A team of MIT CSAIL researchers recently disclosed PACMAN, “a novel hardware attack that can bypass Pointer Authentication (PAC) on the Apple M1 CPU.” The attack is based on speculative execution attacks to circumvent a central memory protection mechanism, known…
Apple recently previewed its latest macOS Ventura version, which is expected to be released this fall. The operating system introduces many improvements and new features, one of which the so-called Rapid Security Response. macOS Ventura Introduces Rapid Security Response The…
Apple has released a new report dedicated to its App Store, revealing that the company protected its customers from losing approximately $1.5 billion in fraudulent transactions. Altogether, Apple stopped more than 1.6 million suspicious apps and app updates from affecting…
macOS is generally believed to be bulletproof against malware attacks. Unfortunately, statistics reveal a different picture where Apple’s operating system is often found vulnerable. For instance, in 2017 security researchers detected an increase of 28.83 percent of total reported security…
A zero-day vulnerability in Macs and Apple watches has been fixed. The vulnerability, assigned the CVE-2022-22675 number, could have been exploited in the wild, Apple said. The flaw was most probably used in targeted attacks. However, applying the update immediately…
Apple recently released two emergency patches to fix two actively exploited zero-days in Apple’s macOS and iOS (reported anonymously). The company said the flaws have been exploited in the wild. The vulnerabilities have been fixed in iOS and iPadOS 15.4.1,…
Apple recently released new versions of its operating systems – iOS 15.3 and macOS Monterey 12.2, which contained a number of fixes, including two zero-days. CVE-2022-22587 The first zero-day is related to memory corruption, and could allow a malicious app…
Apple’s personal item-tracker devices, known as AirTag, can be exploited to deliver malware, cause clickjacking, steal user credentials and tokens, due to a zero-day XSS vulnerability. AirTag is an iPhone accessory that provides a private and secure way to easily…
Apple released updates for three zero-day flaws exploited in the wild. CVE-2021-30869, CVE-2021-30860, CVE-2021-30858 The first actively exploited zero-day flaw, CVE-2021-30869, has been fixed in updates for macOS Catalina and iOS 12. According to the official advisory, “a malicious application…
A zero-day vulnerability in macOS affecting Big Sur and prior versions has been discovered. The bug resides in macOS Finder system and could allow a remote attacker to trick users into running arbitrary commands. Apparently, there’s still no patch for…
There’s a new zero-day, zero-click vulnerability in all types of Apple devices, including Macs, iPhones, iPads, and WatchOS. The flaw has been called FORCEDENTRY. Related: The State of Apple’s Privacy So Far in 2021 How was the Apple FORCEDENTRY (CVE-2021-30860)…
A zero-day vulnerability in iOS, iPadOS, and macOS was just fixed with an urgent security update. Apple said the zero-day may have been exploited. CVE-2021-30807 Zero-Day Exploited in the Wild Known as CVE-2021-30807, the flaw is a memory corruption issue…
To the attention of Apple users – the company recently released out-of-band-security patches addressing two-zero days in iOS 12.5.3. The vulnerabilities may have been exploited in the wild, so patch your devices immediately. iOS 12.5.4 Fixes Three Bugs: CVE-2021-30737, CVE-2021-30761,…
To the attention of owners of Apple’s macOS and iOS devices: the Find My device function has been found vulnerable. The vulnerability could be exploited to transfer data to and from random passing devices, even without being connected to the…
A team of researchers from the Secure Mobile Networking Lab (SEEMOO) and the Cryptography and Privacy Engineering Group (ENCRYPTO) at TU Darmstadt discovered a severe privacy weakness in Apple’s wireless file-sharing protocol. The vulnerability could expose a user’s contact information,…
Are you a proud owner of an iPhone or iPad? You should know that it is highly likely for Apple to change how it delivers security updates to these devices. Specific code detected in iOS 14.5 indicates that Apple is…
In April, security researcher Bhavuk Jain discovered a zero-day vulnerability in Sign in with Apple that affected third-party applications using the feature without implementing their own security measures. According to the researcher, the Apple zero-day “could have resulted in a…
Apple has released 11 security advisories in May 2020 to different software components of their major operating systems (MacOS, iOS and WatchOS). Users of their products are urged to apply the security updates as soon as they are available. The…
(3) Viruses Has Been Detected on Your iPhone Scam (3) Viruses Has Been Detected on Your iPhone is a deceptive message that has been displayed by different shady websites. It is yet another online scam that targets iPhone users. The…
The next bug report is related to Facebook and Apple. Apparently, Facebook has just said it will fix a bug that unintentionally accesses the camera of an iPhone while the user is scrolling through the app’s News Feed. The issue…
