zero days – Page 5 – WindowsTechs.com

Researcher claims $100,000 for ‘Sign in with Apple’ hack

Posted on June 1, 2020 by Sean Lyngaas

The same login feature that Apple introduced last year to protect privacy could have been abused to hack into third-party applications on an iPhone, a security researcher has found. The discovery earned New Delhi-based programmer Bhavuk Jain $100,000, he said, highlighting the critical nature of the flaw and the big payouts Apple has been offering through a bug bounty program it expanded last year. Jain figured out how to generate a login token for an Apple ID and use it to access third-party apps with lax security. Manipulating the tokens at their source was all Jain needed to access the apps. The research comes a year after Apple unveiled the “Sign in with Apple” feature, which authenticates users on apps without disclosing their Apple IDs. Apple has touted it as a more privacy-conscious alternative to requiring users to log in to apps through their social media accounts. Jain did not detail […]

The post Researcher claims $100,000 for ‘Sign in with Apple’ hack appeared first on CyberScoop.

Continue reading Researcher claims $100,000 for ‘Sign in with Apple’ hack→

Zero-day broker: Stop sending us Apple bugs, we have enough already

Posted on May 13, 2020 by Jeff Stone

A company that pays hackers to submit serious security vulnerabilities says it’s made aware of so many flaws in various Apple operating systems that it will temporarily stop acquiring new attack techniques. In a tweet Wednesday, Zerodium said it will stop accepting Apple iOS bugs that lead to “local privilege escalation,” which attackers use to dig deeper into an infected device, remote code execution bugs in the the company’s Safari web browser, or “sandbox escape” tools, which enable attackers to move from an app to other areas of a device. We will NOT be acquiring any new Apple iOS LPE, Safari RCE, or sandbox escapes for the next 2 to 3 months due to a high number of submissions related to these vectors. Prices for iOS one-click chains (e.g. via Safari) without persistence will likely drop in the near future. — Zerodium (@Zerodium) May 13, 2020 In a follow-up tweet, […]

The post Zero-day broker: Stop sending us Apple bugs, we have enough already appeared first on CyberScoop.

Continue reading Zero-day broker: Stop sending us Apple bugs, we have enough already→

Hackers have been exploiting two zero-days to break into iPhones and iPads

Posted on April 22, 2020 by Shannon Vavra

A zero-day vulnerability in Apple’s Mail application for iOS has been used to target high-profile victims around the world for more than two years, according to ZecOps research published Wednesday. The flaw, which ZecOps uncovered through conducting a routine digital forensics and incident response investigation, is triggered by sending emails that consume a “significant amount” of a device’s memory. From there, hackers could gain access to email accounts via Mail, gaining the ability to leak, modify, or delete emails. If the attackers want to cause additional harm and gain further access to victim devices, it “would require an additional infoleak bug [and] a kernel bug afterwards,” the researchers write in a blog that details their findings. ZecOps assesses with “high confidence” that individuals at a U.S. company in the Fortune 500, managed security service providers from Saudi Arabia and Israel, an executive in Japan, a journalist in Europe, and a […]

The post Hackers have been exploiting two zero-days to break into iPhones and iPads appeared first on CyberScoop.

Continue reading Hackers have been exploiting two zero-days to break into iPhones and iPads→

A Brisk Private Trade in Zero-Days Widens Their Use

Posted on April 6, 2020 by Tara Seals

More zero-day exploits coming up for sale by NSO Group and others is democratizing the attack vector and placing them within reach of less sophisticated attackers. Continue reading A Brisk Private Trade in Zero-Days Widens Their Use→

Researcher claims $75K payout from Apple for iPhone camera hack

Posted on April 3, 2020 by Sean Lyngaas

Apple has paid a cybersecurity researcher $75,000 for a software exploit chain used to access an iPhone camera and microphone, the researcher said this week. They are the kind of invasive capabilities that a spyware vendor would drool over. But Ryan Pickren, an Atlanta-based white-hat hacker, worked with Apple’s bug bounty program to get them fixed. “I had some experience looking for bugs in [Apple’s web browser] Safari before they launched their bug bounty program,” Pickren told CyberScoop in an email, describing why he took on what he called “two weeks of intense research.” Pickren figured out how to trick a Safari browser into serving up malicious code to infiltrate the iPhone camera and steal browser passwords. He did it by abusing the trust the iPhone was placing in Safari websites — trust that the device didn’t place in non-native applications. The malicious Safari website offered Pickren and his chain of exploits direct access […]

The post Researcher claims $75K payout from Apple for iPhone camera hack appeared first on CyberScoop.

Continue reading Researcher claims $75K payout from Apple for iPhone camera hack→

A researcher found zero-days in one city’s software. Then he realized the problem could be bigger.

Posted on April 3, 2020 by Sean Lyngaas

For Quentin Rhoads-Herrera, this was not a typical security test. A big municipal government in the U.S. had just handed him the source code for software the city uses to manage contracts and track infrastructure projects. He unpacked the code, sifted through it, and found more than a dozen previously undisclosed vulnerabilities, or zero-days, that a hacker could exploit to manipulate data or dump user passwords. But it was more than just a catalog of bugs: Poring over the code, Rhoads-Herrera found the names of two other city governments that have used the software. The product, known as CIPAce, has been used by public and private sector organizations to collect invoices and manage contracts and budgets, according to CIPPlanner Corp., the company that makes it. “If one attacker happens to exploit this city, then they can look and see, easily, every other city that’s using this … and attack them using the same methods,” said […]

The post A researcher found zero-days in one city’s software. Then he realized the problem could be bigger. appeared first on CyberScoop.

Continue reading A researcher found zero-days in one city’s software. Then he realized the problem could be bigger.→

Zoom vulnerabilities could give attackers webcam, microphone access

Posted on April 1, 2020 by Shannon Vavra

Vulnerabilities discovered in popular video teleconferencing app Zoom could allow attackers to escalate privileges on a computer or allow access to users’ webcams and microphones, according to new research from Jamf Principal Security Researcher Patrick Wardle. It’s just the latest security and privacy issue for Zoom, which has been served with a class-action lawsuit over its data sharing practices, and come under scrutiny from the New York Attorney General’s Office and the FBI. Yet, if you’re already social distancing to avoid the spread of the coronavirus, the two vulnerabilities may not be a primary concern. In order for someone to exploit these zero-days, they would need to have physical access to a machine running Zoom’s MacOS client, according to Wardle. “However if you value either your (cyber) security or privacy, you … should avoid using the macOS version of the app, as neither of these essential values seem to be […]

The post Zoom vulnerabilities could give attackers webcam, microphone access appeared first on CyberScoop.

Continue reading Zoom vulnerabilities could give attackers webcam, microphone access→

Category Archives: zero days