industry interests. The outcome of ongoing discussions with regulators will be crucial in determining the future of web privacy and digital advertising.



Read more »
Safari
Apple Google Chrome Online Tracking Privacy Safari

Apple Warns iPhone Users to Avoid Google Chrome

 



The relationship between Apple and Google has always been complex, and recent developments have added another layer to this rivalry. Apple has launched a new ad campaign urging its 1.4 billion users to stop using Google Chrome on their iPhones. This move comes as Google attempts to convert Safari users to Chrome, amidst growing scrutiny of its financial arrangements with Apple regarding default search settings.

The Financial Dynamics Behind Safari and Chrome

Google relies heavily on Safari to drive search requests from iPhones, thanks to a lucrative deal making Google the default search engine on Safari. However, this arrangement is under threat from monopoly investigations in the US and Europe. To counter this, Google is pushing to increase Chrome's presence on iPhones, aiming to boost its install base from 30% to 50%, capturing an additional 300 million users.

Apple's new campaign focuses on privacy, highlighting Chrome's vulnerabilities in this area. Despite Google's claims of enhanced privacy, tracking cookies remains an issue, and recent reports suggest that Google collects device data from Chrome users through an undisclosed setting. Apple's advertisements, including billboards promoting Safari's privacy features, emphasise that users concerned about online privacy should avoid Chrome.

In its latest video ad, Apple draws inspiration from Hitchcock's "The Birds" to underscore the threat of online tracking. The ad's message is clear: to avoid being watched online, use Safari instead of Chrome. This campaign is not about convincing Android users to switch to iPhones but about keeping iPhone users within Apple's ecosystem.

Despite Apple's push for Safari, the reality is that many users prefer Google Search. Reports indicate that Apple itself has found Google Search to be superior to alternatives. Even if Google is dropped as the default search engine on Safari, users can still set it manually. The question remains whether Google will offer advanced AI search features on Chrome that are unavailable on other browsers.

This battle between Safari and Chrome is just beginning. As Apple fights to retain its 300 million Safari users, the competition with Google will likely intensify. Both companies are navigating a rapidly changing landscape where privacy, user preferences, and regulatory pressures play defining roles. For now, Apple is betting on its privacy-focused message to keep users within its ecosystem, but the outcome of this struggle remains to be seen.


Read more »
Spyware
Apple Cyber Security data security iPhone Hacks Mobile Hacking Mobile Spyware Pegasus Pegasus Spyware Spyware

Apple Alerts Pegasus-like Attack on Indian Activists and Leaders

 

On July 10, two individuals in India received alarming notifications from Apple, Inc. on their iPhones, indicating they were targeted by a “mercenary” attack. This type of spyware allows attackers to infiltrate personal devices, granting access to messages, photos, and the ability to activate the microphone and camera in real time. Apple had previously described these as “state-backed” attacks but revised the terminology in April. 

Iltija Mufti, political adviser and daughter of former Jammu and Kashmir Chief Minister Mehbooba Mufti, and Pushparaj Deshpande, founder of the Samruddha Bharat Foundation, reported receiving these alerts. Both Mufti and Deshpande confirmed to The Hindu that they had updated their phones and planned to have them forensically examined. A spokesperson for Apple in India did not provide an immediate comment. 

Although the alert did not specifically mention state involvement, it cited Pegasus spyware as an example. Pegasus, developed by the Israeli NSO Group Technologies, is exclusively sold to governments. The Indian government has not confirmed or denied using Pegasus and declined to participate in a Supreme Court-ordered probe into its deployment. This is the first instance in months where such spyware alerts have been issued. 

The last known occurrence was in October, when Apple devices belonging to Siddharth Varadarajan of The Wire and Anand Mangnale of the Organized Crime and Corruption Report Project received similar warnings. Forensic analysis later confirmed they were targeted using vulnerabilities exploited by Pegasus clients. Both Mufti and Deshpande criticized the Union government, accusing it of using Pegasus. Mufti stated on X (formerly Twitter), “BJP shamelessly snoops on women only because we refuse to toe their line,” while Deshpande highlighted the government’s misplaced priorities, focusing on deploying Pegasus rather than addressing India’s significant challenges. 

An international investigation in 2021 by the Forbidden Stories collective exposed widespread targeting of civil society organizations, opposition politicians, and journalists with Pegasus spyware. The Indian government denied illegal activity but did not clearly confirm or deny the use of Pegasus. Alleged targets included Rahul Gandhi, former Election Commissioner Ashok Lavasa, student activist Umar Khalid, Union Minister Ashwini Vaishnaw, the Dalai Lama’s entourage, and individuals implicated in the 2018 Bhima Koregaon violence.
Read more »
Telecom
AI Apple ChatGPT Technology Telecom

From Siri to 5G: AI’s Impact on Telecommunications

From Siri to 5G: AI’s Impact on Telecommunications

The integration of artificial intelligence (AI) has significantly transformed the landscape of mobile phone networks. From optimizing network performance to enhancing user experiences, AI plays a pivotal role in shaping the future of telecommunications. 

In this blog post, we delve into how mobile networks embrace AI and its impact on consumers and network operators.

1. Apple’s AI-Powered Operating System

Apple, a tech giant known for its innovation, recently introduced “Apple Intelligence,” an AI-powered operating system. The goal is to make iPhones more intuitive and efficient by integrating AI capabilities into Siri, the virtual assistant. Users can now perform tasks more quickly, receive personalized recommendations, and interact seamlessly with their devices.

2. Network Optimization and Efficiency

Telecom companies worldwide are leveraging AI to optimize mobile phone networks. Here’s how:

  • Dynamic Frequency Adjustment: Network operators dynamically adjust radio frequencies to optimize service quality. AI algorithms analyze real-time data to allocate frequencies efficiently, ensuring seamless connectivity even during peak usage.
  • Efficient Cell Tower Management: AI helps manage cell towers more effectively. During low-demand periods, operators can power down specific towers, reducing energy consumption without compromising coverage.

3. Fault Localization and Rapid Resolution

AI-driven network monitoring has revolutionized fault localization. For instance:

  • Korea Telecom’s Quick Response: In South Korea, Korea Telecom uses AI algorithms to pinpoint network faults within minutes. This rapid response minimizes service disruptions and enhances customer satisfaction.
  • AT&T’s Predictive Maintenance: AT&T in the United States relies on predictive AI models to anticipate network issues. By identifying potential problems before they escalate, they maintain network stability.

4. AI Digital Twins for Real-Time Monitoring

Network operators like Vodafone create AI digital twins—virtual replicas of real-world equipment such as masts and antennas. These digital twins continuously monitor network performance, identifying anomalies and suggesting preventive measures. As a result, operators can proactively address issues and maintain optimal service levels.

5. Data Explosion and the Role of 5G

The proliferation of AI generates massive data. Consequently, investments in 5G Standalone (SA) networks have surged. Here’s why:

  • Higher Speeds and Capacity: 5G SA networks offer significantly higher speeds and capacity compared to the older 4G system. This is essential for handling the data influx from AI applications.
  • Edge Computing: 5G enables edge computing, where AI processing occurs closer to the user. This reduces latency and enhances real-time applications like autonomous vehicles and augmented reality.

6. Looking Ahead: The Quest for 6G

Despite 5G advancements, experts predict that AI’s demands will eventually outstrip its capabilities. Anticipating this, researchers are already exploring 6G technology, expected around 2028. 6G aims to provide unprecedented speeds, ultra-low latency, and seamless connectivity, further empowering AI-driven applications.

Read more »
Technology
AI Privacy AI technology Apple Apple security features Cloud Computing Cloud technology LLM Technology

Apple's Private Cloud Compute: Enhancing AI with Unparalleled Privacy and Security

 

At Apple's WWDC 2024, much attention was given to its "Apple Intelligence" features, but the company also emphasized its commitment to user privacy. To support Apple Intelligence, Apple introduced Private Cloud Compute (PCC), a cloud-based AI processing system designed to extend Apple's rigorous security and privacy standards to the cloud. Private Cloud Compute ensures that personal user data sent to the cloud remains inaccessible to anyone other than the user, including Apple itself. 

Apple described it as the most advanced security architecture ever deployed for cloud AI compute at scale. Built with custom Apple silicon and a hardened operating system designed specifically for privacy, PCC aims to protect user data robustly. Apple's statement highlighted that PCC's security foundation lies in its compute node, a custom-built server hardware that incorporates the security features of Apple silicon, such as Secure Enclave and Secure Boot. This hardware is paired with a new operating system, a hardened subset of iOS and macOS, tailored for Large Language Model (LLM) inference workloads with a narrow attack surface. 

Although details about the new OS for PCC are limited, Apple plans to make software images of every production build of PCC publicly available for security research. This includes every application and relevant executable, and the OS itself, published within 90 days of inclusion in the log or after relevant software updates are available. Apple's approach to PCC demonstrates its commitment to maintaining high privacy and security standards while expanding its AI capabilities. By leveraging custom hardware and a specially designed operating system, Apple aims to provide a secure environment for cloud-based AI processing, ensuring that user data remains protected. 

Apple's initiative is particularly significant in the current digital landscape, where concerns about data privacy and security are paramount. Users increasingly demand transparency and control over their data, and companies are under pressure to provide robust protections against cyber threats. By implementing PCC, Apple not only addresses these concerns but also sets a new benchmark for cloud-based AI processing security. The introduction of PCC is a strategic move that underscores Apple's broader vision of integrating advanced AI capabilities with uncompromised user privacy. 

As AI technologies become more integrated into everyday applications, the need for secure processing environments becomes critical. PCC's architecture, built on the strong security foundations of Apple silicon, aims to meet this need by ensuring that sensitive data remains private and secure. Furthermore, Apple's decision to make PCC's software images available for security research reflects its commitment to transparency and collaboration within the cybersecurity community. This move allows security experts to scrutinize the system, identify potential vulnerabilities, and contribute to enhancing its security. Such openness is essential for building trust and ensuring the robustness of security measures in an increasingly interconnected world. 

In conclusion, Apple's Private Cloud Compute represents a significant advancement in cloud-based AI processing, combining the power of Apple silicon with a specially designed operating system to create a secure and private environment for user data. By prioritizing security and transparency, Apple sets a high standard for the industry, demonstrating that advanced AI capabilities can be achieved without compromising user privacy. As PCC is rolled out, it will be interesting to see how this initiative shapes the future of cloud-based AI and influences best practices in data security and privacy.
Read more »
Technology
Apple Apple Intelligence Iphone15 Private Cloud Technology

Apple Introduces Exclusive AI Features for Newest Devices


 

Apple's WWDC 2023 brought exciting news for tech enthusiasts: the introduction of Apple Intelligence, a groundbreaking AI system. However, if you're eager to try out these new features, you'll need the latest devices.

Apple Intelligence features will be exclusively available on the iPhone 15 Pro and iPhone 15 Pro Max, equipped with the A17 Pro chip. These models are the only iPhones currently confirmed to support these advanced AI capabilities, suggesting that future models like the anticipated iPhone 16 Pro might also include these features. This exclusivity highlights Apple’s strategy to incentivize users to upgrade to their latest hardware to access the most advanced functionalities.


Compatibility Across iPads and Macs

The AI features are not confined to iPhones. Apple Intelligence will also be accessible on several iPad and Mac models, specifically those with an M1 chip or newer. The list of compatible devices includes:

- iPad Pro and iPad Air (M1 and newer)

- MacBook Pro (M1 and newer)

- MacBook Air (M1 and newer)

- iMac (M1 and newer)

- Mac mini (M1 and newer)

- Mac Pro (M2 Ultra and newer)

- Mac Studio (M1 Max and newer)

Apple plans to offer AI features through cloud processing for those with older devices. However, this method will limit the on-device functionality compared to what’s available on newer chipsets, reinforcing the superior performance of the latest models.

Benefits and Features of Apple Intelligence

Apple Intelligence is a sophisticated personal intelligence system designed to enhance user experience across iPhone, iPad, and Mac. Integrated into iOS 18, iPadOS 18, and macOS Sequoia, it combines generative models with personal context to offer highly tailored and efficient intelligence. This system can understand and generate both language and images, perform actions across various apps, and use personal context to streamline daily tasks. Examples include suggesting replies in messages, organizing photos, and assisting in drafting documents based on user habits and preferences.

One of the standout features of Apple Intelligence is Private Cloud Compute. This technology balances on-device processing and powerful server-based models, running on dedicated Apple Silicon servers. This approach allows Apple to maintain robust performance while upholding its strict privacy standards. By splitting computational tasks between the device and the server, Apple ensures user privacy is never compromised, even when leveraging extensive server-based computations.

To fully experience the capabilities of Apple Intelligence, users will need to upgrade to the iPhone 15 Pro or iPhone 15 Pro Max. While some AI features will be available on older devices through cloud processing, the most advanced capabilities will be reserved for those with the latest hardware. This move by Apple emphasises its commitment to pushing the boundaries of technology while maintaining its renowned privacy standards.


Read more »
Technology Upgrade
AI Apple Cyber Attacks CyberCrime Cybersecurity Developers iOS Technology Upgrade

Apple's AI Features Demand More Power: Not All iPhones Make the Cut

 


A large portion of Apple's developer conference on Monday was devoted to infusing artificial intelligence (AI) technology into its software. Some of the features Apple has rumoured to incorporate are not expected to work on all iPhones. If you read this article correctly, it sounds as if Apple is betting its long-awaited AI features will be enough to make you upgrade your iPhone — especially if the AI requires the latest smartphone. The annual developer conference of Apple, WWDC, is expected to take place on Monday with the announcement of iOS 18. 

According to Bloomberg, the company will release a new version of its artificial intelligence software, dubbed "Apple Intelligence," which will include features that will run directly on the iPhone's processor instead of being powered by cloud servers - in other words, they'll be powered directly from the device itself. According to the report, some of the AI services will still utilize cloud-based computing, however, many won't. The iPhone, iOS18, as well as any of Apple's other products and devices, are set to be updated, and anything short of a full array of AI-based features will likely disappoint developers and industry analysts, not to mention investors, with any changes Apple makes to its operating system. 

The company has turned to artificial intelligence (AI) as a way to revive its loyal fan base of over 1 billion customers and reverse the decline of its best-selling product in the face of choppy consumer spending and resurgent tech rivals. A key selling point that Apple uses to differentiate itself from its competitors is the fact that it is committed to privacy. There are still questions to be answered in regards to how Federighi will make sure that the personal context of a user will be shared across multiple devices belonging to the same user. 

However, he said that all data will be processed on-device and will never be shared across cloud servers. It is widely believed that the move by Apple was an evolution of the generative AI domain that would lead to the adoption of generative AI by enterprises by streamlining the best practices for AI privacy in the industrial sector. Analysts said that the software is likely to encourage a cascade of new purchases, as it requires at least an iPhone 15 or 15 Pro to be able to function. It has been predicted that we will likely see Apple's most significant upgrade cycle since the launch of the iPhone 12 in 2020, when 5G connectivity was part of the appeal for consumers for the device. 

A study from Apple analyst Ming-Chi Kuo published on Medium has claimed that the amount of on-board memory in the forthcoming iPhone 16 range, which is predicted to have 8GB of storage, may not be enough to be able to fully express the large language model (LLM) behind Apple's artificial intelligence (AI). It has been argued by analyst Kuo in a recent post that the iPhone 16's 8GB DRAM limit will likely restrict on-device learning curves from exceeding market expectations. Kuo suggests that eager Apple fans might want to temper their expectations before WWDC this year. 

Although this is true, Apple's powerful mobile chips and efficient iOS operating system can offer market-leading performance, regardless of how much RAM is available to them, on many of their previous iPhone models. As a result, memory has never been much of an issue on revious iPhone models. In the case of notoriously demanding AI tools, such as deep learning, however, the question becomes whether that level of complexity will still be applicable.

Several apps are set to feature AI technology, including Mail, Voice Memos, and Photos, as part of Apple's AI integration, but users will have to opt-in to use the features if they wish to use them. There were rumours that the company would deliver a series of features designed to simplify everyday tasks such as summarizing and writing emails, as well as suggesting custom emojis for emails. Moreover, Bloomberg reports that Siri is also going to undergo an AI overhaul to allow users to be able to do more specific tasks within apps, for instance, deleting an email inside an app will be one of these. According to The Information and Bloomberg, Apple has signed a deal with OpenAI to power some features, including a chatbot that is similar to ChatGPT, one of the most popular chatbots.
Read more »
Software
Apple Apple MacOS cryptocurrency malware Software

New MacOS Malware Steals Browser Data and Cryptocurrency

 



While malware attacks on Windows and Android systems are more frequent, macOS is not immune to such dangers. Cybersecurity experts at Moonlock Lab have identified a new type of macOS malware that adeptly avoids detection and poses a serious threat to user data and cryptocurrency.


How the Malware Spreads

The infection starts when users visit websites that offer pirated software. On these sites, they might download a file called CleanMyMacCrack.dmg, thinking it’s a cracked version of the CleanMyMac utility. However, launching this DMG file triggers a Mach-O executable, which then downloads an AppleScript. This script is specifically designed to steal sensitive information from the infected Mac.


Malware Capabilities

Once the malware infiltrates a macOS system, it can carry out a range of malicious activities:

  • It captures and stores the Mac user's username.
  •  The malware sets up temporary directories to store stolen information temporarily.
  •  It retrieves browsing history, cookies, saved passwords, and other data from different web browsers.
  •  The malware identifies and accesses directories containing cryptocurrency wallets.
  •  It copies data from the macOS keychain, Apple Notes, and Safari cookies.
  •  It gathers general user information, system specifications, and metadata.
  •  All the collected data is eventually exfiltrated to the attackers.


Link to a Known Hacker

Moonlock Lab has traced this macOS malware back to a notorious Russian-speaking hacker known as Rodrigo4. This individual has been seen on the XSS underground forum, where he is actively seeking collaborators to help spread his malware through search engine optimization (SEO) manipulation and online advertisements.

Rodrigo4's method involves manipulating search engine results and placing ads to lure unsuspecting users into downloading the malicious software. By making the malware appear as a popular utility, he increases the chances of users downloading and installing it, unknowingly compromising their systems.


How to Protect Yourself

To prevent this malware from infecting your Mac, Moonlock Lab recommends several precautions:

1. Only download software from reputable and trusted sources.

2. Regularly update your operating system and all installed applications.

3. Use reliable security software to detect and block malware.

The crucial point is users should be cautious about downloading software from unverified websites and avoid using pirated software, as these are common vectors for malware distribution. Staying informed about the latest cybersecurity threats and adopting good digital hygiene practices can also drastically reduce the risk of infection.




Read more »
Technology
Apple CyberCrime Cybersecurity Cyberthreats Cyerattacks Data Safety iPhones Meta NVIDIA Technology

Nvidia Climbs to Second Place in Global Market Value, Surpassing Apple

 


This month, Nvidia has achieved a historic achievement by overtaking Apple to become the world's second most valuable company, a feat that has only been possible because of the overwhelming demand for its advanced chips that are used to handle artificial intelligence tasks. A staggering $1.8 trillion has been added to the market value of the Santa Clara, California-based company's shares over the past year, increasing its market value by a staggering 147% this year. 

Nvidia has achieved a market capitalisation of over $3 trillion as a result of this surge, becoming the first semiconductor company to achieve this milestone. The value of Nvidia's shares has skyrocketed over the past few years, making it the second most valuable company in the world and larger than Apple, thanks to its surge in value. As a consequence of the excitement regarding artificial intelligence, which is largely based on Nvidia chips, the company has seen its shares rise dramatically over the past few years.

The popularity of the company has resulted in it becoming the largest company in Silicon Valley, which has led it to replace Apple, which has seen its share price fall due to concerns regarding iPhone sales in China and other concerns. Several weeks from now, Nvidia will be split ten times for ten shares, a move that could greatly increase the appeal of its stock to investors on a personal level. Nvidia’s surge over Apple’s market value signals a shift in Silicon Valley, where the co-founded company by Steve Jobs has dominated the field since the iPhone was launched in 2007. While Apple gained 0.78 per cent, the world’s most valuable company, Microsoft gained 1.91 per cent in value. 

As a result of the company’s graphics processing units fuelling a boom in artificial intelligence (AI), Nvidia’s rally continues an extraordinary streak of gains for the company. There has been a 260 per cent increase in revenue for the company in recent years, as tech titans such as Microsoft, Meta, Google, and Amazon race to implement artificial intelligence. 

Last month, Nvidia announced a 10-for-1 stock split as a way of making stock ownership more accessible to employees and investors. In the first half of this year, Nvidia shares have more than doubled in value after almost tripling in value in 2023. With the implementation of the split on Friday, the company will be able to appeal to a larger number of small-time investors, as the company's shares will become even more attractive. 

As a consequence of Microsoft, Meta Platforms, and Alphabet, all of these major tech companies are eager to enhance their artificial intelligence capabilities, which is why Nvidia's stock price has surged 147% in 2024. According to recent revenue estimates, the company's stock has gained close to $150 million in market capitalisation in one day, which is more than the entire market capitalization of AT&T. As well as a 4.5% increase in the PHLX chip index, many companies have benefited from the current optimism surrounding artificial intelligence, including Super Micro Computer, which builds AI-optimized servers using Nvidia chips. 

During his visit to the Computex tech fair in Taiwan, former Taipei resident Jensen Huang, chairman & CEO of Nvidia, received extensive media coverage that highlighted both his influence on the company's growing importance as well as his association with the event. Compared to Apple, there are challenges facing Apple due to weak demand for iPhones in China and stiff competition from its Chinese competitors. According to some analysts, Apple misses out on incorporating AI features compared to other tech giants because the company has been so slow in incorporating them. 

According to LSEG data, Nvidia's stock trades today at 39 times expected earnings, but the stock is still considered less expensive than a year ago, when the stock traded at more than 70 times expected earnings, indicating it's less expensive than it used to be.
Read more »
Windows
Apple Critical Flaw iTunes Vulnerabilities and Exploits Windows

Apple Warns Windows Users: Critical Security Vulnerability in iTunes

Apple Warns Windows Users: Critical Security Vulnerability in iTunes

Apple confirms the finding of a critical security flaw in the iTunes program for Windows 10 and Windows 11 users, which could have allowed malicious attackers to execute code remotely at will.

Willy R. Vasquez, a security researcher at the University of Texas in Austin, uncovered the vulnerability, known as CVE-2024-27793. This vulnerability affects the CoreMedia framework, which processes media samples and manages media data queues in iTunes.

A major security flaw in the iTunes app for Windows 10 and Windows 11 users could have allowed malicious attackers to execute code remotely, Apple said in a support article published on May 8.

About CVE-2024-27793

Willy R. Vasquez, a Ph.D. scholar and security expert at The University of Texas at Austin, discovered CVE-2024-27793 and contributed sandboxing code to the Firefox 117 web browser. The vulnerability, rated critical by the Common Vulnerability Scoring System v3, affects the CoreMedia framework, which provides the media pipeline used to process media samples and handle batches of media information, says Apple.

The flaw allows an attacker to execute arbitrary code by sending a maliciously crafted request during the file processing. It is critical to highlight that the attacker does not need physical access to the Windows PC, as the exploitation can be carried out remotely. 

The vulnerability explained

The CVSS v3 critical grade of 9.1 out of 10 is mostly due to the potential for remote code execution. The basic root of the flaw was found as inadequate checks inside the CoreMedia framework component, which Apple fixed with enhanced checks in the most recent release.

Based on the Vulnerability Database resource, CVE-2024-27793 can be leveraged remotely without authentication, although successful exploitation requires human involvement. This interaction could include clicking a link or visiting a website where CoreMedia processes the malicious file

The ease of exploitation and potential impact of arbitrary code execution emphasize the seriousness of this issue. Users should upgrade their iTunes programs to the most recent version to protect themselves from any attacks exploiting this security weakness.

Protecting Your System

Here are some steps you can take to safeguard your system:

  • Update iTunes: Ensure that you’re running the latest version of iTunes. Apple’s security patches are typically included in software updates, so staying up-to-date is essential.
  • Be Cautious: Avoid clicking on suspicious links or visiting untrusted websites. Malicious actors often use social engineering tactics to trick users into interacting with harmful content.
  • Regular Backups: Regularly back up your data to an external drive or cloud storage. In case of a security breach, having backups ensures that you won’t lose critical files.
  • Use Antivirus Software: Install reputable antivirus software and keep it updated. Antivirus tools can detect and block known threats, providing an additional layer of defense.
Read more »
macOS
Apple Cyber Security iCloud iPhone macOS

Apple ID Shuts Down: Users Panic While Trying to Reset Password

Apple ID Shuts Down: Users Panic While Trying to Reset Password

Apple IDs serve as the gateway to our digital ecosystem. They unlock access to our beloved photos, messages, apps, and more. But what happens when that gateway suddenly slams shut, leaving us confused outside? 

Recently, Apple users have been struggling with this very issue, as widespread reports of forced password resets have surfaced.

Locked out of your Apple ID? Here’s what you need to know

If you've been locked out of your Apple ID in the last day or so without warning, you're not alone

Apple users have been suffering a wave of forced lockouts, with some indicating that they have been forced to reset their passwords to regain access.

The lockouts have resulted in customers losing access to their devices, but there appears to be no root cause or anything in common across incidents, and Apple has yet to comment on the matter. 

The company's System Status website indicates that all services are "operating normally," with Apple ID services particularly listed as "available."

The lockout mystery

If your Apple ID has locked you out, you might panic and try your usual password, but it’s useless. You’re left staring at the blank “Incorrect Password” message. What gives?

The cause behind these lockouts remains hidden in mystery. Experts believe it’s a security measure triggered by suspicious activity, while others suspect a glitch in the matrix. Regardless, the concern is real. Users have taken to social media, sharing their stories of being shut. 

Have you had your password reset?

If your Apple ID has been blocked out and you must change your password, any app-specific passwords you may have created will also need to be reset. That's something you'll have to do whether you utilize apps like Spark Mail, Fantastical, or any number of others.

It could potentially cause significant issues if you use iOS 17.3's Stolen Device Protection. You'll need to use biometrics on your iPhone, such as Face ID or Touch ID, to access your account or use Apple Pay.

Apple’s silence

As the lockout story falls out, Apple has remained silent. No official statements, no explanations. The tech giant continues to operate, but the users are panicking to regain control of their digital lives. Is it a glitch? A security enhancement? At this moment, we can only wait for Apple’s response

What can you do?

1. Reset Your Password: Change the password. But remember the app-specific ones too.

2. Biometrics: If you’ve set up Face ID or Touch ID, use them to reclaim your digital ID.

3. Stay Tuned: Keep an eye on Apple’s official channels. 

Read more »
Technology
Apple Internet Internet Complexity Tech Outage Technology

Tech Outages: Exposing the Web’s Fragile Threads

Tech Outages: Exposing the Web’s Fragile Threads

Today, technology outages have become more than mere inconveniences—they’re disruptions that ripple across industries, affecting businesses, individuals, and even our daily routines. Over 1.75 million user-reported issues flooded in from across the globe.  From WhatsApp to Greggs (the UK’s popular sausage roll maker), and even tech giants like Apple and Meta, all have recently faced service disruptions due to IT outages. Let’s explore the reasons behind this trend.

Downdetector

This platform monitors web outages and provides insights into the extent of problems faced by companies. On April 3, 2024, more than 1.75 million user-reported issues were flagged worldwide for WhatsApp, with tens of thousands also reported for the App Store and Apple TV. Neither firm responded to inquiries about the cause of their outages.

Internet Complexity

The internet, like software, comprises multiple layers. Regulatory changes, consumer demands for seamless data access, and the integration of new features (such as AI chatbots) add layers and complexity. Unfortunately, more layers mean a higher risk of things going wrong. Companies are pushing for innovation, but it comes with the potential of breaking existing systems.

Moving Parts and Cloud Services

Various factors can cause internet services to fail, including typos in code, hardware faults, power outages, and cyberattacks. Severe weather conditions can also impact data centers housing powerful servers. Additionally, many companies have shifted from managing their infrastructure in-house to using cloud services. While this enables faster development, a single outage at the cloud service provider can affect multiple platforms and technologies.

Tech Giants

Glitches in services provided by major cloud providers like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud have previously led to downtime for thousands of customers.

The internet's complexity, rapid innovation, and reliance on cloud services contribute to the increased occurrence of tech outages. As companies strive for progress, maintaining stability remains a challenge.

The Quest for Progress

We crave seamless experiences. We want our apps to load instantly, our streaming services to buffer flawlessly, and our online orders to arrive yesterday. But progress is a hungry beast. It devours stability, chews on reliability, and spits out error messages. The quest for innovation pushes boundaries, but it also tests the limits of our digital infrastructure.

Read more »
Spyware Alert
Apple Cyber Security Cyberattacks CyberCrime CyberThreat Mercenary Social Media Spyware Alert

Apple Steps Up Spyware Alerts Amid Rising Mercenary Threats

 


It has been reported that Apple sent notifications on April 10 to its Indian and 91 other users letting them know they might have been a victim of a possible mercenary spyware attack. As stated in the company's notification to the affected users, these spyware attacks were intended to 'remotely compromise the iPhone associated with the users' Apple IDs,' suggesting the attackers might have targeted them specifically as a result of who they are or what they do, and that they were most likely to be a target. 

A threat notification has been issued to users worldwide after fears were raised that sophisticated spyware attacks could be targeting high-profile Apple customers. There had been a similar warning sent out to Indian Apple users back in October last year, in which members of the Indian Parliament and journalists were alerted about potential ‘state-sponsored attacks'. 

People who had been alerted last year were able to use social media in response to the alerts, but this time around, the same has not been the case. After the Pegasus surveillance issue, Apple introduced this feature in 2021. When these alerts are received, they will be sent to users when they see activity that is consistent with a state-sponsored attack. 

It has recently released an alert highlighting the dangers and rarities of mercenary spyware, like the famous Pegasus from NSO Group, highlighting how complex and rare these types of viruses can be. According to the company's warning email, the spyware was designed to secretly infiltrate iPhones associated with particular Apple IDs. 

There has been a lot of speculation surrounding this issue, with Apple indicating that attackers may select their targets depending on their identity or profession to gain access to their systems. Mercenary spyware refers to sophisticated malware that has been developed and deployed primarily by private entities that may be guided by national authorities. 

In a message issued by the company, users were warned that advanced spyware may attempt to remotely access their iPhones, indicating that they may be at risk. The attacks, according to Apple, are both “exceptionally rare” and “vastly more sophisticated” than the usual cybercrime activities or consumer malware. 

In addition to stressing the unique characteristics of threats such as Pegasus spyware from NSO Group, the company also pointed out that such attacks are individually tailored and cost millions of dollars to launch, and only a very small percentage of customers are affected by such attacks. Moreover, as evidenced by the fact that a coalition of countries, including the United States, is currently working to create safeguards against the misuse of commercial spy software, these efforts are in line with global efforts to combat the misuse of commercial spyware. 

Furthermore, a recent report released by Google's Threat Analysis Group (TAG) and Mandiant shed light on the exploitation of zero-day vulnerabilities in the year 2023, revealing a significant portion of these exploits would be attributed to commercial surveillance vendors. It is widely known that web browser vulnerabilities and mobile device vulnerabilities are a major source of threat actors' evasion and persistence strategies, an indication of how reliant they are on zero-day exploits. 

Among the most concerning issues was that, in India, opposition politicians had raised concerns about possible government involvement in attacks against mobile phones in October, citing Apple's earlier alert about state-sponsored attacks from October that appeared to indicate such an involvement. There has been a high-risk warning issued by CERT-In, India's national cybersecurity watchdog, about vulnerabilities in Apple products that are affecting the entire Apple ecosystem. 

There may be vulnerabilities in these systems which will enable attackers to access sensitive information, execute unauthorized code, bypass security measures, and spoof systems to perform identity theft and other attacks against them. Several Apple devices and software are the subject of this advisory, including iOS, iPadOS, macOS, tvOS, watchOS, and Safari, as well as a wide range of Apple devices and computer software.

Apple also recommends that users remain vigilant regarding suspicious links and attachments, as some attacks might be exploiting the power of social engineering to mislead users into clicking on malicious links. When users suspect that they are being targeted, even in the absence of a threat notification, precautions should be taken to avoid exposing themselves to security threats. 

These precautions include changing passwords and speaking with experts in the field of digital security. As a result of these evolving threats, Apple emphasizes that to mitigate the risks effectively, users must work together with security professionals. Proactive measures and an increased awareness of cyber threats must become increasingly important in helping combat malicious cyber activity in the era of growing digital privacy concerns. 

There may be vulnerabilities in these systems which will enable attackers to access sensitive information, execute unauthorized code, bypass security measures, and spoof systems to perform identity theft and other attacks against them. Several Apple devices and software are the subject of this advisory, including iOS, iPadOS, macOS, tvOS, watchOS, and Safari, as well as a wide range of Apple devices and computer software. 

Apple also recommends that users remain vigilant regarding suspicious links and attachments, as some attacks might be exploiting the power of social engineering to mislead users into clicking on malicious links. When users suspect that they are being targeted, even in the absence of a threat notification, precautions should be taken to avoid exposing themselves to security threats. These precautions include changing passwords and speaking with experts in the field of digital security. 

As a result of these evolving threats, Apple emphasizes that to mitigate the risks effectively, users must work together with security professionals. Proactive measures and an increased awareness of cyber threats must become increasingly important in helping combat malicious cyber activity in the era of growing digital privacy concerns. It is recommended that users when clicking on links or opening attachments from unknown sources, be cautious. 

Since they feared the spyware might help attackers plan for a stealth attack, they decided not to share any more details about it. Additionally, Apple incorporated new advice for users who might be impacted by mercenary spyware attacks into its support page for those who might have been affected. The page explained how these threats are tailored to each individual and their particular device, which means they are difficult to detect and hard to eliminate.
Read more »
security alerts
Apple Cyber Threats Data Breach Digital Security iPhone mercenary spyware attack remote targeting security alerts

Apple Alerts iPhone Users of 'Mercenary Attack' Threat

 

Apple issued security alerts to individuals in 92 nations on Wednesday, cautioning them that their iPhones had been targeted in a remote spyware attack linked to mercenaries.

The company sent out threat notification emails, informing recipients, "Apple has detected that you are being targeted by a mercenary spyware attack," suggesting that the attack might be aimed at specific individuals based on their identity or activities. 

These types of attacks, termed as "mercenary attacks," are distinct due to their rarity and sophistication, involving substantial financial resources and focusing on a select group of targets. Apple emphasized that this targeting is ongoing and widespread.

The notification warned recipients that if their device falls victim to such an attack, the attacker could potentially access sensitive data, communications, or even control the camera and microphone remotely.

While it was reported that India was among the affected countries, it remained uncertain whether iPhone users in the US were also targeted. Apple refrained from providing further comments beyond the details shared in the notification email.

In response to the threat, Apple advised recipients to seek expert assistance, such as the Digital Security Helpline provided by the nonprofit Access Now, which offers emergency security support around the clock.

Furthermore, Apple referenced Pegasus, a sophisticated spyware created by Israel's NSO Group, in its notification regarding the recent mercenary attack. Apple had previously filed a lawsuit against the NSO Group in November 2021, seeking accountability for the surveillance and targeting of Apple users using Pegasus. This spyware has historically infiltrated victims' devices, including iPhones, without their knowledge. Since 2016, instances have surfaced of Pegasus being employed by various entities to monitor journalists, lawyers, political dissidents, and human rights activists.
Read more »
Subscribe to: Posts (Atom)