Your new post is loading...
Your new post is loading...
For a very long time, Apple and its pseudo-religious user-base prided itself on being a platform free of malware; those days are inarguably and unequivocally over. Its emergence as the early winner...
|
Scooped by
Gust MEES
February 12, 10:57 AM
|
|
Scooped by
Gust MEES
September 14, 2023 3:49 PM
|
Apple released emergency security updates to fix two new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 13 exploited zero-days patched since the start of the year.
"Apple is aware of a report that this issue may have been actively exploited," the company revealed in security advisories describing the security flaws.
The bugs were found in the Image I/O and Wallet frameworks and are tracked as CVE-2023-41064 (discovered by Citizen Lab security researchers) and CVE-2023-41061 (discovered by Apple). Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
September 12, 2023 5:15 PM
|
A new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from Intel-based macOS computers.
MetaStealer, not to be confused with the 'META' info-stealer that saw some popularity last year, is a Go-based malware capable of evading Apple's built-in antivirus tech XProtect, targeting business users. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
September 6, 2023 9:15 AM
|
A security researcher caused something of a kerfuffle during the Def Con 2023 hacking conference in Las Vegas last month. Some attendees with iPhones were shocked to see an Apple pop-up notification asking them to connect to a nearby Apple TV device using their Apple ID credentials. Not least, as some of the hackers on the receiving end of these Bluetooth-powered prompts were running with Bluetooth disabled. Or so they thought. Now, another security researcher has demonstrated a similar hack that uses a readily available hacking device to spam nearby iPhones with pop-up notifications and effectively execute a denial of service attack. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
July 12, 2023 8:12 AM
|
Utilisateurs d’un iPhone, d’une tablette ou d’un ordinateur Mac, à vos mises à jour ! Le fabricant Apple vient de publier des correctifs pour ces différents produits, à la suite de la découverte d’une faille (CVE-2023-37450) dans le moteur de navigation WebKit par un chercheur en sécurité anonyme. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
May 2, 2023 10:10 AM
|
The "rapid" security fixes are designed to quickly patch security flaws under active exploitation by hackers. Apple on Monday released its first batch of publicly available “rapid security” patches, aimed at quickly fixing security vulnerabilities that are under active exploitation or pose significant risks to its customers.
According to a notice, the so-called Rapid Security Response updates “deliver important security improvements between software updates.”
Rapid Security Responses were introduced to allow Apple customers to update their devices faster than a typical software update takes. Apple says the feature is enabled by default, and some rapid patches can be installed without rebooting, though not always. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
April 16, 2023 7:09 AM
|
Last week, we warned about the appearance of two critical zero-day bugs that were patched in the very latest versions of macOS (version 13, also known as Ventura), iOS (version 16), and iPadOS (version 16).
Zero-days, as the name suggests, are security vulnerabilities that were found by attackers, and put to real-life use for cybercriminal purposes, before the Good Guys noticed and came up with a patch. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
March 28, 2023 3:50 PM
|
Apple’s latest update blast is out, including an extensive range of security patches for all devices that Apple officially supports.
There are fixes for iOS, iPadOS, tvOS and watchOS, along with patches for all three supported flavours of macOS, and even a special update to the firmware in Apple’s super-cool external Studio Display monitor.
Apparently, if you’re running macOS Ventura and you’ve hooked your Mac up to a Studio Display, just updating the Ventura operating system itself isn’t enough to secure you against potential system-level attacks.
According to Apple’s bulletin, a bug in the display screen’s own firmware could be abused by an app running on your Mac “to execute arbitrary code with kernel privileges. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
March 27, 2023 7:38 AM
|
A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices.
Dubbed MacStealer, it's the latest example of a threat that uses Telegram as a command-and-control (C2) platform to exfiltrate data. It primarily affects devices running macOS versions Catalina and later running on M1 and M2 CPUs.
"MacStealer has the ability to steal documents, cookies from the victim's browser, and login information," Uptycs researchers Shilpesh Trivedi and Pratik Jeware said in a new report. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=MacStealer
|
Scooped by
Gust MEES
February 14, 2023 8:29 AM
|
Apple has just released updates for all supported Macs, and for any mobile devices running the very latest versions of their respective operating systems.
In version number terms:
iPhones and iPads on version 16 go to iOS 16.3.1 and iPadOS 16.3.1 respectively (see HT213635). Apple Watches on version 9 go to watchOS 9.3.1 (no bulletin). Macs running Ventura (version 13) go to macOS 13.2.1 (see HT213633). Macs running Big Sur (version 11) and Monterery (12) get an update dubbed Safari 16.3.1 (see HT213638). Oh, and tvOS gets an update, too, although Apple’s TV platform confusingly goes to tvOS 16.3.2 (no bulletin). Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
January 8, 2023 7:12 AM
|
Une nouvelle version du malware Dridex cible actuellement les Mac pour se propager sur un grand nombre d'ordinateurs.
Le malware Dridex est déjà connu par les utilisateurs de PC Windows, mais c'est la première fois que ce logiciel malveillant s'attaque à macOS. Pour ce faire, les hackers ont changé le mode de fonctionnement pour parvenir à leurs fins. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
December 3, 2022 10:25 AM
|
It’s just under a month since iOS 16.1.1 came out for Apple iPhone users, fixing a pair of bugs that were listed with the worrying words “a remote user may be able to cause unexpected app termination or arbitrary code execution”.
Both macOS 13 Ventura and iPadOS got updated at the same time, with a pair of security bulletins published on Apple’s web site.
Now, there’s another security update, apparently moving iPhone users only up to version iOS 16.1.2. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
|
Scooped by
Gust MEES
July 4, 8:15 AM
|
Des failles de sécurité critiques ont été découvertes au sein d’un outil open source impliqué dans la création de millions d’apps iOS et macOS. Ces vulnérabilités, restées inconnues pendant près de dix ans, permettent de voler des données sensibles, comme des numéros de cartes de crédit. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
November 27, 2023 1:21 PM
|
Nutzer von Apple-Computern sind derzeit im Visier von Cyber-Kriminellen. Wie "Malwarebytes" berichtet, läuft aktuell eine Kampagne unter dem Namen ClearFake. Dabei soll Schadsoftware auf den Rechnern der Opfer installiert werden. Die Betrüger tarnen die Malware dabei als Update für die Browser Safari und Chrome. Diese angeblichen Updates werden auf bereits kompromittierten Websites angeboten. Wenn man der Installation zustimmt, wird aber keine Browseraktualisierung heruntergeladen, sondern die Malware. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
September 14, 2023 3:45 PM
|
|
Scooped by
Gust MEES
September 12, 2023 10:03 AM
|
Apple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to infect iOS devices with NSO's Pegasus spyware.
CVE-2023-31064 is a remote code execution flaw that is exploited by sending maliciously crafted images via iMessage. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
August 14, 2023 8:33 AM
|
Der Sicherheitsforscher Patrick Wardle machte auf der Defcon-Hackerkonferenz in Las Vegas auf mehrere Schwachstellen im Background-Task-Management (BTM) von macOS aufmerksam. Wie aus einem Bericht von Wired hervorgeht, soll es Angreifern damit möglich sein, Apples Warnsystem zu umgehen und so eine persistente Schadsoftware auf einem Mac zu installieren, ohne dass der Benutzer dies mitbekommt. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
June 1, 2023 8:19 AM
|
Microsoft hat eine kritische Sicherheitslücke im macOS entdeckt, die Hackern leichten Zugang zu den wichtigsten Daten Ihres Macs ermöglichen könnte. Die als "Migraine" bezeichnete Sicherheitslücke zeigt, warum es äußerst wichtig ist, Ihren Mac so schnell wie möglich zu aktualisieren. "Migraine" ist deshalb so gefährlich, weil sie den System Integrity Protection (SIP) von Apple umgehen kann. SIP wird standardmäßig auf modernen Macs aktiviert und schützt sensible Teile des Computers vor externen Eingriffen. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
May 2, 2023 9:12 AM
|
This is new. For the very first time, Apple has released a Rapid Security Response (RSR) update to iPhone users, with a corresponding RSR for the Mac. It represents a change in how Apple will launch smaller updates—as indicated by the number of this one. After iOS 16.4.1, you might legitimately have expected iOS 16.4.2 as the small update before iOS 16.5 lands.
But no, we now have a letter, and even parentheses, to attach to the numbers: here comes Apple iOS 16.4.1 (a). Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
April 13, 2023 8:16 AM
|
Über manipulierte Kalendereinträge konnten Angreifer inzwischen mehrmals Spionagesoftware auf die iPhones ihrer Opfer laden. Wie Sicherheitsexperten von Microsoft und Citizen Lab herausgefunden haben, handelt es sich dabei um einen sogenannten Zero-Click-Exploit. Die Malware wird dabei installiert, ohne dass das Opfer auf einen Link klicken oder Rechte freigeben muss. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
March 28, 2023 12:52 PM
|
|
Scooped by
Gust MEES
February 24, 2023 3:24 PM
|
|
Scooped by
Gust MEES
January 23, 2023 3:45 PM
|
Apple has backported security patches addressing a remotely exploitable zero-day vulnerability to older iPhones and iPads.
This bug is tracked as CVE-2022-42856, and it stems from a type confusion weakness in Apple's Webkit web browser browsing engine.
Apple said that the flaw discovered by Clément Lecigne of Google's Threat Analysis Group allows maliciously crafted webpages to perform arbitrary code execution (and likely gain access to sensitive information) on vulnerable devices. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
December 25, 2022 11:14 AM
|
La vulnérabilité Achilles, découverte par Microsoft, a été comblée par Apple dans les récentes mises à jour de macOS Ventura, Monterey et Big Sur.
Enregistrée dans la National Vulnerability Database sous la référence CVE-2022-42821, la faille Achilles a été découverte par Microsoft en juillet dernier. (crédit : Microsoft) Ceux qui n’ont pas mis à jour leur ordinateur Mac avec la dernière version de Ventura, Monterey ou Big Sur, devraient se dépêcher de le faire. En effet, un méchant bug découvert par Microsoft et corrigé dans les mises à jour livrées par Apple la semaine dernière pourrait être utilisé par un attaquant pour contourner les protections de sécurité strictes du constructeur et installer des logiciels malveillants sur les ordinateurs Mac. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Scooped by
Gust MEES
November 20, 2022 10:04 AM
|
App developers and security researchers Tommy Mysk and Talal Haj Bakry from the software company Mysk recently found that iOS sends "every tap you make" to Apple from inside one of the company's own apps. According to the developers, attempts to turn this data collection off, such as selecting the Settings option "disable the sharing of Device Analytics altogether" did not affect the data from being sent. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
|
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security