Tag Archives: exploit

News, Smartphones

Your iPhone Is Vulnerable to a New iMessage Hack – Steps to Protect Your Device

A new exploit, known as BLASTPASS, has been discovered by Citizen Lab, involving the use of iMessage accounts to send malicious image files. In response, Apple has released an iPhone update, iOS 16.6.1, to address this vulnerability. To safeguard your device, follow these steps: Go to Settings → General → Software Update and run the software update as soon as possible.

For added protection, Apple has also released updates for iPad, Mac, and Apple Watch. It is recommended to install these updates urgently.

Apple has acknowledged the severity of the exploit, stating that the processing of a manipulated image could result in arbitrary code execution. They are aware of reports of active exploitation. In response, Apple has addressed the buffer overflow issue in ImageIO with improved memory handling. Additionally, a similar issue in Wallet has been resolved with enhanced logic.

While the majority of users are unlikely to be targeted by NSO Group clients, it is advisable to take precautions. Citizen Lab suggests activating the iPhone’s “Lockdown Mode,” which offers resistance against Pegasus-style mercenary malware attacks. To enable this feature, follow these steps: Go to Settings → Privacy & Security → Security → Lockdown Mode → Turn On Lockdown Mode → Turn On Lockdown Mode (again) → Turn On & Restart. After entering your device passcode, the mode will be activated.

Cars, News

Hackers Discover Method to Unlock Expensive Tesla Features without Payment

According to a recent report, hackers have found a new exploit that allows them to unlock expensive features in Tesla electric vehicles (EVs) without actually paying for them. This exploit could potentially even enable hackers to activate the self-driving feature, which costs $15,000, in regions where it is locked out. However, the researchers who discovered the exploit have not attempted this themselves. The vulnerability affecting the software capabilities of the EVs is actually hardware-based, meaning that Tesla cannot simply patch it through software updates. The researchers mentioned that fixing the vulnerability would require Tesla to replace the affected hardware. When approached for comment on the exploit, Tesla did not respond to TechCrunch’s request.

This is not the first time that hackers have targeted Tesla vehicles. However, the consequences of this new exploit are more far-reaching compared to previous hacks. Previous hacks included a targeted takeover of a specific Model S car, shutting down a Model S using a connected laptop, and rooting the Model 3 to run Ubuntu on it, among other modifications with varying intentions. Tesla endeavors to monitor such hacking attempts closely. In fact, a Tesla driver in 2014 was contacted by the Tesla service center after using an exploit to install Firefox on the dashboard display of their Model S. The company does not take hacking attempts lightly.