At WWDC 2022, Apple has announced and previewed iOS 16 and iPad OS 16, macOS 13 (aka macOS Ventura), watchOS 9, their new M2 chips, new MacBook Air and Pro, as well as new tools, technologies, and APIs for developers focusing on Apple’s platforms…
Tag: iOS
Security Vendor News
Apple patches zero-day kernel hole and much more – update now!
by Paul Ducklin •
You’ll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.
Malware Indicators (IoCs), Vulnerabilities
New iPhone Zero-Click Bug Exploited In Pegasus Attacks Against Catalans
by Abeerah Hashim •
The Citizen Lab has uncovered another iPhone zero-click bug that NSO exploited to deploy their…
New iPhone Zero-Click Bug Exploited In Pegasus Attacks Against Catalans on Latest Hacking News.
Europe, Global Security News, North America
Truths and Myths of Privacy, Fake Shopping Apps, Borat RAT Malware
by Tom Eston •
Scott and Tom explain why privacy isn’t dead, why should everyone should care about their privacy, and how you should respond to someone that says “I don’t care about privacy, I have nothing to hide!”. Plus, details on a new attack using fake shopping …
Security Vendor News
S3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
by Paul Ducklin •
Latest episode – listen now! Cybersecurity news and advice in plain English.
Europe, Global Security News, North America
Google Android vs Apple iOS: Which is Better for Privacy and Cybersecurity?
by Tom Eston •
This week we battle it out between the two mobile tech giants, Google Android vs Apple iOS, and discuss which one is better for your privacy and cybersecurity. Topics include: app stores and OS updates, ad tracking, and native text messaging. All this …
Global Security News, North America
How hard is it to address Apple’s in-app deletion requirements and implement privacy compliance?
by Help Net Security •
Transcend released the results of its latest survey of technology decision makers, which assessed their readiness for Apple’s in-app deletion requirements for iOS apps that offer account creation. The findings show that 71 percent of companies surveyed…
Security Vendor News
Beware bogus Betas – cryptocoin scammers abuse Apple’s TestFlight system
by Paul Ducklin •
“Install this moneymaking app” – this one is so special that it isn’t available on Google Play or the App Store!
Security Vendor News
Apple patches 87 security holes – from iPhones and Macs to Windows
by Paul Ducklin •
Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.
Security Vendor News
The Wearable Future Is Hackable. Here’s What You Need To Know
by McAfee •
Quick mental math challenge: How many Apple Watches can you buy with $118 billion dollars? If you guessed around 296…
The post The Wearable Future Is Hackable. Here’s What You Need To Know appeared first on McAfee Blog.
Security Vendor News
Apple zero-day drama for Macs, iPhones and iPads – patch now!
by Paul Ducklin •
Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now…
Global Security News, North America
Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)
by Zeljka Zorz •
Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple. About CVE-2022-22620 CVE-2022-22620 is a use after free issue in WebKit, the browser engine used in Safari and all iOS web browsers. Apple fixed it in …
Europe, Global Security News, North America
JumpCloud Q1 Product Roadmap Webinar Recap
by David Worthington •
JumpCloud’s 2022 Q1 product roadmap webinar focused on how the platform will streamline the entire process of managing the user lifecycle
The post JumpCloud Q1 Product Roadmap Webinar Recap appeared first on JumpCloud.
The post JumpCloud Q1 Product Roa…
Global Security News, North America
February 2022 Patch Tuesday forecast: A rough start for 2022
by Help Net Security •
January 2022 Patch Tuesday was a rough one for Microsoft — and us. In the week following Patch Tuesday, Microsoft was forced to pull and subsequently re-issue several updates for Windows Server 2012, 2019, and 2022, as well as Windows 10 and 11. There …
Security Vendor News
Apple fixes Safari data leak (and patches a zero-day!) – update now
by Paul Ducklin •
That infamous “supercookie” bug in Safari has now been fixed. Oh, and there was a zero-day kernel hole as well.
Uncategorized
Update now! Apple pushes out security patches for iPhone and Mac zero-day vulnerabilities
by Graham Cluley •
Apple has released urgent security updates for its customers, following the discovery of zero-day vulnerabilities that can be used to hack into iPhones, iPads, and Macs.
Security Vendor News
S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]
by Paul Ducklin •
Latest epsiode – listen now!
Global IT News
Canadian government launches new mental health support companion app
by Tom Li •
The Canadian government has launched PocketWell, a companion app to the Wellness Together Canada (WTC) online platform, to support mental health and combat substance abuse. The PocketWell app helps users better track their mental health status over time and provides quick access to counselling services free of charge. In order to track users’ mental well-being, […]
The post Canadian government launches new mental health support companion app first appeared on IT World Canada.
Malware Indicators (IoCs)
NoReboot iOS Attack Prevents Your iPhone From Turning Off Or Reboot
by Abeerah Hashim •
Researchers have demonstrated how a creative hacker can manipulate iPhone users into keeping their devices…
NoReboot iOS Attack Prevents Your iPhone From Turning Off Or Reboot on Latest Hacking News.
Europe, Global Security News, North America
Faking an iPhone Reboot
by Bruce Schneier •
Researchers have figured how how to intercept and fake an iPhone reboot:
We’ll dissect the iOS system and show how it’s possible to alter a shutdown event, tricking a user that got infected into thinking that the phone has been powered off, but in fac…
Malware Indicators (IoCs), Vulnerabilities
Researcher Found ‘doorLock’ DoS Bug In Apple HomeKit
by Abeerah Hashim •
A researcher has recently disclosed a DoS bug in Apple HomeKit which he coined ‘doorLock.’…
Researcher Found ‘doorLock’ DoS Bug In Apple HomeKit on Latest Hacking News.
Security Vendor News
Apple Home software bug could lock you out of your iPhone
by Paul Ducklin •
The finder of this bug insists it “poses a serious risk”. We’re not so sure, but we recommend you take steps to avoid it anyway.
Europe, Global Security News, North America
December ’21 Newsletter
by JumpCloud •
From new features and funding, to investments in team and platform resiliency, we’ve spent 12 months improving the way we Make (Remote) Work Happen®.
The post December ’21 Newsletter appeared first on JumpCloud.
The post December ’21 Newsletter appeare…
Europe, Global Security News, North America
NSO Zero-Click Exploit: Turing-Complete CPU in Image File
by Richi Jennings •
Researchers have reverse engineered NSO group’s recent zero-click iPhone exploit. And it’s a doozy.
The post NSO Zero-Click Exploit: Turing-Complete CPU in Image File appeared first on Security Boulevard.
Uncategorized
FluBot malware warning after 70,000 attacks launched over SMS
by Graham Cluley •
Finland’s National Cyber Security Centre has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware.
Read more in my article on the Tr…
Malware Indicators (IoCs)
Apple Fixes Critical Bugs, Including A Zero-Day, With Latest iOS 14.8.1
by Abeerah Hashim •
The Cupertino giant has recently rolled out major update for those users who haven’t upgraded…
Apple Fixes Critical Bugs, Including A Zero-Day, With Latest iOS 14.8.1 on Latest Hacking News.
Global Security News, North America
Apple fixes security feature bypass in macOS (CVE-2021-30892)
by Zeljka Zorz •
Apple has delivered a barrage of security updates for most of its devices this week, and among the vulnerabilities fixed are CVE-2021-30892, a System Integrity Protection (SIP) bypass in macOS, and CVE-2021-30883, an iOS flaw that’s actively expl…
Europe, Global Security News, North America
A solução de problemas em dispositivos móveis ficou muito mais fácil
by Nayla Loik •
Você já se sentiu como se seu smartphone fosse seu inimigo jurado? Como quando você não consegue acessar aquele arquivo realmente importante ou quando aquela aplicação incômoda continua travando. Ou que tal aquele processo de instalação tedioso e demor…
Security Vendor News
Apple ships Monterey with security updates, fixes 0-day in Watch and TV products, updates iDevices
by Paul Ducklin •
A slew of security bulletins from Apple HQ, including 37 bugs listed as fixed in the initial public release of macOS Monterey.
Security Vendor News
S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast]
by Paul Ducklin •
Latest episode – listen now!
Security Vendor News
Romance scams with a cryptocurrency twist – new research from SophosLabs
by Paul Ducklin •
Romance scams and dating site treachery with a new twist – “there’s an app for that!”
Security Vendor News
Apple quietly patches yet another iPhone 0-day – check you have 15.0.2
by Paul Ducklin •
Oops!… They did it again.
Security Vendor News
How to steal money via Apple Pay using the “Express Transit” feature
by Paul Ducklin •
Could a rogue vendor with a dodgy payment terminal rip you off via Apple Pay? Maybe. Here’s what to do about it.
Malware Indicators (IoCs)
Apple iCloud Private Relay Service Glitch Exposes Users’ Real IP Addresses
by Abeerah Hashim •
The latest iOS 15 from Apple has gained much attention due to numerous privacy enhancements.…
Apple iCloud Private Relay Service Glitch Exposes Users’ Real IP Addresses on Latest Hacking News.
Malware Indicators (IoCs)
Disgruntled Researcher Publicly Disclosed Three iOS Zero-Day Bugs As Apple Delayed Patches
by Abeerah Hashim •
Annoyed after the slow response from Apple, a researcher has publicly dropped three iOS zero-day…
Disgruntled Researcher Publicly Disclosed Three iOS Zero-Day Bugs As Apple Delayed Patches on Latest Hacking News.
Security Vendor News
iOS 15 launches with 22 documented security patches – including a Face ID bypass using a “3D model”
by Paul Ducklin •
Fake heads! (Cue dystopian scifi music.)
Europe, Global Security News, North America
iMessage Zero-Click Exploit, Leaked Guntrader Firearms Data, 60 Million Fitness Tracking Records Exposed
by Tom Eston •
The latest on the iMessage Zero-Click exploit that affects Apple iOS, MacOS and WatchOS devices (update your Apple devices now!), the names and home addresses of 111,000 British firearm owners have been dumped online, and details on over 60 million fit…
Malware Indicators (IoCs)
Apple Patched FORCEDENTRY Bug That NSO Exploited Against iPhone Users
by Abeerah Hashim •
The Cupertino giant has recently released software updates for almost all its products. These updates…
Apple Patched FORCEDENTRY Bug That NSO Exploited Against iPhone Users on Latest Hacking News.
Uncategorized
Smashing Security podcast #243: Breaking news, Apple zero-clicks, and bad blood
by Graham Cluley •
A Walmart press release says it’s jumping aboard the cryptocurrency bus – but is it true? Theranos’s Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack?
All this and much mo…
Europe, Global Security News, North America
Update Your Apple Devices to Guard Against Pegasus Spyware Attacks
by Sam Curry •
Apple issued an emergency update yesterday for a critical vulnerability discovered in its iPhones, Apple Watches, and Mac computers. Researchers at Citizen Lab discovered a no-click zero-day exploit that works on all Apple devices that do not hav…