 Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
January 13, 5:48 PM
|
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
System Integrity Protection (SIP), or 'rootless,' is a macOS security feature that prevents malicious software from altering specific folders and files by limiting the root user account's powers in protected areas. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
November 19, 2024 4:28 PM
|
Apple rushes out out major macOS and iOS security updates to cover a pair of vulnerabilities already being exploited in the wild.
|
|
Scooped by
Gust MEES
October 18, 2024 4:53 PM
|
Unauthorized data access vulnerability in macOS is detailed by Microsoft
Posted: October 18, 2024 by Pieter Arntz
The Microsoft Threat Intelligence team disclosed details about a macOS vulnerability, dubbed “HM Surf,” that could allow an attacker to gain access to the user’s data in Safari. The data the attacker could access without users’ consent includes browsed pages, along with the device’s camera, microphone, and location. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
July 4, 2024 8:15 AM
|
Des failles de sécurité critiques ont été découvertes au sein d’un outil open source impliqué dans la création de millions d’apps iOS et macOS. Ces vulnérabilités, restées inconnues pendant près de dix ans, permettent de voler des données sensibles, comme des numéros de cartes de crédit. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
November 27, 2023 1:21 PM
|
Nutzer von Apple-Computern sind derzeit im Visier von Cyber-Kriminellen. Wie "Malwarebytes" berichtet, läuft aktuell eine Kampagne unter dem Namen ClearFake. Dabei soll Schadsoftware auf den Rechnern der Opfer installiert werden.
Die Betrüger tarnen die Malware dabei als Update für die Browser Safari und Chrome. Diese angeblichen Updates werden auf bereits kompromittierten Websites angeboten. Wenn man der Installation zustimmt, wird aber keine Browseraktualisierung heruntergeladen, sondern die Malware. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
September 14, 2023 3:45 PM
|
|
|
Scooped by
Gust MEES
September 12, 2023 10:03 AM
|
Apple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to infect iOS devices with NSO's Pegasus spyware.
CVE-2023-31064 is a remote code execution flaw that is exploited by sending maliciously crafted images via iMessage. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
August 14, 2023 8:33 AM
|
Der Sicherheitsforscher Patrick Wardle machte auf der Defcon-Hackerkonferenz in Las Vegas auf mehrere Schwachstellen im Background-Task-Management (BTM) von macOS aufmerksam. Wie aus einem Bericht von Wired hervorgeht, soll es Angreifern damit möglich sein, Apples Warnsystem zu umgehen und so eine persistente Schadsoftware auf einem Mac zu installieren, ohne dass der Benutzer dies mitbekommt. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
June 1, 2023 8:19 AM
|
Microsoft hat eine kritische Sicherheitslücke im macOS entdeckt, die Hackern leichten Zugang zu den wichtigsten Daten Ihres Macs ermöglichen könnte. Die als "Migraine" bezeichnete Sicherheitslücke zeigt, warum es äußerst wichtig ist, Ihren Mac so schnell wie möglich zu aktualisieren.
"Migraine" ist deshalb so gefährlich, weil sie den System Integrity Protection (SIP) von Apple umgehen kann. SIP wird standardmäßig auf modernen Macs aktiviert und schützt sensible Teile des Computers vor externen Eingriffen.
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
May 2, 2023 9:12 AM
|
This is new. For the very first time, Apple has released a Rapid Security Response (RSR) update to iPhone users, with a corresponding RSR for the Mac. It represents a change in how Apple will launch smaller updates—as indicated by the number of this one. After iOS 16.4.1, you might legitimately have expected iOS 16.4.2 as the small update before iOS 16.5 lands.
But no, we now have a letter, and even parentheses, to attach to the numbers: here comes Apple iOS 16.4.1 (a). Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
April 13, 2023 8:16 AM
|
Über manipulierte Kalendereinträge konnten Angreifer inzwischen mehrmals Spionagesoftware auf die iPhones ihrer Opfer laden. Wie Sicherheitsexperten von Microsoft und Citizen Lab herausgefunden haben, handelt es sich dabei um einen sogenannten Zero-Click-Exploit. Die Malware wird dabei installiert, ohne dass das Opfer auf einen Link klicken oder Rechte freigeben muss. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
March 28, 2023 12:52 PM
|
|
|
Scooped by
Gust MEES
February 24, 2023 3:24 PM
|
|
|
|
Scooped by
Gust MEES
November 20, 2024 12:58 PM
|
|
|
Scooped by
Gust MEES
October 18, 2024 5:00 PM
|
Microsoft: macOS Vulnerability Potentially Exploited in Adware Attacks
The Adload macOS adware potentially exploits a privacy bypass vulnerability resolved in Sequoia 15 last month.
Microsoft on Thursday warned of a recently patched macOS vulnerability potentially being exploited in adware attacks.
The issue, tracked as CVE-2024-44133, allows attackers to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and access user data. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
October 7, 2024 10:13 AM
|
|
|
Scooped by
Gust MEES
February 12, 2024 10:57 AM
|
|
|
Scooped by
Gust MEES
September 14, 2023 3:49 PM
|
Apple released emergency security updates to fix two new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 13 exploited zero-days patched since the start of the year.
"Apple is aware of a report that this issue may have been actively exploited," the company revealed in security advisories describing the security flaws.
The bugs were found in the Image I/O and Wallet frameworks and are tracked as CVE-2023-41064 (discovered by Citizen Lab security researchers) and CVE-2023-41061 (discovered by Apple). Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
September 12, 2023 5:15 PM
|
A new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from Intel-based macOS computers.
MetaStealer, not to be confused with the 'META' info-stealer that saw some popularity last year, is a Go-based malware capable of evading Apple's built-in antivirus tech XProtect, targeting business users. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
September 6, 2023 9:15 AM
|
A security researcher caused something of a kerfuffle during the Def Con 2023 hacking conference in Las Vegas last month. Some attendees with iPhones were shocked to see an Apple pop-up notification asking them to connect to a nearby Apple TV device using their Apple ID credentials. Not least, as some of the hackers on the receiving end of these Bluetooth-powered prompts were running with Bluetooth disabled. Or so they thought. Now, another security researcher has demonstrated a similar hack that uses a readily available hacking device to spam nearby iPhones with pop-up notifications and effectively execute a denial of service attack. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
July 12, 2023 8:12 AM
|
Utilisateurs d’un iPhone, d’une tablette ou d’un ordinateur Mac, à vos mises à jour ! Le fabricant Apple vient de publier des correctifs pour ces différents produits, à la suite de la découverte d’une faille (CVE-2023-37450) dans le moteur de navigation WebKit par un chercheur en sécurité anonyme. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
May 2, 2023 10:10 AM
|
The "rapid" security fixes are designed to quickly patch security flaws under active exploitation by hackers. Apple on Monday released its first batch of publicly available “rapid security” patches, aimed at quickly fixing security vulnerabilities that are under active exploitation or pose significant risks to its customers.
According to a notice, the so-called Rapid Security Response updates “deliver important security improvements between software updates.”
Rapid Security Responses were introduced to allow Apple customers to update their devices faster than a typical software update takes. Apple says the feature is enabled by default, and some rapid patches can be installed without rebooting, though not always. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
April 16, 2023 7:09 AM
|
Last week, we warned about the appearance of two critical zero-day bugs that were patched in the very latest versions of macOS (version 13, also known as Ventura), iOS (version 16), and iPadOS (version 16).
Zero-days, as the name suggests, are security vulnerabilities that were found by attackers, and put to real-life use for cybercriminal purposes, before the Good Guys noticed and came up with a patch. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
March 28, 2023 3:50 PM
|
Apple’s latest update blast is out, including an extensive range of security patches for all devices that Apple officially supports.
There are fixes for iOS, iPadOS, tvOS and watchOS, along with patches for all three supported flavours of macOS, and even a special update to the firmware in Apple’s super-cool external Studio Display monitor.
Apparently, if you’re running macOS Ventura and you’ve hooked your Mac up to a Studio Display, just updating the Ventura operating system itself isn’t enough to secure you against potential system-level attacks.
According to Apple’s bulletin, a bug in the display screen’s own firmware could be abused by an app running on your Mac “to execute arbitrary code with kernel privileges. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
March 27, 2023 7:38 AM
|
A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices.
Dubbed MacStealer, it's the latest example of a threat that uses Telegram as a command-and-control (C2) platform to exfiltrate data. It primarily affects devices running macOS versions Catalina and later running on M1 and M2 CPUs.
"MacStealer has the ability to steal documents, cookies from the victim's browser, and login information," Uptycs researchers Shilpesh Trivedi and Pratik Jeware said in a new report. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=MacStealer
|
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
System Integrity Protection (SIP), or 'rootless,' is a macOS security feature that prevents malicious software from altering specific folders and files by limiting the root user account's powers in protected areas.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security