- Beware! Your iPhone can be hacked remotely with just a message
Cisco Talos senior researcher Tyler Bohan, who discovered this critical Stagefright-type bug in iOS, described the flaw as “an extremely critical bug, comparable to the Android Stagefright as far as exposure goes. “The critical bug (CVE-2016-4631) actually resides in ImageIO – API used to handle image data – and works across all widely-used Apple operating systems, including Mac OS X, TV OS, and watch OS. All an attacker needs to do is create an exploit for the bug and send it via a multimedia message (MMS) or iMessage inside a Tagged Image File Format (TIFF). Once the message received on the victim’s device, the hack would launch. No explicit user interaction would be required to launch the attack since many applications (like iMessage) automatically attempt to render images when they are received in their default configurations. It is quite difficult for the victim to detect the attack, which if executed, could leak victims’ authentication credentials stored in memory such as Wi-Fi passwords, website credentials, and email logins, to the attacker. Apple has patched this critical issue in iOS version 9.3.3, along with patches for other 42 vulnerabilities, including memory corruption bugs in iOS’ Core Graphics that helps render 2D graphics across those OSes, according to Apple’s advisory.
Cyber Security Tips: Users are advised to patch their devices as it would not take enough time for bad actors to take advantage of the vulnerabilities, which are now known, avoid to click unknown message
- Hackers take over Shuhei Yoshida’s Twitter
Hackers who claimed they briefly brought down Pokémon Go’s servers this weekend appear to have taken control of the Twitter account for Shuhei Yoshida the president of Sony Computer Entertainment’s worldwide studios. Seven tweets, sent early this morning, claim to be testing Yoshida’s account security, linking to the hacker group’s web page and telling Yoshida to contact them to regain control. As of publication time, the account still appears to be in their hands. TechCrunch notes that the group has targeted Twitter accounts of other major figures in technology, including Twitter co-founder and CEO Jack Dorsey.
Cyber Security Tips: These are data breach attacks so if you are using social media then change your passwords and avoid to use same passwords to your accounts and use two way authentications if possible.
- Nigeria loses over $430m annually to cybercrime
Nigeria’s Minister of Communication, Mr. Adebayo Shittu, has disclosed that Africa’s most populous nation and biggest economy, and loses about 0.8% of its Gross Domestic Product (GDP) year-in year-out to cybercrime. The amount in monetary terms of the loss comes to 127 billion naira, the equivalent of $430 million. Shittu made the disclosure at an ongoing National Conference of the Nigerian Computer Society, NCS, with the theme: ‘‘Information Technology for National Safety and Security, ’the online news portal old Vanguard reported. Cybercrime is an offence committed using a computer and the internet to steal a person’s identity or sell contraband or stalk victims or disrupts operations with malevolent programs. Africa’s most populous nation has notoriety for having lots of people engaged in the illegality.
Cyber Security Tips: Nigeria government need to improve their cyber security rules, user need to aware about new threads, malware to prevent you from cyber-crime.