Threats & Malware, Virus & Malware
April 25, 2023
Via: The Hacker NewsA financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. “[RustBucket] communicates with command and control (C2) servers to download and execute various payloads,” Jamf Threat Labs researchers Ferdous Saljooki and […]
Threats & Malware, Virus & Malware
April 18, 2023
Via: The Hacker NewsThreat actors behind the LockBit ransomware operation have developed new artifacts that can encrypt files on devices running Apple’s macOS operating system. The development, which was reported by the MalwareHunterTeam over the weekend, appears to be the first time a […]
Application security, Security
April 6, 2023
Via: Help Net SecurityGoogle Play will be pushing Android app developers to allow users to delete their account and associated data from within the app. Users will also be given the option to only delete data where applicable, as some data needs to […]
February 23, 2023
Via: The Hacker NewsTrojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. Jamf Threat Labs, which made the discovery, said the XMRig coin miner was executed by means of an unauthorized modification in Final Cut […]
Threats & Malware, Vulnerabilities
February 14, 2023
Via: Help Net SecurityApple has released security updates that fix a WebKit zero-day vulnerability (CVE-2023-23529) that “may have been actively exploited.” The bug has been fixed in iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3.1, and possibly also in tvOS 16.3.2 […]
Threats & Malware, Vulnerabilities
January 24, 2023
Via: The Hacker NewsApple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code […]
Threats & Malware, Vulnerabilities
December 20, 2022
Via: The Hacker NewsMicrosoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
December 14, 2022
Via: Security WeekApple announced on November 30 that an advisory for iOS 16.1.2 would be released in the coming days. The advisory was published two weeks later, on Patch Tuesday, and it’s unclear why the tech giant waited for so long to […]
December 8, 2022
Via: TechRadarApple has announced new features aimed at improving the cybersecurity protections for its customers, both consumers and businesses, including Security Keys, an ability to use third-party physical keys to protect data sitting in the iCloud platform. “For users who opt […]
Threats & Malware, Vulnerabilities
November 21, 2022
Via: Security WeekTracked as CVE-2022-26696 (CVSS score of 7.8), the security defect was identified and reported last year, with a patch available since the release of macOS Monterey 12.4 in May. In its advisory, Apple notes that the flaw allowed a sandboxed […]
Threats & Malware, Vulnerabilities
November 10, 2022
Via: Security WeekWritten in the C programming language and originally developed for the Gnome project, libxml2 is a software library for parsing XML documents. Tracked as CVE-2022-40303 and CVE-2022-40304, the two vulnerabilities could lead to remote code execution. Apple has credited Google […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
October 25, 2022
Via: The Hacker NewsTech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the identifier CVE-2022-42827, has been described as an out-of-bounds write […]
October 11, 2022
Via: Naked SecurityWe use Apple’s Mail app all day, every day for handling work and personal email, including a plentiful supply of very welcome Naked Security comments, questions, article ideas, typo reports, podcast suggestions and much more. We’ve always found the Mail […]
September 19, 2022
Via: Help Net SecurityApple has always touted the security and privacy capabilities of their devices. Being responsible for both the hardware and the associated OS has allowed Apple to create a closed-end approach to shield users against some common attacks. But it’s possible […]
Threats & Malware, Vulnerabilities
August 18, 2022
Via: Help Net SecurityApple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in the wild. About the vulnerabilities (CVE-2022-32894, CVE-2022-32893) CVE-2022-32894 is out-of-bounds write issue in the operating systems’ […]
August 3, 2022
Via: TechRadarApple has revealed more details on its plans to try and remove passwords from our daily lives with its new Passkeys tool. Despite announcing Passkeys at WWDC 2022 in June, the company has left us craving more and more information […]
Threats & Malware, Vulnerabilities
July 20, 2022
Via: The Hacker NewsApple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation […]
Threats & Malware, Vulnerabilities
June 13, 2022
Via: Security WeekPointer authentication (PA) is a mechanism to prevent the modification of pointers in memory using a cryptographic hash, or pointer authentication code (PAC). With the integrity of a pointer verified against the PAC, a crash is triggered if the values […]
June 7, 2022
Via: Help Net SecurityAt WWDC 2022, Apple has announced and previewed iOS 16 and iPad OS 16, macOS 13 (aka macOS Ventura), watchOS 9, their new M2 chips, new MacBook Air and Pro, as well as new tools, technologies, and APIs for developers […]
Threats & Malware, Vulnerabilities
May 17, 2022
Via: Security WeekThe exploited vulnerabilities, tracked as CVE-2022-22675 and CVE-2022-22674, were disclosed in late March. However, at the time, they were only patched in iOS, iPadOS and macOS Monterey, leaving Big Sur and Catalina users exposed. Apple has now patched CVE-2022-22675 with […]