Revealing the Limitations of Apple DeviceCheck and Apple App Attest

Revealing the Limitations of Apple DeviceCheck and Apple App Attest

This overview outlines the history and use of Apple DeviceCheck including the DeviceCheck App Attest feature. It will highlight how this security solution is used and highlight some limitations. We also compare ...
Protect Your iPhone from Theft: Stolen Device Protection Explained!

Secure Your iPhone: Exploring Stolen Device Protection

In this episode, host Tom Eston provides a detailed explanation of the ‘Stolen Device Protection’ for iPhones – a new security feature by Apple. This feature triggers enhanced security factors such as ...
Biggest iPhone Exploit Ever & Google's $5 Billion Dollar Settlement

Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App

In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The ...
Apple CEO Tim Cook, with superimposed text: “No Such Agency”

NSA iPhone Backdoor? Apple Avoids Russian Blame Game

“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard
Password Security for the Elderly: Tips and Best Practices

Password Security for the Elderly: Tips and Best Practices

In episode 308, we discuss the often overlooked topic of password management for the elderly. Addressing the commonly held belief that writing down passwords is a bad idea, we discuss the nuances ...
A closeup of an iPhone, lying screen down on a table

#iLeakage: All Apple CPUs Vulnerable — No Patch in Sight

Son of Spectre: No fix for iOS, “unstable” workaround for macOS ...
Security Boulevard
Ahmed El-Tantawy

More iOS Zero-Days, More Mercenary Spyware — This Time: Cytrox Predator

Apple Scrambled to Fix 3 More CVEs: Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government ...
Security Boulevard
A man has fallen asleep on top of his books and papers

‘BLASTPASS’ iPhone Exploit — Apple Asleep at the Switch

Zero click, zero day, zero clue: Yet another iOS zero-day lets NSO’s Pegasus “mercenary spyware” cause chaos ...
Security Boulevard
ARM64 Reversing And Exploitation Part 4 – Using mprotect() to bypass NX Protection | 8kSec Blogs

ARM64 Reversing And Exploitation Part 4 – Using mprotect() to bypass NX Protection | 8kSec Blogs

Introduction Hello everyone! In this blog post, we’ll be exploring how to use mprotect() to bypass NX protection on ARM64. But before we get into the details, there are a few things ...
Android SELinux Internals Part I | 8kSec Blogs

Android SELinux Internals Part I | 8kSec Blogs

This is part I of a 2 part series on Android SELinux Internals where we will do a deepdive into the world of SELinux on Android and understand its inner workings, along ...