Technovage Solution Co., Ltd’s Post

Uncover the mystery behind the alleged breach of Apple's internal tools by the notorious group IntelBroker. What secrets lie within? Allegedly, a group called 'IntelBroker' breached Apple's internal tools, leading to the leak of the source code on a dark web forum. Among the tools affected by the breach is AppleConnect-SSO, an authentication system utilized by Apple employees. Apple and AMD, both targeted by IntelBroker, are conducting investigations to verify the claims made regarding the breach. The authenticity of the breach remains uncertain, as dark web posters frequently make false claims in an attempt to sell fake data. #DataBreach #AppleSecurity #IntelBroker #SourceCodeLeak #DarkWebForum #AppleConnectSSO #AuthenticationSystem #Investigation #AMD #FraudulentData

𝗜𝗻 𝘁𝗼𝗱𝗮𝘆'𝘀 𝗱𝗶𝗴𝗶𝘁𝗮𝗹 𝗮𝗴𝗲, 𝗲𝗻𝗰𝗿𝘆𝗽𝘁𝗶𝗻𝗴 𝗖𝗨𝗜 𝗼𝗻 𝗺𝗼𝗯𝗶𝗹𝗲 𝗱𝗲𝘃𝗶𝗰𝗲𝘀 𝗮𝗻𝗱 𝗰𝗼𝗺𝗽𝘂𝘁𝗶𝗻𝗴 𝗽𝗹𝗮𝘁𝗳𝗼𝗿𝗺𝘀 𝗶𝘀 𝗲𝘀𝘀𝗲𝗻𝘁𝗶𝗮𝗹 Our newest short provides key insights on implementing BitLocker and drive encryption effectively. Watch now to ensure your data is secure and compliant. #DataSecurity #Compliance #Encryption 📱💻🔒

𝗜𝗻 𝘁𝗼𝗱𝗮𝘆'𝘀 𝗱𝗶𝗴𝗶𝘁𝗮𝗹 𝗮𝗴𝗲, 𝗲𝗻𝗰𝗿𝘆𝗽𝘁𝗶𝗻𝗴 𝗖𝗨𝗜 𝗼𝗻 𝗺𝗼𝗯𝗶𝗹𝗲 𝗱𝗲𝘃𝗶𝗰𝗲𝘀 𝗮𝗻𝗱 𝗰𝗼𝗺𝗽𝘂𝘁𝗶𝗻𝗴 𝗽𝗹𝗮𝘁𝗳𝗼𝗿𝗺𝘀 𝗶𝘀 𝗲𝘀𝘀𝗲𝗻𝘁𝗶𝗮𝗹 Our newest short provides key insights on implementing BitLocker and drive encryption effectively. Watch now to ensure your data is secure and compliant. #DataSecurity #Compliance #Encryption 📱💻🔒

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys: A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent prefetcher (DMP) to target constant-time cryptographic implementations and capture sensitive data https://lnkd.in/ggnw6PUQ

Good to see Apple finally adopting an improved privacy standard for iMessage, but they're only rolling keys every 50 messages in order to save on overhead, since their protocol is super inefficient. WhiteStar Chat/Society rolls on every packet because we have more efficient cryptography technology, apart from being also more secure by avoiding use of third-party servers and storing data in a secure file system under encryption at-rest, as well as storing encryption keys always locally on-device. Still, it's always good to see the big guys up their game a bit.

Looks like #Siri and #AppleIntelligence can become a biggest #security threat to #Apple #ecosystem (if not became already!)
1. Integrations require context access. Namely — private data. 
2. To serve well Siri must know what, why, and when you do. Therefore it will be a challenge to collect the context without revealing location and ask to the service layers. 
3. Analysis of messages and emails. While it is promised to process only locally — the API layer would be needed between data and Siri. Possible attacker could trick the app to give out the data to a fake Siri on request. 

PALO MyDATA Widescreen Privacy Filter for Laptops PALO computer privacy filter makes it difficult or impossible for someone to see the screen without being directly in front of it thereby prevent wandering eyes from absorbing confidential information. Its anti-glare feature reduces the strain on eye thereby helping you work longer. #palo #privacyfilter #widescreenlaptopfilter

Encryption and Its Impact on Mobile Forensics! The widespread use of encryption on mobile devices like smartphones and tablets has created significant challenges for mobile forensics investigations. Learnmore >> https://zurl.co/Do5J #DigitalForensics #MobilePhoneForensics

📣 From our Science and Technology Vault: 🕵️♂️ 👉 Are you a MAC User? 👈 Hold onto your hats because some seriously clever security researchers have uncovered a mind-blowing vulnerability lurking in the latest Apple Macs powered by the M1, M2, and M3 chips. 😱 This isn’t your run-of-the-mill security glitch – we’re talking about a flaw that could give attackers the keys to your digital kingdom. With just a foot in the door, they could potentially waltz right into your sensitive data vaults, nabbing everything from your bank deets to your favourite app logins. 🏦🔒 Here’s the kicker: there’s no quick fix for this one. Yup, you heard that right. The only way to patch this baby up is by ditching your current machine for one packing the latest chip – whenever Apple decides to drop it. 🕰️💻 But fear not, there’s a silver lining. This exploit requires physical access to your Mac. So, unless you’re sharing your desk with a shady character, you’re probably safe… for now. 🤞 But hey, better safe than sorry, right? Keep those software downloads on lockdown, double-check who’s got their paws on your precious Mac, and maybe, just maybe, consider spreading your tech wings beyond the Apple orchard. Your wallet might just thank you later. 💸 To learn more jump into our Science & Technology vault on SQUIZZ.com https://lnkd.in/geNJPe83 #squizz #Totecs #science #technology #StaySafe #TechTalk

Unpatchable Vulnerability in Apple’s M-Series Chips Leaks Secret Encryption Keys ⛔ The danger lies within the prefetcher of the chips, which relies on data memory and predicts the addresses of data that the running code is expected to access soon. This hardware optimization, abbreviated as DMP, anticipates future needs by loading data into the CPU cache ahead of time, thereby decreasing latency between the CPU and main memory, which is often a bottleneck in contemporary computing. DMPs are a recent development present in M-series chips and Intel’s 13th-generation Raptor Lake microarchitecture, although earlier versions of prefetchers have been widely used for years. The exploit, dubbed GoFetch by researchers, operates through an application that doesn't necessitate root access, only the standard user privileges typical of most third-party apps on macOS. M-series chips are segmented into clusters; for instance, the M1 comprises two clusters, one housing four efficiency cores and the other four performance cores. GoFetch can extract sufficient secrets to compromise a secret key as long as both the GoFetch app and the cryptography app it targets are operating within the same performance cluster, even if they're on different cores within that cluster. This attack is effective against both traditional encryption algorithms and a newer generation of encryption designed to resist anticipated threats from quantum computers. GoFetch can extract a 2048-bit RSA key in less than an hour and a 2048-bit Diffie-Hellman key in just over two hours. It takes approximately 54 minutes to extract the necessary data for a Kyber-512 key and around 10 hours for a Dilithium-2 key, excluding the offline processing time required for raw data. The GoFetch app communicates with the targeted app, providing inputs for signing or decryption. Simultaneously, it extracts the secret key used by the app for these cryptographic operations. This method eliminates the need for the targeted app to execute any cryptographic functions during the data collection phase. more details: https://lnkd.in/diM65K6A https://gofetch.fail/ https://lnkd.in/dR2M_k8r #security #devsecops #hackingthehackers