More results...
Apple disputing tests by watchdog that showed radio frequency exposure was higher than permittedApple is facing a ban on the sale and potential recall of its iPhone 12 in France, as the US company contests a report that the smartphone exceeds radio fre…
Enterprise macOS users are being targeted by attackers slinging new information-stealing malware dubbed MetaStealer. The MetaStealer malware MetaStealer is delivered within malicious disk image format (.dmg) files. The names of the files – such a…
Make sure you update your iPhones:
Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones.
The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061, allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachments containing malicious images.
“We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,” Citizen Lab …
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do.
Trua is integrating its Smart Wallet with the Apple Wallet, providing users an added way to securely share their verified digital identity. This seamless integration of Trua’s Smart Wallet with Apple Wallet opens up new avenues for people to mana…
U.S. CISA adds vulnerabilities in Apple devices exploited to install NSO Group’s Pegasus spyware on iPhones to Known Exploited Vulnerabilities Catalog US Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog. The two flaws, tracked as CVE-2023-41064 and CVE-2023-41061, were used to install NSO […]
The post CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.
It’s a cat-and-mouse struggle as tech giants Microsoft and Apple deal with persistent threats from China state actors and Pegasus spyware.
Apple shares fall as local government and state-owned firms latest to face restrictions on devices at workChina’s government has reportedly expanded its ban of iPhones to local government workers and state-owned companies, a day after it emerged centra…
Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interact…
Two Zero-Day flaws have been discovered on Apple Devices affecting macOS, iOS, and iPadOS. The vulnerabilities involve an arbitrary code execution and a buffer overflow. Reports indicate that these vulnerabilities are being actively exploited. This is …