Serious iPhone Flaw Can Let Others Access Your Device, Data And More

KEY POINTS

  • Apple’s iPhones are some of the best smartphones around
  • Despite this, researchers still discover some flaws
  • One particular flaw can allow remote access to the iPhone and its content

A security researcher discovered a major security flaw that allows people with the know-how, equipment and malicious intent to gain remote access to a nearby iPhone, view all of the data in the device and even steal it – all without the owner knowing.

Noted Google Project Zero research Ian Beer, a known security researcher who works with companies to fix serious flaws, recently published a lengthy blog entry explaining how it is possible for someone to gain access to an iPhone from a safe distance, such as from the other side of the street.

The blog entry, “Project Zero: An iOS zero-click radio proximity exploit odyssey,” is highly technical in nature and uses jargon that won’t be easy

Read More

This critical software flaw is now being used to break into networks – so update fast

State-backed hackers and criminal gangs are now actively using a vulnerability in mobile device management (MDM) software to successfully gain access to networks across government, healthcare and other industries.

The UK’s National Cyber Security Centre (NCSC) has issued an alert warning that a number of groups are currently using a vulnerability in MDM software from MobileIron.

MDM systems allow system administrators to manage an organisation’s mobile devices from a central server, making them a valuable target for criminals or spies to break into.

SEE: Network security policy (TechRepublic Premium)

In June 2020, MobileIron released security updates to address several vulnerabilities in its products. This included CVE-2020-15505, a remote code execution vulnerability. This critical-rated vulnerability affects MobileIron Core and Connector products, and could allow a remote attacker to execute arbitrary code on a system.

The NCSC is aware that nation-state groups and cyber criminals “are now actively attempting to exploit this

Read More