Airmail has issued Vulnerability-related.PatchVulnerability an update today to patch Vulnerability-related.PatchVulnerability a vulnerability that security researchers said Vulnerability-related.DiscoverVulnerability could let malicious third parties access email databases and read a user ’ s messages . Security consulting firm Versprite outlined Vulnerability-related.DiscoverVulnerability the issue in a blog post this morning , noting how Airmail 3 uses both a custom URL scheme and a so-called “ deterministic ” file system location for email messages for any given account . Using those two pieces of information , a hacker could theoretically retrieve Attack.Databreach every one of a user ’ s messages through a phishing scheme Attack.Phishing that relies on that custom URL scheme . Airmail told The Verge that it ’ s already updated Vulnerability-related.PatchVulnerability the app in the Mac App store and through its direct download beta program to address Vulnerability-related.PatchVulnerability the issue , calling it a “ very hypothetical ” one . The version number is Airmail 3.6 , and it should be rolling out Vulnerability-related.PatchVulnerability over the course of the day if you don ’ t already have it now . The update is also listed on Airmail ’ s website , with the update note , “ Potential URL Scheme Vulnerability Fix . ”

A leaked arsenal of hacking tools allegedly belonging to the National Security Agency ( NSA ) shows the US spy agency infiltrated the servers of a major Pakistani cellular service provider . The data dump Attack.Databreach , publicly released by the ShadowBrokers hacking group earlier this week , includes alleged digital weapons and notes shared by NSA operators about their access inside the servers of a Pakistani mobile network . Notes contained in the massive dump Attack.Databreach of encrypted data , which is still being analysed by network security researchers , include details of how NSA used the exploits to infiltrate cellular operators in Pakistan . One snippet from the leak , several terabytes in size , includes at least 14 lines mentioning different servers operated by a major Pakistani cellular network . The snippet , analysed by a security researcher who goes by the name X0rz , appears to show NSA operators sharing a step-by-step technical guide on how to hack into the servers . `` Try one of the following…old way , may not work on new machines , '' says one section of the snippet . Another section appears to show methods to retrieve Attack.Databreach call logs of users of the Pakistani cellular service . `` If searching for LACs and cell id 's , use the format in the documentation…if searching for phone numbers , use the normal format , '' it says . Hundreds of NSA cyber weapons variants publicly released including code showing hacking of Pakistan mobile system https : //t.co/bL833ktQpm In a tweet , Wikileaks claimed the leaked `` NSA cyber weapons variants '' include `` code showing hacking of Pakistan mobile system '' . The data dump Attack.Databreach was publicly released earlier this week by the ShadowBrokers hacking group after it failed to auction the arsenal of hacking tools . In a lengthy anonymous blog post , the group claimed it was releasing the files as a `` form of protest '' after losing faith in the leadership of US President Donald Trump . ShadowBrokers had announced the auction for the alleged NSA cyber weapons in August last year . The authenticity of the code being NSA software was later confirmed by documents provided by whistleblower and former National Security Agency contractor Edward Snowden to the Intercept . In the leak Attack.Databreach of top-secret documents , Snowden released Attack.Databreach a classified draft NSA manual on how to implant the SECONDDATE malware – malicious code used to monitor or control someone else 's computer . The draft NSA manual contained instructions telling NSA operators to use a specific string of characters associated with the SECONDDATE malware program . The documents revealed at least `` two documented cases of SECONDDATE being used to successfully infect computers overseas '' including `` successful attacks against computer systems in…Pakistan . '' A report by The Intercept claimed NSA hackers used the malicious program to breach targets in Pakistan ’ s NTC VIP Division , which contained documents pertaining to `` the backbone of Pakistan ’ s Green Line communications network '' used by the `` civilian and military leadership '' .

Israeli mobile forensics firm Cellebrite has announced that it has suffered a data breach Attack.Databreach following an unauthorized access to an external web server . “ The impacted server included a legacy database backup of my.Cellebrite , the company ’ s end user license management system . The company had previously migrated to a new user accounts system . Presently , it is known that the information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system , ” the company stated , and added that it is still investigating the attack . They are also notifying affected customers , and advising them to change their passwords . The confirmation comes a few hours after Motherboard released Attack.Databreach general information about 900 GB of data that they obtained Attack.Databreach and has supposedly been stolen Attack.Databreach from the firm . The cache includes alleged usernames and passwords for logging into Cellebrite databases connected to the company ’ s my.cellebrite domain , ” the publication noted . “ The dump Attack.Databreach also contains what appears to be evidence files from seized mobile phones , and logs from Cellebrite devices ” . The hacker that shared the data with the publication and is apparently behind the breach also noted that access to the compromised servers has been traded among hackers in IRC chat rooms , so it ’ s possible that other persons have exfiltrated Attack.Databreach potentially sensitive data . “ The Cellebrite breach Attack.Databreach shows that anyone can be hacked , even firms whose bread and butter is data exfiltration Attack.Databreach . And Cellebrite isn ’ t the first organization of this type to be targeted – Hacking Team and Gamma International have both experienced similar attacks by groups opposed to government surveillance , ” Tony Gauda , CEO of ThinAir , commented for Help Net Security . “ While the 900 GB of data hasn ’ t been released publicly , it ’ s safe to assume that the information is highly sensitive . Besides customer information , the hackers managed to retrieve Attack.Databreach technical data , which could have serious repercussions if it were to fall into the wrong hands . Incidents such as this are the cyber equivalent of robbing a gun store , and I wouldn ’ t be surprised if the proprietary info stolen Attack.Databreach eventually made its way online . Demand for advanced hacking tools and techniques has never been higher and until these firms start securing their digital arsenals with technology capable of rendering data useless when it ’ s compromised , they will continue to find themselves in the crosshairs of hackers ” . Cellebrite ’ s name has become widely known after reports that the company has been asked for help to exfiltrate data Attack.Databreach from the locked iPhone belonging to Syed Farook , one of the San Bernardino shooters