Tag: Apple

May 17, 2022

The exploited vulnerabilities, tracked as CVE-2022-22675 and CVE-2022-22674, were disclosed in late March. However, at the time, they were only patched in iOS, iPadOS and macOS Monterey, leaving Big Sur and Catalina users exposed. Apple has now patched CVE-2022-22675 with […]

May 16, 2022

Researchers at three universities have unearthed a vulnerability in Apple Silicon used in Macs, iPhones, and iPads. While any vulnerability is a cause for alarm, the researchers state that the risk is “not that bad”. The weakness has been dubbed […]

May 6, 2022

Some of the world’s biggest tech companies have announced plans to try and remove the need for passwords for good. Apple, Google and Microsoft have joined forces to push the wider availability of passwordless logins in a major way, promoting […]

April 1, 2022

Apple rushed out patches for two zero-days affecting macOS and iOS Thursday, both of which are likely under active exploitation and could allow a threat actor to disrupt or access kernel activity. Apple released separate security updates for the bugs […]

February 11, 2022

Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple. About CVE-2022-22620 CVE-2022-22620 is a use after free issue in WebKit, the browser engine used in Safari and all iOS web browsers. Apple fixed it […]

February 8, 2022

A financially motivated campaign that targets Android devices and spreads mobile malware via SMS phishing techniques since at least 2018 has spread its tentacles to strike victims located in France and Germany for the first time. Dubbed Roaming Mantis, the […]

January 28, 2022

Apple’s software updates this week for multiple vulnerabilities in its macOS Monterey operating system, iOS, and iPadOS serve as the latest indication of security researchers’ and threat actors’ growing interest in its technologies. The flaws included one in macOS that […]

January 27, 2022

Just under two weeks ago, we wrote about an Apple Safari bug that could allow rogue website operators to track you even if they gave every impression of not doing so, and even if you had strict privacy protection turned […]

January 26, 2022

A security bod scored a $100,500 bug bounty from Apple after discovering a vulnerability in Safari on macOS that could have been exploited by a malicious website to potentially access victims’ logged-in online accounts – and even their webcams. Ryan […]

January 11, 2022

Tracked as CVE-2021-30970, the new security error, which Microsoft calls powerdir, allows an attacker to bypass the platform’s Transparency, Consent, and Control (TCC) technology and “potentially orchestrate an attack based on the user’s protected personal data.” Introduced in 2012, TCC […]

January 4, 2022

Some devices powered by Apple’s iOS software are vulnerable to a newly-discovered denial of service vulnerability named “doorLock”, but Apple doesn’t seem to be all that interested in fixing it, reports have claimed. The vulnerability, first discovered by security researcher […]

December 14, 2021

Amongst all the brouhaha about Log4Shell, it’s easy to forget all the other updates that surround us. Not only is it Patch Tuesday (keep your eye on our sister site news.sophos.com for the latest on that score later in the […]

November 16, 2021

Apple’s reputation on security has been taking a beating lately. As mentioned in some of our previous coverage, security researcher Joshua Long recently shone a light on problems with Apple’s security patching strategy. His findings showed a shocking number of […]

November 5, 2021

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of vulnerabilities, including from Apple, Cisco, Microsoft, and Google, that have known exploits and are being actively exploited by malicious cyber actors, in addition to requiring federal agencies […]

November 2, 2021

What browser do you use? There’s a good chance—roughly one in seven—that it’s Google Chrome. And even if you prefer a different browser, there’s a good chance that you’re using something that’s based on Google Chrome, such as Edge, Vivaldi, […]

October 29, 2021

Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security […]

October 27, 2021

On two consecutive days Apple has released a few important patches. iOS 14.8.1 comes just a month after releasing iOS 14.8 for those who didn’t want to update their iPhones to iOS 15. This update also came as a sort […]

October 15, 2021

Apple’s proposal to compel iPhone users to accept updates that would automatically and covertly search shared images for possible abuse material and send reports to Apple or law enforcement agencies are today condemned as unworkable, vulnerable to abuse, and a […]

September 14, 2021

Spyware developed by the company NSO Group is back in the news today after Apple released an emergency fix for iPhones, iPads, Macs, and Apple Watches. The update fixes a vulnerability silently exploited by software called Pegasus, which is often […]

September 7, 2021

After the uproar from users and privacy advocates about Apple’s controversial plans to scan users’ devices for photos and messages containing child abuse and exploitation media, the company has decided to put the brakes on the plan. If you may […]