The FBI has seized a computer, cellphones and storage devices belonging to a Chicago man thought to be responsible for last year’s iCloud hacks.
The post FBI trace celebrity iCloud hacks to Chicago home appeared first on We Live Security.
Tag Archives: iCloud
Flaw in Mail.app Can Be Used to Hijack iCloud Password
The flaw lies in the Mail.app, Apples default e-mail program for iOS. According to security researcher Jan Sourcek “this bug allows remote HTML content to be loaded, replacing the content of the original e-mail message. JavaScript is disabled in this UIWebView, but it is still possible to build a functional password “collector” using simple HTML and CSS.“ To reduce suspicion the code even detects if someone has already visited the page in the past by using cookies. If this was the case it stops displaying the password prompt.
This means that hackers could easily create phishing mails which show a form that looks exactly like the iCloud login pop-up window everyone knows. The user would be asked for their username and password, which – once entered – would then be transmitted to the cybercriminals. Just take a look at the below concept-of-proof video to see how easy it would be to trick the unsuspecting user!
Sourcek discovered the flaw in January 2015 and informed Apple immediately. Since then no action has been taken in order to fix said vulnerability. In the hope that it will make Apple take the bug more seriously, the security researcher has now published his findings together with a proof-of-concept video and the corresponding code.
Feel free to follow this link in order to find out more about the issue.
The post Flaw in Mail.app Can Be Used to Hijack iCloud Password appeared first on Avira Blog.
Top 5 security resolutions for 2015
Follow these top 5 security resolutions from We Live Security to make for a safer 2015.
The post Top 5 security resolutions for 2015 appeared first on We Live Security.
Kris Jenner reveals naked video could be leaked in iCloud hack
Kris Jenner is reportedly being blackmailed over a naked video that was stolen from her iCloud and could be released in the public sphere.
The post Kris Jenner reveals naked video could be leaked in iCloud hack appeared first on We Live Security.
iCloud users in China under attack. But who could be after their passwords?
Make sure you are running a half-decent browser, don’t ignore browser security warnings, and enable two-factor authentication.
That appears to be the lesson to learn from the latest attack on Chinese internet users.
The post iCloud users in China under attack. But who could be after their passwords? appeared first on We Live Security.
How to make your social media accounts (almost) unhackable
Now more than ever, its important to make sure your social media accounts are safe and secure. Here are our 6 top tips to make your social media accounts almost unhackable.
The post How to make your social media accounts (almost) unhackable appeared first on We Live Security.
Hackers in Hollywood, and Beyond
Many celebrities got an unpleasant shock this past weekend. You may have heard that up to 100 celebrities – film stars, etc. – had nude photos hacked and leaked on renegade Web site 4chan.org. Many of the photos were apparently genuine.
Now that the FBI is investigating how these photos were hacked and posted, it’s an unfortunate reminder of the difficulties of maintaining our privacy in this digital age.
I won’t name the celebrities involved, but it’s safe to say it’s a huge invasion of privacy. Some experts are theorizing that the hacker or hackers exploited weaknesses in Apple’s iCloud platform. Apple is now investigating, according to reports and released this statement. Here’s an excerpt: “After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.â€
As a major player in the data security business, we think that this is just a reminder to everyone that when data goes digital, there are security risks involved. It’s a hard lesson.
As British actress Emma Watson (who was not targeted in the hacking) wrote on Twitter: “Even worse than seeing women’s privacy violated on social media is reading the accompanying comments that show such a lack of empathy.â€
Protecting yourself
How to protect yourself, even when you’re not a celebrity? Here are some tips, which we’ve stressed before but can’t stress enough:
- Create difficult passwords. Besides the speculation that iCloud was the victim, it has been suggested the hacker or hackers exploited each of the 100+ accounts’ passwords. As I’ve mentioned before, don’t use your birthday, and create multiple passwords for multiple accounts!
- Consider switching off automatic Cloud photo sharing and backups/Photo Stream. This is a convenience tradeoff. To turn off automatic iCloud sharing, go into your Settings, then iCloud, then scroll down to photos and slide the option to Off.
- Use encryption. Here I will proudly put in a plug for our own mobile phone encryption software, which protects your data against intrusion by encrypting your documents. This is a must for anyone storing private personal or important business intelligence on their phones.
- Think about using a USB drive. If you want to share personal information or photos with a specific person, just use a USB.
As celebrities, Apple, and the FBI come to grips with this specific hacking instance, it’s important to realize everyone’s information is at stake these days – celebrity or not –
And an excellent reminder that we need to actively protect ours.
