Tag: Apple

April 25, 2023

A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. “[RustBucket] communicates with command and control (C2) servers to download and execute various payloads,” Jamf Threat Labs researchers Ferdous Saljooki and […]

April 18, 2023

Threat actors behind the LockBit ransomware operation have developed new artifacts that can encrypt files on devices running Apple’s macOS operating system. The development, which was reported by the MalwareHunterTeam over the weekend, appears to be the first time a […]

April 6, 2023

Google Play will be pushing Android app developers to allow users to delete their account and associated data from within the app. Users will also be given the option to only delete data where applicable, as some data needs to […]

February 23, 2023

Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. Jamf Threat Labs, which made the discovery, said the XMRig coin miner was executed by means of an unauthorized modification in Final Cut […]

February 14, 2023

Apple has released security updates that fix a WebKit zero-day vulnerability (CVE-2023-23529) that “may have been actively exploited.” The bug has been fixed in iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3.1, and possibly also in tvOS 16.3.2 […]

January 24, 2023

Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code […]

December 20, 2022

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), […]

December 14, 2022

Apple announced on November 30 that an advisory for iOS 16.1.2 would be released in the coming days. The advisory was published two weeks later, on Patch Tuesday, and it’s unclear why the tech giant waited for so long to […]

December 8, 2022

Apple has announced new features aimed at improving the cybersecurity protections for its customers, both consumers and businesses, including Security Keys, an ability to use third-party physical keys to protect data sitting in the iCloud platform. “For users who opt […]

November 21, 2022

Tracked as CVE-2022-26696 (CVSS score of 7.8), the security defect was identified and reported last year, with a patch available since the release of macOS Monterey 12.4 in May. In its advisory, Apple notes that the flaw allowed a sandboxed […]

November 10, 2022

Written in the C programming language and originally developed for the Gnome project, libxml2 is a software library for parsing XML documents. Tracked as CVE-2022-40303 and CVE-2022-40304, the two vulnerabilities could lead to remote code execution. Apple has credited Google […]

October 25, 2022

Tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the identifier CVE-2022-42827, has been described as an out-of-bounds write […]

October 11, 2022

We use Apple’s Mail app all day, every day for handling work and personal email, including a plentiful supply of very welcome Naked Security comments, questions, article ideas, typo reports, podcast suggestions and much more. We’ve always found the Mail […]

September 19, 2022

Apple has always touted the security and privacy capabilities of their devices. Being responsible for both the hardware and the associated OS has allowed Apple to create a closed-end approach to shield users against some common attacks. But it’s possible […]

August 18, 2022

Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in the wild. About the vulnerabilities (CVE-2022-32894, CVE-2022-32893) CVE-2022-32894 is out-of-bounds write issue in the operating systems’ […]

August 3, 2022

Apple has revealed more details on its plans to try and remove passwords from our daily lives with its new Passkeys tool. Despite announcing Passkeys at WWDC 2022 in June, the company has left us craving more and more information […]

July 20, 2022

Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation […]

June 13, 2022

Pointer authentication (PA) is a mechanism to prevent the modification of pointers in memory using a cryptographic hash, or pointer authentication code (PAC). With the integrity of a pointer verified against the PAC, a crash is triggered if the values […]

June 7, 2022

At WWDC 2022, Apple has announced and previewed iOS 16 and iPad OS 16, macOS 13 (aka macOS Ventura), watchOS 9, their new M2 chips, new MacBook Air and Pro, as well as new tools, technologies, and APIs for developers […]

May 17, 2022

The exploited vulnerabilities, tracked as CVE-2022-22675 and CVE-2022-22674, were disclosed in late March. However, at the time, they were only patched in iOS, iPadOS and macOS Monterey, leaving Big Sur and Catalina users exposed. Apple has now patched CVE-2022-22675 with […]