Apple Archives - Page 2 of 8 - Cyber Security Minute

Apple fixed the 17th zero-day flaw exploited in attacks

Issued by: Security Affairs

Apple released emergency security updates to address a new zero-day vulnerability, tracked as CVE-2023-42824, that is exploited in attacks targeting iPhone and iPad devices. The vulnerability is a privilege escalation issue that resides in the Kernel, it was addressed with improved checks. “A local attacker may be able to elevate their privileges. Apple is aware…

Application Security

Apple Objects to UK Bill That Would Break Encrypted Messaging

Issued by: Dark Reading

Apple has joined more than 80 technology experts and organizations in an appeal to UK lawmakers to consider the broader privacy ramifications of pending legislation called the Online Safety Bill. The legislation, moving its way through Parliament, is intended to force accountability for technology platforms used to distribute child abuse materials. Platforms like iMessage and…

Malware & Threats

Chip Giant TSMC Blames $70M LockBit Breach on IT Hardware Supplier

Issued by: Dark Reading

Taiwan Semiconductor Manufacturing Company (TSMC) — one of Apple’s biggest semiconductor suppliers — on Friday blamed a third-party IT hardware supplier for a data breach that has exposed the company to a $70 million ransom demand from the LockBit ransomware group. In an emailed statement to Dark Reading, TSMC confirmed multiple reports about the security…

Malware & Threats

Experts found components of a complex toolkit employed in macOS attacks

Issued by: Security Affairs

Bitdefender researchers discovered a set of malicious files with backdoor capabilities that are suspected to be part of a sophisticated toolkit designed to target Apple macOS systems. The investigation is still ongoing, the experts pointed out that the samples are still largely undetected. The researchers analyzed a total of four samples that were uploaded to…

Software Security

Apple Debuts Its Rapid Response Security Update Approach

Issued by: Dark Reading

Apple rolled out the first of its kind Rapid Security Response update — quick fixes automatically installed on iPhones, iPads, and iMacs in-between software updates. On May 1, devices with default settings were updated with iOS 16.4.1, iPadOS 16.4.1, or macOS Ventura 13.3.1, according to the company’s notice to users, which contained few details. Rapid…

Vulnerabilities

Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads

Issued by: Naked Security

Last week, we warned about the appearance of two critical zero-day bugs that were patched in the very latest versions of macOS (version 13, also known as Ventura), iOS (version 16), and iPadOS (version 16). Zero-days, as the name suggests, are security vulnerabilities that were found by attackers, and put to real-life use for cybercriminal…

Vulnerabilities

Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days

Issued by: SecurityWeek

The newest iOS 16.4.1 and iPadOS 16.4.1 updates cover code execution software flaws in IOSurfaceAccelerator and WebKit, suggesting a complex exploit chain was detected in the wild hitting the latest iPhone devices. “Apple is aware of a report that this issue may have been actively exploited,” Cupertino says in a barebones advisory that credits Google…

Mobile Security

Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads

Issued by: Security Affairs

On December 2022, Apple released security updates to address a new zero-day vulnerability, tracked as CVE-2022-42856, that is actively exploited in attacks against iPhones. The IT giant released security bulletins for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1. Apple addressed the vulnerability with improved state handling for the iPhone 6s (all models),…

Software Security

Apple’s AirTag stalker safeguards are “woefully inadequate,” alleges lawsuit

Issued by: Malwarebytes

Two women filed a proposed class-action lawsuit on Monday, December 5, in the United States District Court for the Northern District of California against Apple, the makers of AirTags. Airtags are a small Bluetooth-enabled devices designed to track personal belongings. The suit accuses the company of failure to introduce measures to combat abuse of the…

Malware & Threats

Newsroom Sues NSO Group for Pegasus Spyware Compromise

Issued by: Dark Reading

Nearly two dozen journalists and other staffers working for El Faro, a digital newspaper based in El Salvador, are suing NSO Group for unleashing Pegasus spyware — malware they say was used to steal their most sensitive information, putting their safety in danger. Along with ASO Group Technologies, its Israeli parent company, Q Cyber Technologies…