There’s just no escaping it: with technology at the forefront of our world, it’s no surprise that hardly a day goes by without some fresh headline reporting the latest must-have gadget, latest app or hacking scandal. And today it’s Apple’s turn at the wrong end of a cyber attack which threatens to compromise the security of both their iOS and OS X operating systems. Two vulnerabilities on the Apple platforms have been detected in as many days, which has led one security firm to announce a ‘new era’ in cyber criminals attacking Apple.
First came RootPipe, which was revealed by a white hat hacker at Swedish security firm TrueSec. RootPipe is known to be a privilege escalation vulnerability, which allows hackers to bypass the normal security tiers and access the Mac’s root. RootPipe, then, has incredible potential to destroy any computer it infects. So large could the impact be that TrueSec are refusing to discuss the matter with anyone outside of Apple until the vulnerability is patched. Until then, they advise Mac owners not to use an administrative account, but instead log in as a normal user.
Secondly, US security firm Palo Alto Networks heralded ‘a new era in malware attacking Apple’ when it revealed the presence of a malware program dubbed WireLurker. WireLurker has the capability to infect all iPhones, whether or not they’re jailbroken, should users download any one of the 467 apps available on 3rd party app store Maiyadi. The malware is then able to steal vital details about the user and their devices, most of whom are located in China.
After remaining silent on the issue for some time, Apple has now said it has blocked WireLurker – though it refused to be drawn on quite how it’s blocking the malware. Instead, it advised iPhone and Mac users to only download apps and software from trusted sources.
Here at Sigma IS we always take a keen interest in the tech sector. After all, when you’re working with candidates and clients in the industry, it pays to know what’s going on. If you’re a professional looking for IT jobs in London, or wish to fill a position, don’t hesitate to contact us on 020 7281 0934 or email us at firstname.lastname@example.org.