Apple's latest controversy: Expanded App Store advertising

Credit to Author: Jonny Evans| Date: Mon, 01 Aug 2022 09:03:00 -0700

Depending on how you look at it, Apple may be ramping up ways developers can  reach out durectly to customers via its App Store – or building its own business at others’ expense.

What Apple is doing

Apple has had an advertising business of its own ever since Apple’s then CEO, Steve Jobs, introduced us to iAds in 2010. The scale of that offer was always limited to Apple’s platform, but the service arguably failed, with its technology living on in the form of ad slots in Apple News and the App Store.

Apple’s App Store currently hosts just two ad slots, one in the search tab and the other in Search results. You can tell when you are looking at an ad from the blue shade behind the graphic and a small blue badge that says “ad” – these ads are hard to mistake for content.

To read this article in full, please click here

Read more

Apple slaps hard against ‘mercenary’ surveillance-as-a-service industry

Credit to Author: Jonny Evans| Date: Thu, 07 Jul 2022 06:17:00 -0700

Apple has struck a big blow against the mercenary “surveillance-as-a-service” industry, introducing a new, highly secure Lockdown Mode to protect individuals at the greatest risk of targeted attacks. The company is also offering millions of dollars to support research to expose such threats.

Starting in iOS 16, iPadOS 16 and macOS Ventura, and available now in the latest developer-only betas, Lockdown Mode hardens security defenses and limits the functionalities sometimes abused by state-sponsored surveillance hackers. Apple describes this protection as “sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.”

To read this article in full, please click here

Read more

FCC commissioner wants Apple, Google to remove TikTok from App Stores

Credit to Author: Jonny Evans| Date: Wed, 29 Jun 2022 05:34:00 -0700

FCC Commissioner Brendan Carr has written to Apple and Google to request that both companies remove the incredibly popular TikTok app from their stores, citing a threat to national security.

Is your data going TikTok?

Carr warns the app collects huge quantities of data and cited a recent report that claimed the company has accessed sensitive data collected from Americans. He argues that TikTok’s, “pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive U.S. data…puts it out of compliance,” with App Store security and privacy policies.

To read this article in full, please click here

Read more

Hermit spyware is deployed with the help of a victim’s ISP

Credit to Author: Jovi Umawing| Date: Wed, 29 Jun 2022 10:03:54 +0000

A new commercial spyware for governments, called Hermit, has spotted in the wild. It affects iOS and all Android versions.

The post Hermit spyware is deployed with the help of a victim’s ISP appeared first on Malwarebytes Labs.

Read more

The surveillance-as-a-service industry needs to be brought to heel

Credit to Author: Jonny Evans| Date: Fri, 24 Jun 2022 09:40:00 -0700

Here we go again: another example of government surveillance involving smartphones from Apple and Google has emerged, and it shows how sophisticated government-backed attacks can become and why there’s justification for keeping mobile platforms utterly locked down.

What has happened?

I don’t intend to focus too much on the news, but in brief it is as follows:

  • Google’s Threat Analysis Group has published information revealing the hack.
  • Italian surveillance firm RCS Labs created the attack.
  • The attack has been used in Italy and Kazakhstan, and possibly elsewhere.
  • Some generations of the attack are wielded with help from ISPs.
  • On iOS, attackers abused Apple’s enterprise certification tools that enable in-house app deployment.
  • Around nine different attacks were used.

The attack works like this: The target is sent a unique link that aims to trick them into downloading and installing a malicious app. In some cases, the spooks worked with an ISP to disable data connectivity to trick targets into downloading the app to recover that connection.

To read this article in full, please click here

Read more

Italian spyware firm is hacking into iOS and Android devices, Google says

Credit to Author: Shweta Sharma| Date: Fri, 24 Jun 2022 08:51:00 -0700

Google’s Threat Analysis Group (TAG) has identified Italian vendor RCS Lab as a spyware offender, developing tools that are being used to exploit zero-day vulnerabilities to effect attacks on iOS and Android mobile users in Italy and Kazakhstan.

According to a Google blog post on Thursday, RCS Lab uses a combination of tactics, including atypical drive-by downloads as initial infection vectors. The company has developed tools to spy on the private data of the targeted devices, the post said.

To read this article in full, please click here

Read more