Flaw in iPhone, iPads may have allowed hackers to steal data for years

[InfoSec News <alerts () infosecnews org>]

https://www.reuters.com/article/us-usa-apple-cyber/flaw-in-iphone-ipads-may-have-allowed-hackers-to-steal-data-for-years-idUSKCN2242IK

By Christopher Bing, Joseph Menn
Reuters.com
April 22, 2020

WASHINGTON/SAN FRANCISCO (Reuters) - Apple Inc (AAPL.O) is planning to fix a 
flaw that a security firm said may have left more than half a billion iPhones 
vulnerable to hackers.

The bug, which also exists on iPads, was discovered by Zuk Avraham, chief 
executive of San Francisco-based mobile security forensics company ZecOps, 
while investigating a sophisticated cyberattack against a client in late 2019. 
Avraham said he found evidence the vulnerability was exploited in at least six 
cybersecurity break-ins.

An Apple spokesman acknowledged that a vulnerability exists in Apple’s software 
for email on iPhones and iPads, known as the Mail app, and that the company had 
developed a fix, which will be rolled out in a forthcoming update on millions 
of devices it has sold globally.

Apple declined to comment on Avraham’s research, which was published on 
Wednesday, that suggests the flaw could be triggered from afar and that it had 
already been exploited by hackers against high-profile users.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_