Latest news with #OligoSecurity
Daily Mirror
20-05-2025
- Daily Mirror
Everyone with an iPhone given 'important' advice - check your settings now
Apple users have been reminded to check their settings without delay. All Apple users must pay attention and make sure they update all of their devices without delay. This latest alert has been raised after security experts at Oligo discovered a number of flaws within Apple's AirPlay technology that could allows hackers to infect phones, tablets and laptops with worrying malware. The attack has been branded "AirBorne" and it's not something anyone should ignore. "The vulnerabilities and the attack vectors they enable have been named 'AirBorne' by Oligo Security researchers, as the attacks that they make possible are transmitted via wireless networks or peer–to-peer connections, and allow attackers to fully take over devices and use that access as a launchpad for further exploitation," the Oligo team explained. For those not aware, Apple's AirPlay system allows content to beamed to speakers and TVs wirelessly using Wi-Fi. However, it appears that this wire-free connectivity has also given cyber crooks a way to infect devices. Luckily, Apple has now fixed all of the bugs but it's vital that all users make sure their iPhones, iPads and MacBooks are fully updated with the very latest software. "Researchers have discovered a series of major security flaws in Apple AirPlay," Alanna Titterington from Kaspersky explained. "They've dubbed this family of vulnerabilities – and the potential exploits based on them – 'AirBorne'. The bugs can be leveraged individually or in combinations to carry out wireless attacks on a wide range of AirPlay-enabled hardware. "The most important thing you can do to protect yourself from AirBorne attacks is to update all your AirPlay-enabled devices." To make sure you are fully up to date, simply head to your Settings, then tap General and Software Update. Your device will show what downloads are impending or if your device is running the latest software. Although this latest attack sounds worrying you will be safe if you have the latest updates from Apple. It's also worth noting that a hack can only take place if the cyber crook is on the same Wi-Fi network which makes it very unlikely consumers will be affected. The only time Apple users might need to be alert is when using a public Wi-Fi network. "To pull off the attack, the adversary needs to be on the same network as the victim, which is realistic if, for example, the victim is connected to public Wi-Fi," Titterington added. For those still concerned, there are some other ways to avoid the issue. This includes disabling the AirPlay receiver if it is not in use., restrict AirPlay access and change the setting to 'Allow AirPlay for' to 'Current User'.
Daily Mail
19-05-2025
- Daily Mail
Urgent warning to iPhone users over Airplay feature
Hackers can hijack your iPhone , Mac, or even car through Apple's AirPlay, thanks to a devastating set of flaws dubbed 'AirBorne.' The team at Oligo Security discovered 23 vulnerabilities in AirPlay, which allows users to stream audio, video and photos from Apple devices to other smart devices. After discovering all those flaws, tech researchers revealed 17 different ways they could be exploited by hackers to remotely attack billions of devices that use wireless streaming technology. The 17 issues represent different ways hackers can exploit AirPlay, each requiring specific software fixes to protect devices from threats like remote takeovers, data theft, or malware spreading across networks . The 'AirBorne' flaws allow zero-click attacks, where hackers can harm devices without any user action, such as a macOS exploit that secretly replaces the Apple Music app with malicious code. Apple patched its devices with security updates like iOS 18.4, macOS Sequoia 15.4, and tvOS 18.4 on March 31. However, tens of millions of third-party AirPlay devices may remain vulnerable without timely manufacturer updates. To stay safe, disable AirPlay receivers in device settings and restrict access to 'Current User.' Installing security software on Apple devices further reduces risks from AirPlay's constant background broadcasting. With 1.8 billion iPhones and another 500 million AirPlay-compatible devices active globally, the threat of AirBorne's is massive, amplified by its ability to chain attacks across networks. The team at Oligo Security found that two of the flaws allowed attackers to weaponize iPhones, allowing them to 'do things like deploy malware that spreads to devices on any local network the infected device connects to.' AirBorne also targets smart speakers and CarPlay-enabled car infotainment systems, allowing hackers to execute harmful actions without the user interacting with their device. The attacks can act like a network worm, automatically spreading to other devices on networks like public Wi-Fi, putting more systems at risk. Combining updates, cautious settings, and security software is critical to thwart AirBorne's threats. An Apple spokesperson told that attackers can only exploit these flaws if they are on the same Wi-Fi network as the device they are targeting. According to Oligo, however, some third-party devices that are compatible with AirPlay may still be vulnerable if their manufacturers do not provide timely updates. For third-party devices using AirPlay, cybersecurity experts have urged users to check with their manufacturers for software updates regularly. 'Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch — or they will never be patched,' Elbaz told Wired. 'And it's all because of vulnerabilities in one piece of software that affects everything.' So, even if your Apple devices are up-to-date, that doesn't mean they're totally protected from hackers who may exploit these AirPlay vulnerabilities. While not every Apple device worldwide is vulnerable AirBorne, Apple stated in January 2025 that there are 2.35 billion active Apple devices across the globe. In 2018, Apple indicated that there were over 100 million active MacOS users globally. Oligo reported it tipped Apple off about the vulnerabilities last fall, which Apple did not take lightly and worked with the security firm to patch the flaw. The other vulnerabilities discovered allowed hackers to execute malicious code on a remote system from a remote location, potentially gaining unauthorized control. The team also uncovered a security mechanism that was not configured properly, along with a flaw that allowed cybercriminals to access and read sensitive data. When AirPlay is turned on, your device is constantly broadcasting and listening for AirPlay signals in the background, even when you're not actively using the feature. Disabling the AirPlay feature stops the device from doing this, removing the 'attack surface' - the access points through which hackers can take control of your device. To disable AirPlay on your iPhone, open the Settings app and tap 'General,' then 'AirPlay & Continuity.' At the top of the menu, you will see a tab called 'Automatically AirPlay.' Tap that, then select the 'Never' option to turn the feature off. Want more stories like this from the Daily Mail? Visit our profile page and hit the follow button above for more of the news you need.
Daily Mail
19-05-2025
- Daily Mail
Urgent warning to all 1.8 BILLION iPhone users: Turn off the auto feature NOW
Hackers can hijack your iPhone, Mac, or even car through Apple's AirPlay, thanks to a devastating set of flaws dubbed 'AirBorne.' The team at Oligo Security discovered 23 vulnerabilities in AirPlay, which allows users to stream audio, video and photos from Apple devices to other smart devices. After discovering all those flaws, tech researchers revealed 17 different ways they could be exploited by hackers to remotely attack billions of devices that use wireless streaming technology. The 17 issues represent different ways hackers can exploit AirPlay, each requiring specific software fixes to protect devices from threats like remote takeovers, data theft, or malware spreading across networks. The 'AirBorne' flaws allow zero-click attacks, where hackers can harm devices without any user action, such as a macOS exploit that secretly replaces the Apple Music app with malicious code. Apple patched its devices with security updates like iOS 18.4, macOS Sequoia 15.4, and tvOS 18.4 on March 31. However, tens of millions of third-party AirPlay devices may remain vulnerable without timely manufacturer updates. To stay safe, disable AirPlay receivers in device settings and restrict access to 'Current User.' Installing security software on Apple devices further reduces risks from AirPlay's constant background broadcasting. With 1.8 billion iPhones and another 500 million AirPlay-compatible devices active globally, the threat of AirBorne's is massive, amplified by its ability to chain attacks across networks. The team at Oligo Security found that two of the flaws allowed attackers to weaponize iPhones, allowing them to 'do things like deploy malware that spreads to devices on any local network the infected device connects to.' AirBorne also targets smart speakers and CarPlay-enabled car infotainment systems, allowing hackers to execute harmful actions without the user interacting with their device. The attacks can act like a network worm, automatically spreading to other devices on networks like public Wi-Fi, putting more systems at risk. Combining updates, cautious settings, and security software is critical to thwart AirBorne's threats. An Apple spokesperson told that attackers can only exploit these flaws if they are on the same Wi-Fi network as the device they are targeting. According to Oligo, however, some third-party devices that are compatible with AirPlay may still be vulnerable if their manufacturers do not provide timely updates. For third-party devices using AirPlay, cybersecurity experts have urged users to check with their manufacturers for software updates regularly. 'Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch — or they will never be patched,' Elbaz told Wired. 'And it's all because of vulnerabilities in one piece of software that affects everything.' So, even if your Apple devices are up-to-date, that doesn't mean they're totally protected from hackers who may exploit these AirPlay vulnerabilities. While not every Apple device worldwide is vulnerable AirBorne, Apple stated in January 2025 that there are 2.35 billion active Apple devices across the globe. In 2018, Apple indicated that there were over 100 million active MacOS users globally. Oligo reported it tipped Apple off about the vulnerabilities last fall, which Apple did not take lightly and worked with the security firm to patch the flaw. To prevent yourself from being hacked, you should make sure that the latest software is installed on all your Apple devices. You can also disable the AirPlay feature The other vulnerabilities discovered allowed hackers to execute malicious code on a remote system from a remote location, potentially gaining unauthorized control. The team also uncovered a security mechanism that was not configured properly, along with a flaw that allowed cybercriminals to access and read sensitive data. When AirPlay is turned on, your device is constantly broadcasting and listening for AirPlay signals in the background, even when you're not actively using the feature. Disabling the AirPlay feature stops the device from doing this, removing the 'attack surface' - the access points through which hackers can take control of your device. To disable AirPlay on your iPhone, open the Settings app and tap 'General,' then 'AirPlay & Continuity.' At the top of the menu, you will see a tab called 'Automatically AirPlay.' Tap that, then select the 'Never' option to turn the feature off.
Express Tribune
03-05-2025
- Express Tribune
Apple's AirPlay vulnerability "AirBorne" risks iPhones, Macs, and more
Listen to article Apple's popular AirPlay feature, which allows seamless streaming of music, photos, and videos between devices, has been flagged for a serious vulnerability, putting millions of users at risk. The flaw, identified by cybersecurity researchers as "AirBorne," could allow hackers to infiltrate iPhones, iPads, Macs, and third-party devices connected to the same Wi-Fi network, particularly in public places such as airports and coffee shops. AirPlay, which enables wireless sharing between Apple devices and compatible third-party products, now presents a significant security risk. Researchers at Oligo Security have uncovered 23 vulnerabilities within AirPlay's software, with two particularly alarming flaws allowing cybercriminals to deploy malware, intercept personal data, and even eavesdrop on private conversations. The AirBorne flaw affects not only Apple devices but also third-party gadgets like smart TVs, set-top boxes, and Bluetooth speakers that support AirPlay. While Apple released security updates for its devices in March 2025, third-party products often lag behind with updates, leaving millions of devices still exposed. Experts warn that hackers can exploit these vulnerabilities to execute malicious code, steal sensitive information, and cause device malfunctions. Cybersecurity expert Patrick Wardle pointed out that the lack of timely updates from third-party manufacturers could undermine user trust in Apple's ecosystem, as vulnerabilities remain unpatched in devices beyond Apple's control. To mitigate the risks posed by the AirPlay flaw, users are advised to take immediate action: Update all Apple devices to the latest software, including iPhones, iPads, and Macs. Update third-party devices like smart TVs and Bluetooth speakers to ensure they are patched with the latest security fixes. Disable AirPlay when not in use, especially on public or unsecured Wi-Fi networks. Be cautious of idle devices, which may still serve as entry points for hackers. Apple has already addressed the vulnerability in its iOS 18.4.1 update, which was released last month. To update your Apple device, simply navigate to Settings > General > Software Update and tap Update Now. With millions of devices still vulnerable to the flaw, experts stress the importance of securing not only Apple products but also the third-party devices that use AirPlay. As the threat persists, users are encouraged to remain vigilant and take proactive steps to safeguard their privacy and data.
Metro
02-05-2025
- Metro
Apple issues urgent warning to 1,800,000,000 iPhone users over popular feature
Experts have found a flaw in Apple iPhones that lets hackers worm their way into any device. Oligo Security discovered 23 vulnerabilities in AirPlay, which lets users stream from their iPhone, iPad or MacBook to devices via Wi-Fi. Gadgets AirPlay works with include Apple TV, HomePod, smart TVs, speakers or receivers. Two of these security holes allow attackers to infect a device with malware that then spreads to all the other gadgets on the same Wi-Fi network. Oligo named these weaknesses 'AirBorne' as they ' allow attackers to fully take over devices and use that access as a launchpad for further exploitation'. These vulnerabilities, with the very catchy names of CVE-2025-24252 and CVE-2025-24132, pave the way for cyber crooks to carry out 'other sophisticated attacks', such as espionage or ransomware. Think hackers executing malicious code to gain control, steal your personal information, eavesdrop on conversations or crash the device. CarPlay, which combines iPhone programmes, including maps, messages and music, into a single interface, is also impacted, the researchers found. Attackers could carry out what is called a 'remote code execution attavck', so they can deploy malware and steal data. 'Using the WiFi hotspot in the CarPlay device, an attacker could execute an RCE attack given that they are in close proximity to the CarPlay unit,' Oligo said. 'If the device has a default, predictable or known Wi-Fi hotspot password, it is possible to gain access and then execute the RCE. Hackers, however, can only exploit these bugs when they are on the same Wi-Fi network as the device they are targeting. As AirPlay works with third-party devices, of which there are tens of millions of, Oligo says iPhones may still be vulnerable if the manufacturer hasn't updated. Don't worry, though. There's a good chance that your Apple device is shielded from these nasty bugs. Apple added the necessary patches on April 28 to its March update, iOS 18.4 and iPadOS 18.4, having worked with Oligo. Check your phone to see if it's updated to keep yourself protected. For peace of mind, only toggle on AirPlay when you actually need it. When it's on, the device is always on the look out for AirPlay signals, making it a viable 'attack surface'. Get in touch with our news team by emailing us at webnews@ For more stories like this, check our news page. MORE: Fortnite coming back to iOS if Apple accepts 'peace proposal' from Epic Games MORE: Apple issue urgent update warning for thousands of iPhone users after 'extremely sophisticated attack' MORE: Apple flew 1,500,000 iPhones to the USA to beat Donald Trump's tariffs
