In June we heard about Mactans, a malicious iPhone charger created by three security researchers from the Georgia Institute of Technology. This week the researchers presented their findings at Black Hat, an annual hacker convention in Las Vegas, and Apple officially responded to them. Here's the deal...
So far this year, Apple customers have been exposed to an increased number of phishing attempts according to a study done by Kaspersky Labs. The study shows a greatly increased number of phishing emails purporting to come from Apple in the first five months of this year when compared to the number of Apple-related phishing attempts detected in 2011. More specifically, Kaspersky seems to be looking at the number of attempts to access phishing sites that have been blocked by their products.
Ibrahim Balic received a lot of attention recently after claiming he may be the person responsible for Apple's ongoing Developer Portal outage. With no further communication or corroboration from Apple, people are still trying to get a clear picture as to exactly what happened last Thursday that prompted Apple to take the site down, and if Balic's actions are truly the cause. In order to get a better handle on what may or may not have happened, and his potential role in it, I communicated with Balic yesterday and asked him a series of questions. Here's what I found out:
Following just days after Tango's servers were compromised, the Syrian Electronic Army(SEA) has hacked another calling and messaging service, Viber. E Hacking News is reporting that this time SEA was able to acquire a partial database backup containing phone numbers, UDIDs (Viber generated, not Apple UDIDs) and IP addresses, among other user information for some of Viber's more than 200 million subscribers.
There's news from Security Research Labs making the rounds that a way to hack and clone SIM cards - the subscriber identification modules used in phones and tablets to connect them to voice and data networks - has been discovered and will be expounded upon at a later date. It involves an old DES-56 exploit - Jerry Hildenbrand provides the details over on Android Central - but that's about all that's been disclosed so far. No word on which SIMs, on which carriers.
Tumblr for iOS has been updated with an important security fix. According to Tumblr's blog post, there was an issue in the app that allowed for a user's password to be compromised in certain circumstances.
If you're worried about someone accessing your Facebook account from a different iPhone, iPad, or computer browser, you can enable a few security settings to set your mind at ease. Code Generator can give you access codes right on your iPhone and iPad so you can approve different devices and browsers as you see fit.