Apple cyber attack investigation shifts from Chinese to eastern European hackers

Posted by:
Date: Thursday, February 21st, 2013, 07:51
Category: News, security, Software

Ok, maybe we were a bit hasty in blaming the chinese…

Per Bloomberg, while earlier reports suggested hackers who targeted Apple emanated from China, investigators now believe the criminals are instead based out of Eastern Europe.

The attacks on Apple, Facebook, Twitter and others are now linked to “an Eastern European gang of hackers that is trying to steal company secrets,” citing sources people familiar with an ongoing investigation.

“Investigators suspect that the hackers are a criminal group based in Russia or Eastern Europe, and have tracked at least one server being used by the group to a hosting company in the Ukraine,” the report said. “Other evidence, including the malware used in the attack, also suggest it is the work of cyber criminals rather than state-sponsored espionage from China, two people familiar with the investigation said.”

An earlier report had instead linked recent attacks on companies like Facebook to the Chinese Army. It claimed that there was “little doubt” that an “overwhelming percentage of attacks on American corporations, organizations and government agencies” originate from a People’s Liberation Army group known as “Unit 61398″ based out of the outskirts of Shanghai.

Apple announced on Wednesday that some of its employees’ laptops had been infected through a vulnerability in the Java plug-in for browsers. The company revealed that the same malware was used against a number of companies, but did not indicate what country the attacks may have originated from.

“We identified a small number of systems within Apple that were infected and isolated them from our network,” the company said in a statement. “There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.”

The attacks are believed to have occurred through an iPhone developer community website that was hosting malware. It’s believed that the infected code made its way onto the computers of Apple, Facebook, Twitter and other companies utilizing a Java zero-day flaw.

The method used by the criminals is a so-called “watering hole attack,” in which hackers compromise a popular website that many people visit and trust.

Apple on Tuesday pushed out an update for all OS X users that patches the exploit, and also removes the Java Web applet.

Stay tuned for additional details as they become available.

Evasi0n hack updated, new version offers iOS 6.1.2 support

Posted by:
Date: Wednesday, February 20th, 2013, 08:34
Category: iOS, News, security, Software

evasi0n-icon

It’s hard to knock a hack that’s also updated frequently.

Per MacNN, the Evasi0n iOS jailbreak tool has been released enabling support for the new 6.1.2 OS update. No bug fixes are noted for the release, or specific notes on what the group had to modify to enable the hack.

Problems such as app instability, battery drain or other minor issues are common with jailbreaks, as they rely on injecting new code to overwrite portions of the original Apple code. Other potential hazards, according to Apple, include security issues as the jailbreak relies on an exploit, which could be found and misused by others to serve malware or foster hacking attacks as seen on the Android platform.

Apple has also warned that iOS devices that are jailbroken may in some cases be refused warranty or extra-warranty service, particularly if there is any chance that the jailbreaking is related to the complaint. Most devices can be easily un-jailbroken and returned to normal service if they are still operable, but if they are nonfunctional as a result of the process (known as “bricked’) then the jailbreak cannot be removed before servicing.

If you’ve tried the updated version of Evasi0n and have any feedback to offer, please let us know in the comments.

Apple releases Java updates for Mac OS X 10.6, 10.7, 10.8 operating systems

Posted by:
Date: Wednesday, February 20th, 2013, 07:17
Category: News, security, Software

applelogo_silver

Well, this is a bit awkward.

Following up on a recent, wide-ranging malware attack, Apple releases Java updates for its Mac OS X 10.6, 10.7 and 10.8 operating systems.

The first update, Java for Mac OS X 10.6 Update 13, stands as a 69.32 megabyte download and offers the following fixes and changes:

- Java for OS X 10.6 Update 13 delivers improved security, reliability, and compatibility for Java SE 6.

- Java for OS X 10.6 Update 13 supersedes all previous versions of Java for OS X v10.6.

The update requires an Intel-based Mac running Mac OS X 10.6.8 or later to install and run.

The company also addressed its Mac OS X 10.7 and 10.8 user base, releasing its Apple Java 2013-001 update, a 67 megabyte download that offers the following fixes and changes:

- Java for OS X 2013-001 delivers improved security, reliability, and compatibility for Java SE 6.

- Java for OS X 2013-001 supersedes all previous versions of Java for OS X.

The update requires an Intel-based Mac running Mac OS X 10.7 or later to install and run.

The updates can be located, snagged and installed via the Software Update feature built into the Mac OS X operating system.

If you’ve tried the updates and have any feedback to offer, please let us know in the comments.

Apple releases iOS 6.1.2 update

Posted by:
Date: Tuesday, February 19th, 2013, 12:42
Category: iOS, iPad, iPad mini, iPhone, iPhone 3GS, iPod Touch, News, security, Software

Never doubt the speed of a fix in the wake of bad PR…

On Tuesday, Apple released iOS 6.1.2, a 107 megabyte download offering the following fixes for its supported iOS devices:

- Fixes an Exchange calendar bug that could result in increased network activity and reduced battery life.

iOS 6.1.2 is available via iTunes or Over-The-Air updating and requires an iPhone 3GS, 4, 4S, 5, iPad 2, third or fourth-gen iPad, iPod Touch 4th Gen or iPad Mini to install and run.

disableEmergency app available through jailbreak, helps bypass iOS 6.1 lockscreen exploit

Posted by:
Date: Monday, February 18th, 2013, 08:52
Category: Hack, News, security, Software

The hackers get the last laugh this time around.

Per The Mac Observer, the jailbreak community has beat Apple to the punch with its own solution to an iOS 6.1 bug that could give someone access to your iPhone without knowing your passcode. The app, dubbed “disableEmergency”, removes the Emergency Call button from the lock screen, which effectively removes one of the steps needed to break into your iPhone.

The security flaw requires several steps involving swipes, taps and button presses in the right order, afterwhich your contacts, schedule, and email are acessible.

Removing the Emergency Call button from the lock screen means calling for police or fire assistance will require dialing the emergency number yourself, so hacking your iPhone just to avoid a difficult to perform process may be a little extreme, especially since Apple has promised that a fix is on the way.

disableEmergency is free and available through the Cedia installer.

If you’ve tried the disableEmergency app and have any feedback to offer, please let us know in the comments.

Rumor: Apple working on quick fix for lockscreen exploit in iOS 6.1.2

Posted by:
Date: Monday, February 18th, 2013, 08:56
Category: iOS, Rumor, security, Software

When in doubt, work on a fix.

Per German web blog iFun and AppleInsider, Apple is already working on an update to iOS 6 to address a dangerous passcode vulnerability discovered earlier in the week, with one report claiming that the company anticipated issuing the update as early as next week.

The article presently states that iOS 6.1.2 will arrive early next week, and likely before February 20. iFun accurately predicted the launch of iOS 6.1.1, relying on the same sources that tell them 6.1.2 is on the way.

News of the lockscreen exploit hit the Internet last Wednesday. Using the bypass method, one can view and modify an iPhone owner’s contacts, listen to voicemail, and browse through their photos. The exploit does not, though, appear to grant access to email or the web.

Apple on Thursday acknowledged the vulnerability. The company, representatives said to the media, is hard at work on a patch, though they provided no hard details on when users could expect one.

Stay tuned for additional details as they become available.

Lockscreen bypass available in iOS 6.1, contacts vulnerable through hack

Posted by:
Date: Thursday, February 14th, 2013, 05:54
Category: Hack, iOS, News, security, Software

Ok, they’re probably going to need to fix this.

Per The Verge, a security flaw in Apple’s iOS 6.1 lets anyone bypass your iPhone password lock and access your phone app, view or modify contacts, check your voicemail, and look through your photos (by attempting to add a photo to a contact).

The method, as detailed by YouTube user videosdebarraquito, involves making (and immediately canceling) an emergency call and holding down the power button twice. Tests confirmed that the hack worked on two UK iPhone 5s running iOS 6.1 and can be seen below:



Similar instances had occurred – and were patched – in iOS 4.1, and was fixed in iOS 4.2.

Apple has yet to reply to requests for comment regarding this situation.

Apple releases 11th OS X 10.8.3 build to developer community, pins down file bug

Posted by:
Date: Thursday, February 7th, 2013, 08:58
Category: News, security, Software

The betas, they just keep rolling in…

Per The Mac Observer, Apple continued to extensively test the next maintenance update to OS X 10.8 Mountain Lion with the release of the tenth prerelease build of 10.8.3 to developers Wednesday. The build, 12D65, arrives one week after the previous build, 12D61.

The latest build of 10.8.3 lists no known issues and asks developers to focus on AirPlay, Airport, Game Center, Graphics Drivers, and Safari.

Notably, the build fixes a file bug revealed over the weekend that caused nearly every Mountain Lion app to crash by entering a specific set of characters. It was eventually determined that the bug was due to a Cocoa programming error in Mountain Lion’s data detectors. That Apple has now fixed the bug in the latest prerelease of 10.8.3 is a good sign, as it was potentially a serious security vulnerability.

OS X 10.8 Mountain Lion was first released on July 25, 2012. The 10.8.1 update arrived on August 23, 2012 and 10.8.2 on September 19, 2012. Prerelease builds of 10.8.3 have been seeded by Apple since November.

If you’ve gotten your mitts on the latest beta and have any feedback to offer, please let us know in the comments.

Apple releases Java for Mac OS X 10.6 Update 12

Posted by:
Date: Monday, February 4th, 2013, 08:04
Category: News, security, Software

applelogo_silver

This sort of came out of left field, but if you’re running Mac OS X 10.6, you should probably install it.

Late Friday, Apple released Java for Mac OS X 10.6 Update 12, a Java update for its Mac OS X 10.6 (Snow Leopard) operating system.

The update, a 72.8 megabyte download, offers the following fixes and changes:

- Java for Mac OS X 10.6 Update 12 delivers improved security, reliability, and compatibility by updating Java SE 6 to 1.6.0_39.

As always, the update can also be located and installed via the built-in “Software Update” feature in Mac OS X.

The Java for Mac OS X 10.6 Update 11 fix requires an Intel-based Mac running Mac OS X 10.6.8 or later to install.

If you’ve tried the updates and have any feedback to offer, please let us know in the comments.

Apple quietly disables Oracle’s Java 7 Update 11 fix via XProtect anti-malware feature in OS X

Posted by:
Date: Thursday, January 31st, 2013, 08:19
Category: News, security, Software

javaicon

When it comes to Java, there’s always an argument to be had between Apple and Oracle.

Per MacGeneration, the recently released Java 7 Update 11 has been blocked by Apple through its XProtect anti-malware feature in OS X.

Oracle issued the latest update to Java earlier this month to fix a serious zero-day security flaw. The threat was so serious that the U.S. Department of Homeland Security had recommended that all Java 7 users disable or uninstall the software until a patch was issued.

Apple took action on its own and quietly disabled the plugin through its OS X anti-malware system. As noted by the article, Apple has again updated its OS X XProtect list, this time to block Java 7 Update 11.

Because Oracle has yet to issue a newer version of Java that addresses any outstanding issues, Mac users are prevented from running Java on their system.

Over the last few years, Apple has moved to gradually remove Java from OS X. The company dropped the Java runtime from the default installation for OS X 10.7 Lion when the operating system update launched in 2010. Java vulnerabilities have been a common exploit used by malicious hackers looking to exploit the OS X platform.

Most notably, the “Flashback” trojan that spread last year was said to have infected as many as 600,000 Macs worldwide at its peak. Apple addressed the issue by releasing a removal tool specifically tailored for the malware, and also disabled the Java runtime in its Safari web browser starting with version 5.1.7.