HITB Throwback Thursday: An Almost Impossible evasi0n
By: Weixien Toh
By: Weixien Toh
The team over at Cisco Talos has spotted a clever bit of trickery being used by an iOS click fraud operation. Researchers say a piece of malware called "Checkrain" has been making the rounds spoofing a popular iOS jailbreaking tool called "checkra1n".
"The site even claims to be working with popular jailbreaking researchers such as “CoolStar” and Google Project Zero’s Ian Beer," Talos explains.
Last year, Apple set users’ expectations with iOS 12, saying it would be focused on improving performance and fixing bugs and stability issues instead of adding a bunch of new features. And while there were still plenty of bugs over the course of the iOS 12 cycle, performance was improved—particularly on older devices.
iOS 9.2.1 isn’t even out of beta yet, but a well-known iOS hacker is already flaunting a purported jailbreak for the unreleased software. Luca Todesco, better known as @qwertyoruiop, teased an iPhone 6 screenshot of Cydia running on iOS 9.2.1 beta.
Whether the jailbreak is legit is still up for debate, but he’s no slouch when it comes to security research involving iOS. In fact, Todesco was recently credited by Apple in one of its iOS security fix acknowledgements for iOS 9.2.
Will this jailbreak ever see the light of day as a public release?
Microsoft is preparing for the rollout of its Siri alternative, Cortana, on Apple devices.
In a post on its Answers website, the Windows giant has asked for beta testers for the service on iOS devices. But you have to apply and be accepted, and the company appears to be looking for people in the unusual subset of iPhone users that have a Windows 10 computer.
Do you have AirDrop enabled on your iPhone or Mac?
Maybe you'll think again after watching a video made by Australian security researcher Mark Dowd.
TaiG, the Chinese jailbreaking team that has been thanked in Apple patch notes for exposing iOS vulnerabilities, has just released a new jailbreak tool for Mac that will allow you to run unsigned code on any iOS 8.4 device. Hurrah!
The process of jailbreaking is so simple, anyone can do it.
Apple is hoping to lure developers away from the temptations of the URL scheme, which Twitter infamously made use of last year to track what apps are installed on your iOS device, To do that, they’ve introduced a new alternative in Universal Links, which can direct users right to the relevant content within your app, using just a standard web link preceded by either http:// or https://.
iOS developer Nicholas Allegra, better known by his handle "comex" within the jailbreaking community, shared a short video on Twitter that shows a web browser running on the Apple Watch. The fifteen-second clip shows Allegra tapping, panning and zooming on the Google homepage on the Apple Watch, but the functionality is limited as to be expected because of the small screen size and lack of an on-screen keyboard.
Security experts have warned that 2,000 Android and iOS apps are still vulnerable to the much publicized FREAK flaw over a fortnight after it was first disclosed, exposing billions of users to data loss.
FireEye researchers scanned 10,985 Google Play Android apps with more than one million downloads each and found 1,228 (11.2%) were still vulnerable to FREAK.