Latest Apple iPhone Security Flaws: What You didn’t Know


Most iPhone users around UK have been paying dearly to fix their Apple iPhones from malicious hacking. Paying for a 15 seconds fix with £30 can be a real forfeiture. Malicious hack of iPhones include a number of security breaches, which include scams from 2014 that saw many sending money to unverified accounts online with the simplest persuasion trick. This year, hackers seem to have grown wiser and have come up with a ‘toll-free’ phone contact to facilitate payments. During a normal browsing, a crash report window pops up displaying a message that the iOS crashed due to a third party application. The user is then directed to a toll-free 0800 number where they are persuaded to make payments.

The vulnerability of iOS devices to hack attacks has been tackled by Apple through different update releases that fixed the bugs. However, as soon as an update fix is released, another hack comes in. A recent release by researchers revealed a very important security flaw that hackers take advantage of to steal important data such as app passwords and Apple Keychain on iOS devices as well as Mac.

The security flaws called cross-app resource access attacks (XARA), are stated to affect all mobile devices, MacBook and Macs. This is because the Keychain service in these devices is used for passwords storage. The security flaws compromises the safety of confidential information on Apple applications such as Evernote, Facebook and WeChat.

The worst part of it is that Apple received a report on the security flaws in October 2014, and in February 2015, a detailed report was also submitted as requested, but the flaws are still present in the latest releases of both iOS and MAC OSX operating systems.

Security experts have warned that Apple needs to start beefing up their security measures by looking into defense technologies that are automated in order to detect any security flaws. The problem that most technology related organizations face is that whenever a flaw is detected, these companies instead impose reactive measures. Zero-day flaws should ring a bell to organizations to embrace the implementation of the automated defense mechanism to mitigate damage before it actually occurs.

The automated defense technology is the next generation of cyber defense. Cyber defense is a solution that reduces the risks that come with weakness of inherent information technology infrastructure. This is because all cyber criminals always device methods of sneaking around the security options set. Some also work hard to discover loopholes existing in commonly used systems by corporates and consumers. The danger that comes forth with these vulnerabilities is that they can be transformed into weapons that subvert the systems in target. As such organizations, including Apple need to keep their pace by adopting the automated defense technology.

Several companies from UK who discovered these security flaws in Apple devices contacted Apple on the matter and the answers are yet to be received. It is the hope of these companies that Apple will respond to adoption of the automated defense technology to ensure that their yet to come devices remain free from the security vulnerabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *