Security

Link

New York City Partners With Cellebrite to Hack iPhones

Andrew Orr ·

Documents reveal that New York City law enforcement has a partnership with Cellebrite to hack iPhones.

Previously, if law enforcement wanted to get into newer devices, they had to send the phones to one of Cellebrite’s digital forensics labs, located in New Jersey and Virginia. But Cellebrite’s new UFED Premium program gave law enforcement the ability to “unlock and extract data from all iOS and high-end Android devices” on their own, using software installed on computers in their offices.

I’ve always wondered if eventually Apple will remove the Lightning port from the iPhone once wireless charging becomes the norm. Side effects may include better waterproofing and worsened hacking.

Link

Microsoft says Iranian 'Phosphorus' Group Tried to Hack U.S. Presidential Campaign

Andrew Orr ·

In a blog post today Microsoft says that Iranian hackers attacked a U.S. presidential campaign, current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran.

Four accounts were compromised as a result of these attempts; these four accounts were not associated with the U.S. presidential campaign or current and former U.S. government officials. Microsoft has notified the customers related to these investigations and threats and has worked as requested with those whose accounts were compromised to secure them.

No word yet on what time President Trump asked Iran to interfere with our elections.

Link

One Year Later: Bloomberg Hasn't Retracted its iCloud Spy Chip Story

Andrew Orr ·

This story doesn’t need me piling on, but I think it’s astounding that a media organization with integrity, gravitas, etc. etc. still hasn’t retracted its debunked theory one year later. And the journalists who wrote the story are now in charge of Bloomberg‘s cybersecurity division. If by some miracle we learn that there really are spy chips I will most certainly apologize. But with zero evidence, I think that probability is low.

There’s been a lot of smoke, but no firings. Quite the opposite. It’s been a year since Bloomberg Businessweek published an extensively debunked story claiming that companies including Apple and Amazon had been hacked. Yet since then, all of Bloomberg‘s few responses and actions have only doubled down on how this publication lacks credibility on the topic.

Link

Hacker Claims New 'checkm8' Exploit Can Lead to Permanent Jailbreak

Andrew Orr ·

Twitter use axi0mX posted about how a new iOS exploit called checkm8 could lead to a “permanent unpatchable bootrom exploit” for iPhone 4s to iPhone X.

What I am releasing today is not a full jailbreak with Cydia, just an exploit. Researchers and developers can use it to dump SecureROM, decrypt keybags with AES engine, and demote the device to enable JTAG. You still need additional hardware and software to use JTAG.

I’m sure governments around the world will be in touch.

Link

macOS Mojave 10.14.6 Patches a Security Hole

Andrew Orr ·

Along with iOS 12.4.2 Apple is releasing macOS Mojave 10.14.6, a second supplemental update with security fixes.

If you’re running an earlier version of macOS then you will instead find Security Update 2019-005 for macOS High Sierra and Security Update for macOS Sierra available as system software updates.

The security issue as shared here fixes CVE-2019-8641: A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

Link

Be Cautious of AltStore, the New Alternative App Store

Andrew Orr ·

There are reports of an alternative App Store that doesn’t require jailbreaking. It’s called AltStore, and it lets you download these alternative apps via a server you install on your Mac. While the developer says that the code for AltStore is open source, that doesn’t mean the apps within are. I urge caution about installing unknown apps outside of the App Store. If they can’t make it through the app review team, there’s probably a reason for that. For example, this quote from the blog:

From the beginning, AltStore was intended to serve as a way for developers to distribute entirely new apps that push the boundaries of iOS in ways not possible with Apple’s app review system.

Hopefully, “pushing the boundaries” doesn’t include apps full of malware.

Link

White House Blocks Audit of its Offensive Hacking Strategy

Andrew Orr ·

The White House is blocking an audit by Congress for its offensive hacking policy it has already used for cyberattacks against Russia and Iran.

The policy, which loosened the reins on military strikes against U.S. adversaries, has been withheld for more than a year from lawmakers — even those who regularly review classified material. Lawmakers from both parties are concerned the Trump administration could plunge the country into a cyberwar without congressional approval or oversight, or at the very least, provoke retaliation that causes serious damage at home.

The White House hacking strategy is: “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing.

Link

Cloudflare Releases Warp VPN for Everyone

Andrew Orr ·

Cloudflare announced its Warp VPN earlier this year and created a waiting list for it to be rolled out. Although the company had technical difficulties, the list is gone and Warp VPN is available for everyone today.

Let me start with the apology. We are sorry making WARP available took far longer than we ever intended. As a way of hopefully making amends, for everyone who was on the waitlist before today, we’re giving 10 GB of WARP Plus — the even faster version of WARP that uses Cloudflare’s Argo network — to those of you who have been patiently waiting.

This Friday I intend to publish a list of five VPN apps for iOS, and Warp will be included.

Link

Russian Confesses to JPMorgan Chase Hack

Andrew Orr ·

Russian national Adrei Tyurin confessed to the 2014 hacking of JPMorgan Chase which stole the data of over 80 million customers.

Tyurin carried out the hacks at the direction of co-conspirator Gery Shalon, who used the stolen data to further a variety of schemes, including securities fraud. One scheme involved artificially inflating the price of certain publicly traded stocks by marketing them in a deceptive and misleading manner to customers of companies Tyurin had hacked.

Link

Your X-Ray Images and Medical Data Are Available on the Internet

Andrew Orr ·

ProPublica investigation revealed that medical images and health data are often stored in insecure servers that are easily accessible to anyone with a bit of computer knowledge.

We identified 187 servers — computers that are used to store and retrieve medical data — in the U.S. that were unprotected by passwords or basic security precautions. The computer systems, from Florida to California, are used in doctors’ offices, medical-imaging centers and mobile X-ray services.

All told, medical data from more than 16 million scans worldwide was available online, including names, birthdates and, in some cases, Social Security numbers.

Link

New Exploit Shows We Should Just Skip to iOS 13.1

Andrew Orr ·

A contacts exploit was discovered in iOS 13 that lets a person bypass Face ID / Touch ID to see an iPhone’s contacts.

Relatively little is at stake with this exploit. Beyond the inherent danger of an assailant having your iPhone, this method only allows someone to view the contacts within the target iPhone, provided that they have physical access to the target phone and can complete the VoiceOver exploit.

Little is at stake, but there have been so my iOS exploits in the news lately that we might as well go straight to iOS 13.1.

Link

The (In)Security Behind Trump's Twitter Account

Andrew Orr ·

According to an investigation of President Trump’s Twitter security, his account might be vulnerable to being hacked, although some disagree.

The source who shared information about Trump’s Twitter security said they don’t believe the account will be hacked, but that the risk should be kept in perspective. “Remember we are talking about access to a Twitter account, not access to the nuclear launch codes,” they said. “While the optics would be bad if the account were ever hacked, it would not be a national crisis.”

Link

iMessage and Safari Make iPhones Less Secure

Andrew Orr ·

Andy Greenberg writes about security problems in iMessage and Safari, saying that these products make iPhone less secure.

“If you want to compromise an iPhone, these are the best ways to do it,” says independent security researcher Linus Henze of the two apps…He and other iOS researchers argue that when it comes to the security of both iMessage and WebKit—the browser engine that serves as the foundation not just of Safari but all iOS browsers—iOS suffers from Apple’s preference for its own code above that of other companies.

Apple is in a tough position. If a company isn’t great at security, they could get a third-party to audit its software. But that would create a huge target.