CIA


'CIA' Articles

Apple Says Many of the Vulnerabilities Detailed in 'Vault 7' Leaks Already Patched

Earlier today a new series of WikiLeaks leaks revealed the United States Central Intelligence Agency's efforts to hack iPhones. The leaks detail a number of iOS exploits that can be used to bypass security on devices. Tonight, Apple said in a statement provided to TechCrunch that most of the vulnerabilities detailed in the leaks have been patched. “Apple is deeply committed to safeguarding our customers’ privacy and security. The technology built into today’s iPhone represents the best data security available to consumers, and we’re constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates."Apple says its initial analyses indicates that many of the exploits detailed were patched in the latest version of iOS, and that it will continue to patch identified vulnerabilities. The Cupertino company closes by saying that it always urges users to download and install the latest version of iOS to ensure that they have the most recent security updates. The Vault 7 revelations aren't the first time the CIA has targeted Apple's mobile devices. In 2015 it was reported that the CIA worked on ways to compromise both iPhones

Leaked Documents Suggest CIA Work on Hacked Version of Xcode, OS X Installer Exploit

United States Central Intelligence Agency researchers have been working for years to crack the security of Apple's iPhone and iPad, and may have done so through the creation of a modified version of Xcode, Apple's software development tool designed for developers. According to secret documents obtained by The Intercept, at a 2012 "Jamboree" that focused on security flaws found in various electronics, CIA researchers outlined both a hacked version of Xcode and a modified OS X updater that could be used to install malicious software like keyloggers.The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could "force all iOS applications to send embedded data to a listening post." It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.The malicious version of Xcode could potentially be used to extract private data from devices that installed apps built by the hacked Xcode. Some of the things researchers said could be done with Xcode included installing "remote backdoors" in Mac apps, embedding an app developer's private key into iOS applications (letting the government masquerade as the targeted developer), forcing iOS apps to send data from an iPhone or iPad to a "listening post," and disabling core security features on iOS devices. None of the documents detail how the Xcode and OS X installer exploits have been used by the CIA, and they also don't state whether the efforts have been successful, but as