Apple Is Set To Fix Two Major Security Flaws That Would Have Let Hackers Steal Data From iPhones

By
Vanessa Waithera
-
0
455

Apple is set to fix two major security that would have let hackers steal data from iPhones.

Apple is finally set to patch two major security flaws in the default iOS and iPad’s Mail app which could have millions of devices vulnerable for over 8 years. The vulnerability was first introduced via iOS 6 and could have since been exploited by attackers repeatedly.

The vulnerability was discovered by ZecOps, a San Francisco-based mobile security forensics firm while it was investigating a sophisticated cyberattack against a client that took place in late 2019.

There were security breaches that exposed them.

Trending
How is Blockchain Used in Software Development

At the time, Zuk Avraham, ZecOps’ chief executive, claimed that the vulnerability was exploited in at least six cybersecurity breaches that allowed hackers to gain access to devices of high-profile targets.

The exploit, ZecOps explains, is triggered by sending a rigged email that may or may not require and interaction at all, while in other cases may only require the user to open the email.

How does it work?

Once triggered, the email then runs code in the context of the default mail apps, which make it possible to read, modify, or delete messages.

The security firm also suspects the attackers combine the zero-day vulnerability with a separate exploit to give full control over the device. As explained above, the vulnerability can be triggered remotely without any user interaction — an attack known as a zero-click.

What was their objective?

In a separate report published by Reuters, the publication got two independent security researchers to review ZecOps’ claims. The researchers too found the evidence credible but said they had not yet fully recreated its findings.

In its report, ZecOps claims that a number of its customers were targeted, including employees at a Fortune 500 company in North America, with a journalist in Europe and a VIP in Germany also having been targeted using this exploit.

Apple only found out recently so are there people who’ve been exposed?

But what’s concerning is that since Apple wasn’t aware of the vulnerability until recently, the flaw could have been exploited by hackers and even security agencies across the globe to snoop on unsuspecting users who had no idea that their data was being stolen in the first place.

ZecOps says it alerted Apple to the vulnerabilities in February. Both of the flaws have since been patched in the latest beta releases of iOS 13, and a fix is set to arrive in the next publicly available iOS update in iOS and iPadOS 13.4.5.

Advertise on TechMoran.com — reach founders, innovators, and decision-makers

Promote your product, event, press release, or launch a report to a highly engaged tech and business audience. You can also take over our homepage for premium visibility and sponsor our monthly #TechNight events and podcasts and annual StartupEast Conference & Awards to maximize brand exposure.

Beyond reach and visibility, we have over ten years of experience in SEO-driven digital publishing and we are the best in the SEO market at helping brands grow organic visibility through high-quality editorial backlinks and strategic content placement. We are here to help you improve your search rankings and long-term discoverability. We also help improve AI discoverability, ensuring your brand is more visible across emerging AI-powered search and recommendation systems.

Your campaign will also be extended across TechMoran, BusinessTech.co.ke, and AfricanWomenNetwork.net, including their newsletters, giving you wider reach and engagement across East Africa’s leading digital audiences. Be part of the region’s biggest tech and business platforms monthly, quarterly, and annually.

Contact Sales