Tag: apple

Tim Cook’s Tim Cook stepping down from Apple

Jul 9, 2025 6:39 PM

Tags: apple

Operations king Jeff Williams abdicates just don’t give him a watch First seen on theregister.com Jump to article: www.theregister.com/2025/07/08/apple_coo_williams_retiring/
ClickFix-Attacken bedrohen Unternehmenssicherheit

Jul 8, 2025 4:34 PM

Tags: access, apple, awareness, cyberattack, detection, endpoint, exploit, intelligence, Internet, linux, mail, malware, microsoft, open-source, phishing, powershell, ransomware, social-engineering, spam, threat, tool, windows

Cyberkriminelle greifen immer häufiger auf ClickFix-Angriffe zurück.Weniger bekannt als Phishing ist die Social-Engineering-Methode ClickFix. Ziel solcher Attacken ist es, die Opfer dazu zu bewegen, bösartige Befehle in Tools wie PowerShell oder die Windows-Eingabeaufforderung einzufügen. Die Angriffe beginnen in der Regel, nachdem ein Benutzer eine kompromittierte oder bösartige Website besucht oder einen betrügerischen Anhang oder Link…
Atomic macOS Info-Stealer Updated with New Backdoor for Persistent Access

Jul 8, 2025 1:34 PM

Tags: access, apple, backdoor, cyber, cybersecurity, macOS, malware, update

The Atomic macOS Stealer (AMOS), a notorious piece of info-stealing malware targeting Apple users, has undergone a significant update, introducing an embedded backdoor for the first time. This development, reported by Moonlock a cybersecurity division of MacPaw marks a critical escalation in the malware’s capabilities, allowing attackers to maintain persistent access to compromised macOS systems.…
macOS SMBClient Flaw Enables Remote Code Execution and Kernel Crashes

Jul 8, 2025 10:34 AM

Tags: apple, cyber, flaw, macOS, remote-code-execution, risk, vulnerability

A critical vulnerability has been discovered in Apple’s macOS SMBClient, exposing millions of users to the risk of remote code execution (RCE) and potentially catastrophic kernel crashes. Tracked as CVE-2025-24269, this flaw is rated with a CVSS score of 9.8, marking it as one of the most severe security issues to affect the macOS platform in recent…
End of life for Microsoft Office puts malicious macros in the security spotlight

Jul 8, 2025 9:34 AM

Tags: api, apple, attack, business, macOS, malicious, microsoft, network, office, tool, windows

Attack Surface Reduction rules to abide by: Implementing Attack Surface Reduction rules can greatly limit the scope and impact of most malicious macros.If you’ve completely disabled macros in your organization, then ASR rules are not needed. But if you still rely on macros, the following rules are worth setting:Block all Office applications from creating child…
New Fake Marketplace From China Mimics Top Retail Brands for Fraud

Jul 3, 2025 8:34 PM

Tags: apple, china, data, finance, fraud, marketplace, phishing, scam

Silent Push exposes thousands of fake e-commerce websites spoofing major brands like Apple and Michael Kors. Learn how this Chinese phishing scam targets shoppers and steals financial data, impacting global consumers. First seen on hackread.com Jump to article: hackread.com/china-fake-marketplace-mimics-top-retail-brands-fraud/
Beware of Fake Chinese E-Commerce Sites Imitating Apple, Wrangler, and Exploiting Payment Services like MasterCard and PayPal

Jul 3, 2025 7:34 PM

Tags: apple, attack, china, cyber, exploit, finance, marketplace, phishing, service, threat

A sophisticated phishing campaign, initially spotlighted by Mexican journalist Ignacio GÃ³mez VillaseÃ±or, has evolved into a sprawling global threat, as revealed by Silent Push Threat Analysts. What began as a targeted attack on Spanish-language audiences during Mexico’s “Hot Sale 2025” an annual sales event akin to Black Friday has expanded into a massive fake marketplace…
North Korean crypto thieves deploy custom Mac backdoor

Jul 3, 2025 12:35 AM

Tags: apple, apt, attack, backdoor, control, crime, crypto, cyberespionage, data, detection, email, finance, government, group, hacker, infection, injection, macOS, malicious, malware, north-korea, programming, rust, theft, threat, update

North Korean threat actors are targeting companies from the Web3 and crypto industries with a backdoor designed for macOS written in niche programming language Nim. The attackers are also using AppleScript for early stage payloads, including a fake Zoom update.”North Korean-aligned threat actors have previously experimented with Go and Rust, similarly combining scripts and compiled…
China-linked hackers spoof big-name brand websites to steal shoppers’ payment info

Jul 2, 2025 9:34 PM

Tags: apple, china, credit-card, hacker, phishing

The campaign uses thousands of phishing websites that mimic the design and product listings of retailers like Apple, Nordstrom and Hermes to trick people into entering their credit card information. First seen on therecord.media Jump to article: therecord.media/china-linked-hackers-website-phishing
Kraken ransomware alleges hack of leading Apple reseller

Jul 1, 2025 10:34 PM

Tags: apple, ransomware

First seen on scworld.com Jump to article: www.scworld.com/brief/kraken-ransomware-alleges-hack-of-leading-apple-reseller
Apple Wallet just went full Bono (but with Brad Pitt this time)

Jul 1, 2025 3:34 PM

Tags: apple, iphone

Apple has spammed millions of iPhones with a promotion for Brad Pitt’s new (Apple-backed) F1 movie. First seen on grahamcluley.com Jump to article: grahamcluley.com/apple-wallet-just-went-full-bono-but-with-brad-pitt-this-time/
GDPR violations prompt Germany to push Google and Apple to ban DeepSeek AI

Jul 1, 2025 2:34 PM

Tags: ai, apple, data, GDPR, germany, google

Germany asked Google and Apple to remove DeepSeek AI from their app stores, citing GDPR violations over unlawful data collection and transfers to China. The Berlin Commissioner for Data Protection requested Google and Appleto remove the DeepSeek AI app from their app stores due to GDPR violations. On May 6, 2025, Berlin’s Data Protection Commissioner…
Proton bashes Apple and joins antitrust suit that seeks to throw the App Store wide open

Jul 1, 2025 9:33 AM

Tags: apple, control, privacy

Makes the usual complaints about control and cost, adds argument Apple’s practices harm privacy First seen on theregister.com Jump to article: www.theregister.com/2025/07/01/proton_lawsuit_apple/
Apple ID, credit card details targeted by CapCut phishing

Jun 30, 2025 11:34 PM

Tags: apple, credit-card, phishing

First seen on scworld.com Jump to article: www.scworld.com/brief/apple-id-credit-card-details-targeted-by-capcut-phishing
Germany asks Google, Apple to remove DeepSeek AI from app stores

Jun 30, 2025 9:33 PM

Tags: ai, apple, data, GDPR, germany, google

The Berlin Commissioner for Data Protection has formally requested Google and Apple to remove the DeepSeek AI application from the application stores due to GDPR violations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/germany-asks-google-apple-remove-deepseek-ai-from-app-stores/
Germany asks Google, Apple remove DeepSeek AI from app stores

Jun 30, 2025 8:33 PM

Tags: ai, apple, data, GDPR, germany, google

The Berlin Commissioner for Data Protection has formally requested Google and Apple to remove the DeepSeek AI application from the application stores due to GDPR violations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/germany-asks-google-apple-remove-deepseek-ai-from-app-stores/
Germany Urges Apple and Google to Ban Chinese AI App DeepSeek Over Privacy Concerns

Jun 30, 2025 3:33 PM

Tags: ai, apple, china, cyber, data, germany, google, privacy, regulation

Berlin’s data protection commissioner, Meike Kamp, has raised serious alarms over the Chinese AI application DeepSeek, accusing the company of unlawfully transferring personal data of German users to China in violation of the European Union’s stringent General Data Protection Regulation (GDPR). In a statement released on Friday, Kamp highlighted that DeepSeek has failed to demonstrate…
DeepSeek: Berliner Datenschutzbeauftragte meldet KI-App bei Apple und Google als rechtswidrig

Jun 30, 2025 1:33 AM

Tags: ai, apple, google

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/deepseek-berliner-datenschutzbeauftragte-meldung-ki-app-rechtswidrig
Cybercriminals Exploit CapCut Popularity to Steal Apple ID Credentials and Credit Card Data

Jun 28, 2025 10:34 AM

Tags: apple, credentials, credit-card, cyber, cybercrime, data, defense, exploit, phishing, threat

Threat actors have capitalized on the immense popularity of CapCut, the leading short-form video editing app, to orchestrate a highly deceptive phishing campaign. According to the Cofense Phishing Defense Center (PDC), attackers are deploying meticulously crafted fake invoices that impersonate CapCut’s branding to lure users into surrendering their Apple ID credentials and credit card information.…
Researchers Warn Free VPNs Could Leak US Data to China

Jun 27, 2025 1:36 PM

Tags: apple, china, data, google, leak, vpn

Tech Transparency Project warns Chinese-owned VPNs like Turbo VPN and X-VPN remain on Apple and Google app stores, raising national security concerns. First seen on hackread.com Jump to article: hackread.com/researchers-warn-free-vpns-leak-us-data-to-china/
SparkKitty Spyware on App Store and Play Store, Steals Photos for Crypto Data

Jun 24, 2025 10:35 PM

Tags: apple, crypto, data, google, kaspersky, malicious, spyware

Kaspersky uncovers SparkKitty, new spyware in Apple App Store Google Play. Steals photos, targets crypto info, active since early 2024 via malicious apps. First seen on hackread.com Jump to article: hackread.com/sparkkitty-spyware-app-store-play-store-steals-photos-crypto/
Bank of America, Netflix, and Microsoft Hacked to Inject Fake Phone Numbers

Jun 24, 2025 7:35 PM

Tags: apple, attack, cyber, cybercrime, exploit, finance, injection, microsoft, phone, scam, usa, vulnerability

JÃ©rÃ´me Segura, cybercriminals are exploiting search parameter vulnerabilities to inject fake phone numbers into the legitimate websites of major brands like Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal. This sophisticated attack, technically termed a >>search parameter injection attack,
Chinese-owned VPN apps hide their origin

Jun 24, 2025 1:35 PM

Tags: apple, china, vpn

According to a new report, there are 13 China-owned VPN apps in the Apple App Store. None of them clearly disclose their links to China, and some use shell companies to hide their origin. First seen on grahamcluley.com Jump to article: grahamcluley.com/chinese-owned-vpn-apps-hide-their-origin/
SparkKitty der Foto-Räuber, den (noch) niemand auf dem Schirm hat

Jun 24, 2025 10:35 AM

Tags: apple, crypto, google

Der SparkKitty Foto-Stealer klaut heimlich eure Bilder und Krypto-Seeds über Apps aus dem Apple-App Store und dem Google-Play Store. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/malware/sparkkitty-der-foto-raeuber-den-noch-niemand-auf-dem-schirm-hat-317003.html
Malware on Google Play, Apple App Store stole your photos”, and crypto

Jun 23, 2025 8:35 PM

Tags: android, apple, crypto, google, malware, mobile

A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malware-on-google-play-app-store-stole-your-photos-and-crypto/
16 Milliarden Zugangsdaten im Netz stammen von “Datenhalde”

Jun 23, 2025 10:35 AM

Tags: apple, data-breach, google, login, passkey, password, phishing, software

Die offengelegten Zugangsdaten sollen von einer “Datenhalde” stammen.Bei dem angeblichen riesigen Datenleck, bei dem 16 Milliarden Zugangsdaten zu Apple, Facebook, Google und anderen Anbietern in falsche Hände geraten seien sollen, handelt sich nach Einschätzung von Cybersicherheitsexperten nicht um einen aktuellen Sicherheitsvorfall. “Wir gehen davon aus, dass es sich um ältere Daten von der Datenhalde handelt”,…
Die Sache mit den 16 Milliarden Zugangsdaten

Jun 22, 2025 5:35 AM

Tags: apple, data-breach, google, microsoft

Die Woche ging die Meldung über ein riesiges Datenleck mit 16 Milliarden Zugangsdaten durch die Presse. Riesen-Problem für Apple, Google, Meta, Microsoft & Co. hieß es. Hintergrund ist, dass Sicherheitsforscher auf eine entsprechende Datensammlung stießen, die 16 Milliarden Datensätze mit … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/22/die-sache-mit-den-16-milliarden-zugangsdaten/
Your passwords are everywhere: What the massive 16 billion login leak means for you

Jun 21, 2025 3:35 PM

Tags: apple, breach, google, leak, login, malicious, password, software

Security researchers discovered 16 billion stolen passwords from Apple, Google, Facebook and more. Unlike traditional hacks, malicious software infected millions of personal devices, secretly stealing every login. Here’s what this means for your accounts and how to protect yourself immediately. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/your-passwords-are-everywhere-what-the-massive-16-billion-login-leak-means-for-you/
Netflix, Apple, BofA websites hijacked with fake help-desk numbers

Jun 20, 2025 11:35 PM

Tags: apple

Don’t trust mystery digits popping up in your search bar First seen on theregister.com Jump to article: www.theregister.com/2025/06/20/netflix_apple_bofa_websites_hijacked/
Cybersecurity Snapshot: Tenable Report Spotlights Cloud Exposures, as Google Catches Pro-Russia Hackers Impersonating Feds

Jun 20, 2025 7:35 PM

Tags: access, advisory, ai, api, apple, attack, authentication, best-practice, business, cisa, cisco, cloud, conference, container, control, credentials, cve, cyber, cybersecurity, data, data-breach, detection, email, encryption, endpoint, exploit, google, governance, government, group, guide, hacker, Hardware, identity, infrastructure, intelligence, Internet, kubernetes, linux, macOS, microsoft, mitigation, mobile, monitoring, network, oracle, password, phishing, ransomware, risk, russia, service, social-engineering, software, sql, strategy, tactics, technology, threat, tool, update, vmware, vulnerability, windows

Check out highlights from Tenable’s “2025 Cloud Security Risk Report,” which delves into the critical risk from insecure cloud configurations. Plus, Google reveals a Russia-sponsored social engineering campaign that targeted prominent academics’ Gmail accounts. And get the latest on AI system security, just-in-time access, CIS Benchmarks and more! Dive into six things that are top…