Apple silently fixed iOS zero-day without crediting the expet who reported it

Apple has silently addressed a zero-day vulnerability that could allow attackers to gain access to sensitive user data. Apple has silently addressed zero-day vulnerability with the release of iOS 15.0.2, the vulnerability could allow attackers gain access to sensitive user information. The flaw was reported to the IT giant by software developers Denis Tokarev seven […]

The post Apple silently fixed iOS zero-day without crediting the expet who reported it appeared first on Security Affairs.

October 14, 2021
Read More >>

Apple released emergency update to fix zero-day actively exploited

Apple released emergency updates for both iOS and iPadOS to address a zero-day flaw that is actively exploited in the wild. Apple has released iOS 15.0.2 and iPadOS 15.0.2 to address a zero-day flaw, tracked as CVE-2021-30883, that is actively exploited in the wild. The flaw is a critical memory corruption issue that resides in […]

The post Apple released emergency update to fix zero-day actively exploited appeared first on Security Affairs.

October 12, 2021
Read More >>

Multi-Factor Authentication Best Practices & Solutions

This post has been updated for 2021. Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. But even when passwords are secure, it’s not enough. Recently, hackers leaked 87,000 Fortinet VPN passwords, mostly from companies who hadn’t yet patched a two-year-old vulnerability. At this point, multi-factor […]

The post Multi-Factor Authentication Best Practices & Solutions appeared first on eSecurityPlanet.

October 5, 2021
Read More >>

New APT ChamelGang Targets energy and aviation companies in Russia

ChamelGang APT is a new cyberespionage group that focuses on fuel and energy organizations and aviation industry in Russia ChamelGang is a new APT group that was first spotted in March by researchers at security firm Positive Technologies, it targets Russian companies in the energy and aviation industry. In March, the cyberespionage group was observed leveraging […]

The post New APT ChamelGang Targets energy and aviation companies in Russia appeared first on Security Affairs.

October 4, 2021
Read More >>

Experts show how to make fraudulent payments using Apple Pay with VISA on locked iPhones

Security researchers devised a new attack method against iPhone owners using Apple Pay and Visa payment cards. Boffins from the University of Birmingham and the University of Surrey exploited a series of vulnerabilities in an attack against iPhone owners using Apple Pay and Visa payment cards. A team of researchers has demonstrated a new attack […]

The post Experts show how to make fraudulent payments using Apple Pay with VISA on locked iPhones appeared first on Security Affairs.

September 30, 2021
Read More >>

Popular Android apps with 142.5 million collective installs leak user data

14 top Android apps with 142.5 million installs are misconfigured, leaving their data exposed to unauthorized parties Original post @ https://cybernews.com/security/research-popular-android-apps-with-142-5-million-collective-downloads-are-leaking-user-data/ 14 top Android apps with 142.5 million installs are misconfigured, leaving their data exposed to unauthorized parties. Nine out of 14 popular Android apps are still potentially leaking the data of more than 30.5 […]

The post Popular Android apps with 142.5 million collective installs leak user data appeared first on Security Affairs.

September 30, 2021
Read More >>

Expert discloses new iPhone lock screen vulnerability in iOS 15

The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be fixed. The security researcher Jose Rodriguez (@VBarraquito) discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be addressed by Apple. A threat actor with physical access […]

The post Expert discloses new iPhone lock screen vulnerability in iOS 15 appeared first on Security Affairs.

September 29, 2021
Read More >>

GriftHorse malware infected more than 10 million Android phones from 70 countries

Security researchers uncovered a massive malware operation, dubbed GriftHorse, that has already infected more than 10 million Android devices worldwide. Security researchers from Zimperium have uncovered a piece of malware, dubbed GriftHorse, that has infected more than 10 million Android smartphones across more than 70 countries. According to the experts, the malware campaign has been […]

The post GriftHorse malware infected more than 10 million Android phones from 70 countries appeared first on Security Affairs.

September 29, 2021
Read More >>

ERMAC, a new banking Trojan that borrows the code from Cerberus malware

ERMAC is a new Android banking Trojan that can steal financial data from 378 banking and wallet apps. Researchers from Threatfabric found in July a new Android banking trojan dubbed ERMAC that is almost fully based on the popular banking trojan Cerberus. The source code of Cerberus was released in September 2020 on underground hacking […]

The post ERMAC, a new banking Trojan that borrows the code from Cerberus malware appeared first on Security Affairs.

September 28, 2021
Read More >>