Browsing tag
Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below – CVE-2022-32893 – An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web […]
Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system. The malware, codenamed CloudMensis by Slovak cybersecurity firm ESET, is said to exclusively use public cloud storage services such as pCloud, Yandex Disk, and Dropbox for receiving attacker commands and exfiltrating files. “Its capabilities clearly show that the […]
Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple’s operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. “An attacker could take advantage of this sandbox escape vulnerability to gain elevated privileges on the affected device or execute malicious commands like installing additional payloads,” […]
Apple on Wednesday announced it plans to introduce an enhanced security setting called Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura to safeguard high-risk users against “highly targeted cyberattacks.” The “extreme, optional protection” feature, now available for preview in beta versions of its upcoming software, is designed to counter a surge in threats […]
A novel hardware attack dubbed PACMAN has been demonstrated against Apple’s M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems. It leverages “speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity,” […]
A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. “Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure to host its various payloads and perform its […]
A previously unknown zero-click exploit in Apple’s iMessage was used to install mercenary spyware from NSO Group and Candiru against at least 65 individuals as part of a “multi-year clandestine operation.” “Victims included Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organizations,” the University of Toronto’s Citizen Lab said […]
Researchers have disclosed details of a newly discovered macOS variant of a malware implant developed by a Chinese espionage threat actor known to strike attack organizations across Asia. Attributing the attacks to a group tracked as Storm Cloud, cybersecurity firm Volexity characterized the new malware, dubbed Gimmick, as a “feature-rich, multi-platform malware family that uses […]
Apple on Thursday released security updates for iOS, iPadOS, macOS, and Safari to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company’s third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component […]
Apple on Wednesday released iOS 15.3 and macOS Monterey 12.2 with a fix for the privacy-defeating bug in Safari, as well as to contain a zero-day flaw, which it said has been exploited in the wild to break into its devices. Tracked as CVE-2022-22587, the vulnerability relates to a memory corruption issue in the IOMobileFrameBuffer […]
Apple on Wednesday rolled out software updates for iOS and iPadOS to remediate a persistent denial-of-service (DoS) issue affecting the HomeKit smart home framework that could be potentially exploited to launch ransomware-like attacks targeting the devices. The iPhone maker, in its release notes for iOS and iPadOS 15.2.1, termed it as a “resource exhaustion issue” […]
If you have recently started using macOS Monterey here are some of the issues and their solutions you need to be aware of. Apple’s macOS Monterey was released recently and Mac users were excited to update their operating system and enjoy its new features. Some of its latest features are improved Safari, FaceTime, and the […]
The IT security researchers at Google have declared the NSO zero-click iMessage exploit as “Terrifying.” Google Project Zero’s (GPZ) Ian Beer and Samuel Groß have shared details on a new exploit developed by the NSO Group that allows users (high-profile clients) of its software to access any iPhone and install spyware even when the victim […]
It has been revealed that NSO Group’s Pegasus malware was used to spy on U.S. government officials over the past few months. The iPhones of 9 U.S. state department officials were targeted with surveillance software. The officials were either in Uganda or working on projects linked to Uganda. The perpetrators of the attack are yet to […]
Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. federal court holding it accountable for illegally targeting users with its Pegasus surveillance tool, marking yet another setback for the Israeli spyware vendor. The Cupertino-based tech giant painted NSO Group as “notorious hackers — amoral 21st century mercenaries who have […]
Microsoft recently discovered a critical security vulnerability in macOS, which as per Microsoft 365 Defender Research team’s researcher Jonathan Bar-Or, could have been used to install a rootkit on targeted Macbooks. The vulnerability was identified in System Integrity Protection (SIP) within the macOS ecosystem. Research suggests it could allow attackers to install a hardware interface […]
Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions. Dubbed “Shrootless” and tracked as CVE-2021-30892, the “vulnerability lies in how Apple-signed packages with […]
The new variant of UpdateAgent malware is also capable of dropping adware against macOS. The IT security researchers at Microsoft Security Intelligence have discovered a new variant of UpdateAgent (aka WizardUpdate) malware targeting Mac devices. UpdateAgent was originally discovered in November 2020 targeting macOS. New variant, new capabilities, new adware In a series of tweets, […]
iPhone boot loop has become more prominent following the recent iOS upgrades. Worse, you might even experience an iPhone black screen – Let’s dig deeper into how to solve these two issues. It can be quite mood-wracking when you reboot your phone only to have it caught in a loop. Regardless, what you can take […]
According to security researcher Bobby Raunch, the attack exploits the way Lost Mode of AirTags is set up. Although Apple’s Bluetooth-enabled item trackers called AirTags are pretty helpful as you can attach important objects like wallets or keys to prevent them from going missing, they are still vulnerable to hacking and not entirely trustworthy. According […]
Mac computers often have hidden files that you can’t see. Find out the practical ways to find and view the articles with ease in this article. Macbooks often have files, directories, and folders in the system backend that maintain smooth functionalities. These files are sensitive and might cause severe system issues if the user alters, […]