Apple Inc is planning to fix a flaw that a security firm said may have left more than half a billion iPhones vulnerable to hackers.
The bug, which also exists on iPads, was discovered by ZecOps, a San Francisco-based mobile security forensics company, while it was investigating a sophisticated cyberattack against a client that took place in late 2019. Zuk Avraham, ZecOps’ chief executive, said he found evidence the vulnerability was exploited in at least six cybersecurity break-ins.
An Apple spokesman acknowledged that a vulnerability exists in Apple’s software for email on iPhones and iPads, known as the Mail app, and that the company had developed a fix, which will be rolled out in a forthcoming update on millions of devices it has sold globally.
Apple declined to comment on Avraham’s research, which was published on Wednesday, that suggests the flaw could be triggered from afar and that it had already been exploited by hackers against high-profile users.
Avraham said he found evidence that a malicious program was taking advantage of the vulnerability in Apple’s iOS mobile operating system as far back as January 2018. He could not determine who the hackers were and Reuters was unable to independently verify his claim.
To execute the hack, Avraham said victims would be sent an apparently blank email message through the Mail app forcing a crash and reset. The crash opened the door for hackers to steal other data on the device, such as photos and contact details.
ZecOps claims the vulnerability allowed hackers to remotely steal data off iPhones even if they were running recent versions of iOS. By itself, the flaw could have given access to whatever the Mail app had access to, including confidential messages.
Avraham, a former Israeli Defense Force security researcher, said he suspected that the hacking technique was part of a chain of malicious programs, the rest undiscovered, which could have given an attacker full remote access. Apple declined to comment on that prospect.
ZecOps found the Mail app hacking technique was used against a client last year. Avraham described the targeted client as a “Fortune 500 North American technology company,” but declined to name it. They also found evidence of related attacks against employees of five other companies in Japan, Germany, Saudi Arabia, and Israel.
Avraham based most of his conclusions on data from “crash reports,” which are generated when programs fail in mid-task on a device. He was then able to recreate a technique that caused the controlled crashes.
Two independent security researchers who reviewed ZecOps’ discovery found the evidence credible, but said they had not yet fully recreated its findings.
Patrick Wardle, an Apple security expert and former researcher for the U.S. National Security Agency, said the discovery “confirms what has always been somewhat of a rather badly kept secret: that well-resourced adversaries can remotely and silently infect fully patched iOS devices.”
Because Apple was not aware of the software bug until recently, it could have been very valuable to governments and contractors offering hacking services. Exploit programs that work without warning against an up-to-date phone can be worth more than $1 million.
While Apple is largely viewed within the cybersecurity industry as having a high standard for digital security, any successful hacking technique against the iPhone could affect millions due to the device’s global popularity. In 2019, Apple said there were about 900 million iPhones in active use.
Bill Marczak, a security researcher with Citizen Lab, a Canada-based academic security research group, called the vulnerability discovery “scary.”
“A lot of times, you can take comfort from the fact that hacking is preventable,” said Marczak. “With this bug, it doesn’t matter if you’ve got a PhD in cybersecurity, this will eat your lunch.”
Be smart with your money. Get the latest investing insights delivered right to your inbox three times a week, with the Globe Investor newsletter. Sign up today.
Crossword for Friday, Jun. 5 – Brandon Sun
We need your support!
Local journalism needs your support!
As we navigate through unprecedented times, our journalists are working harder than ever to bring you the latest local updates to keep you safe and informed.
Now, more than ever, we need your support.
Starting at $4.99/month you can access your Brandon Sun online and full access to all content as it appears on our website.
or call circulation directly at (204) 727-0527.
Your pledge helps to ensure we provide the news that matters most to your community!
Vancouver's Cibo Trattoria and UVA Wine and Cocktail Bar announce new head chef – Eat North
After weeks of planning and anticipation, Vancouver’s Cibo Trattoria and UVA Wine and Cocktail Bar recently announced the addition of new head chef Jesse Zuber, and are both set to reopen their doors for dine-in services today.
Chef Zuber, best known for competing on Top Chef Canada and helming the kitchens at Ayden Kitchen and Bar and Saskatoon’s Little Grouse on the Prairie, has developed new dinner, lunch, and weekend brunch menus for Cibo that embrace the restaurant’s traditional rustic Italian cuisine, while maintaining the B.C.-born chef’s affinity for seasonality and local ingredients.
“It’s a bit of an odd time to start a new position, but I’ve been so impressed with the amount of passion on display here and the breadth of talent from the front of house to the kitchen and bar,” says Zuber. “I’m so thrilled to be a part of this amazing team and we can’t wait to welcome old friends and new acquaintances back to our dining room.”
At UVA, chef Zuber and his team will provide a select menu of bites and small plates to complement the downtown Vancouver wine and cocktail bar’s award-winning cocktail list and cellar of Old- and New-World wines.
Both Cibo and UVA plan to employ stringent health and safety standards, including the use of personal protective equipment and social distancing measures.
Reservations for Cibo can be made via OpenTable or by calling the restaurant, while UVA will accept walk-ins only based on availability.
Best Buy Canada goes big on Father's Day 2020 tech deals – MobileSyrup
Best Buy Canada wants you to celebrate Father’s Day in style and has heavily discounted several notable tech items. As a reminder, Father’s Day is June 21st, 2020.
Below are some of the Canadian retailer’s best offers:
- SiriusXM Onyx Plus with Vehicle Kit for $59.99 (save $37)
- Google Home for $39.99 (save $59)
- Google Nest Thermostat E Wi-Fi Smart Thermostat for $229
- Google Nest Hub for $99.99 (save $29)
- Google Nest Hello Wi-Fi Video Doorbell for $249.99 (save $50)
- Google Nest Cam WiFi Indoor IP Camera for $179.99 (save $50)
- Google Nest Hub Max with Google Assistant for $249.99 (save $50)
- Arlo Pro 2 Wire-Free Indoor/Outdoor Security System for $399.99 (save $150)
- Arlo Wi-Fi Video Doorbell for $169.99 (save $30)
- Bose SoundLink Revolve for $199.99 (save $50)
- Apple AirPods Refurbished for $159.99 (save $60)
- Bose QuietComfort 35 II Over-Ear Noise Cancelling Bluetooth Headphones for $399.99 (save $50)
- JBL Charge 4 Waterproof Bluetooth Wireless Speaker for $159.99 (save $60)
- House of Marley Liberate Air & Get Together Bluetooth Speaker for $299.98 (save $70)
- JBL Free In-Ear Bluetooth Truly Wireless Headphones for $99.99 (save $100)
- Jabra Elite Sport In-Ear Noise Cancelling Truly Wireless Headphones for $159.99 (save $90)
- Bose SoundLink Revolve+ for $299.99 (save $70)
- PlayStation Plus 12 Month Membership for $48.99 (save $21)
- Apple Watch Series 3 (GPS + Cellular) – Refurbished for $319.99 (save $100)
- Xbox One X 1TB Star Wars Jedi: Fallen Order Deluxe Edition Bundle for $379.99 (save $100)
- Playstation 4 Console 500GB with Dualshock 4 Controller (Refurbished) for $259.99 (save $40)
- Sony BRAVIA 49″ 4K UHD HDR LED Android Smart TV for $899.99 (was $999.99)
- Sony 55″ 4K UHD HDR LED Android Smart TV for $999.99 (was $1099.99)
- Sony 65″ 4K UHD HDR LED Android Smart TV for $1,199.99 (was $1,299.99)
- Sony 75″ 4K UHD HDR LED Android Smart TV for $1,899.99 (was $1,999.99)
- Sony 85″ 4K UHD HDR LED Android Smart TV for $2,799.99 (was $3,299.99)
- Sony 85″ 4K UHD HDR LED Android Smart TV for $4,999.99 (was $5,999.99)
- Sony 85″ 8K UHD HDR LED Android Smart TV for $11,999.99 (was $13,999.99)
Source: Best Buy Canada
Toronto and Vancouver Real Estate Inventory May Get A Boost From AirBNB Slowdown – Better Dwelling
Trudeau takes a knee at anti-racism protest on Parliament Hill – CBC.ca
Social media helps solve mystery of lost camera found in Kelowna’s Mill Creek – Globalnews.ca
- Science13 hours ago
Full 'Strawberry' Moon coincides with a penumbral lunar eclipse tonight – Daily Mail
- News17 hours ago
Canadians living in China watch developments in Meng case closely – CTV News
- Art19 hours ago
Ottawa business faces backlash after posts on Blackout Tuesday – CTV News Ottawa
- Media5 hours ago
3 Media and Entertainment Industry Trends Driven by the Impact of COVID-19 on Digital Content Consumption Patterns | Submit RFP for Detailed Insights | Quantzig – Business Wire
- Economy17 hours ago
BoC eyeing supply, consumer demand for July economic outlook, deputy says – BNNBloomberg.ca
- Tech17 hours ago
Reminder: You Can Download A Free Version Of Clubhouse Games: 51 Worldwide Classics – Nintendo Life
- Media17 hours ago
Hong Kong's free media fears being silenced by China's national security law – The Globe and Mail
- Tech18 hours ago
2020 iPhone Shock As Five ‘All-New’ Apple iPhones Revealed – Forbes