Tag: apple
-
Apple Rolls Out Critical Security Fixes: iOS 18.3.2, macOS Ventura, and More Receive Important Updates
Apple has released a series of crucial security updates designed to patch vulnerabilities across its ecosystem of devices. On March 11, 2025, the tech giant rolled the Apple security update with iOS 18.3.2, iPadOS 18.3.2, macOS Ventura, macOS Sonoma, macOS Sequoia, visionOS 2.3.2, and tvOS 18.3.1, addressing multiple security flaws that could potentially have been…
-
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in “extremely sophisticated” attacks.The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component.It has been described as an out-of-bounds write issue that could allow an attacker to craft…
-
iPhone-Nutzer attackiert: Aktiv ausgenutzte Webkit-Lücke gefährdet Apple-Geräte
Angreifer können durch die Schwachstelle aus der Web-Content-Sandbox von Webkit ausbrechen. Apple verteilt Notfallupdates für iOS, MacOS und Safari. First seen on golem.de Jump to article: www.golem.de/news/iphone-nutzer-attackiert-aktiv-ausgenutzte-webkit-luecke-gefaehrdet-apple-geraete-2503-194203.html
-
Apple fixed the third actively exploited zero-day of 2025
Apple addressed a zero-day vulnerability, tracked as CVE-2025-24201, that has been exploited in >>extremely sophisticated>extremely sophisticated
-
Apple patches 0-day exploited in “extremely sophisticated attack”
0-day exploited by maliciously crafted Web content to break out of security sandbox. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/03/apple-patches-0-day-exploited-in-extremely-sophisticated-attack/
-
Apple fixes new security flaw used in ‘extremely sophisticated attack’
The flaw was in the browser engine WebKit, used by Safari and other apps. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/11/apple-fixes-new-security-flaw-used-in-extremely-sophisticated-attack/
-
Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw
Apple warns that the WebKIt bug “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/apple-ships-ios-18-3-2-to-fix-already-exploited-webkit-flaw/
-
Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks
Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in “extremely sophisticated” attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/apple/apple-fixes-webkit-zero-day-exploited-in-extremely-sophisticated-attacks/
-
Secret London tribunal to hear appeal in Apple vs government battle over encryption
Campaigners call for High Court hearing to be held in public as tech giant appeals against UK government order to open a backdoor into its encrypted iCloud service First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620363/Secret-London-tribunal-to-hear-appeal-in-Apple-vs-government-battle-over-encryption
-
Global Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading Within 90 Days
Tags: appleApple argues sideloading threatens security, while users demand more choice. With global market pressure rising, will iOS open up to third-party apps? First seen on techrepublic.com Jump to article: www.techrepublic.com/article/brazil-apple-ios-sideloading/
-
We call this kernel saunters: How Apple rearranged its XNU core with exclaves
iPhone giant compartmentalizes OS for the sake of security First seen on theregister.com Jump to article: www.theregister.com/2025/03/08/kernel_sanders_apple_rearranges_xnu/
-
Apple iOS 18.4 Beta 3 Released What’s New!
Apple has rolled out iOS 18.4 Beta 3, available to developers as of March 10, 2025, with the build number 22E5222f. This release is part of the ongoing beta testing phase, with the final version anticipated in early April 2025. Given the lack of detailed reports on new features, it appears this beta is primarily…
-
Kernel saunters How Apple rearranged its XNU kernel with exclaves
iPhone giant compartmentalizes OS for the sake of security First seen on theregister.com Jump to article: www.theregister.com/2025/03/08/kernel_sanders_apple_rearranges_xnu/
-
Apple withdraws encrypted iCloud storage from UK after government demands ‘backdoor’ access
After the Home Office issued a secret order for Apple to open up a backdoor in its encrypted storage, the tech company has instead chosen to withdraw the service from the UK First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619614/Apple-withdraws-encrypted-iCloud-storage-from-UK-after-government-demands-back-door-access
-
Breach Roundup: US Sanctions Iran-Based Nemesis Admin
Also, BianLian Ransomware Hackers Aren’t Really Mailing You. This week, the U.S. sanctioned the Nemesis admin, Poco RAT spotted in Latin America, Apple challenged a British order to weaken encryption and the FBI warned against scam letters purportedly from BianLian. Also, a Nigerian tax scammer extradited to the U.S., a new botnet and a Webex…
-
Chainguard “FIPS” Apache Cassandra
Chainguard modified Cassandra so organizations needing FIPS-approved encryption can finally use it”, without risky workarounds or costly custom fixes. Apache Cassandr ia a powerful open-source database used by companies worldwide, but it wasn’t built with FIPS compliance in mind. Why Is This a Big Deal? Cassandra powers mission-critical systems for Netflix, Apple, and even the…
-
Apple vs. UK, ADP E2EE Back Door Faceoff
Won’t Tim Think of the Children? End-to-end encryption battle continues. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/apple-appeals-uk-adp-richixbw/
-
Apple drags UK government to court over ‘backdoor’ order
A first-of-its-kind legal challenge set to be heard this month, per reports First seen on theregister.com Jump to article: www.theregister.com/2025/03/05/apple_reportedly_ipt_complaint/
-
Apple Taking Legal Action Against UK Over Backdoor Demands
Apple told TechRepublic it is “gravely disappointed” to remove Advanced Data Protection in the U.K., as it fights government demands for an iCloud backdoor. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/apple-legal-action-uk-backdoor/
-
Apple takes UK government to court over ‘backdoor’ order
A first-of-its-kind legal challenge set to be heard this month, per reports First seen on theregister.com Jump to article: www.theregister.com/2025/03/05/apple_reportedly_ipt_complaint/
-
Apple is challenging U.K.’s iCloud encryption backdoor order
Apple is challenging a U.K. Government data access order in the Investigatory Powers Tribunal (IPT), the Financial Times reports. The order targeted iCloud backups that are protected by end-to-end encryption. Last month, press leaks revealed the existence of the January order asking Apple to build a backdoor in iCloud’s encrypted backups. U.K. officials are exercising…
-
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems.”The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers First seen on thehackernews.com…
-
Jamf to Acquire Identity Automation for $215 Million
Apple device management firm Jamf has entered into an agreement to acquire IAM platform Identity Automation. The post Jamf to Acquire Identity Automation for $215 Million appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/jamf-to-acquire-identity-automation-for-215-million/
-
Google, Meta, and Apple Power the World’s Biggest Surveillance System
Imagine a government that tracks your daily movements, monitors your communications, and catalogs your digital habits. While this conjures images of authoritarian regimes, a parallel reality exists in the United States, where law enforcement agencies leverage the vast data reservoirs of Big Tech companies to construct intrusive profiles of citizens. Over the past decade, Google,…
-
Privacy Roundup: Week 9 of Year 2025
Tags: access, android, apple, attack, backdoor, breach, browser, cctv, control, cyber, cybersecurity, data, data-breach, encryption, endpoint, exploit, firmware, flaw, government, group, hacker, Internet, jobs, law, leak, malware, office, password, phishing, privacy, regulation, router, scam, service, software, switch, technology, threat, tool, update, vpn, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 23 FEB 2025 – 1 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Cybersecurity Impact of DOGE, Apple’s Stand Against Encryption Backdoors
In this episode, Kevin and Tom discuss current events including the latest developments with DOGE and the significant changes happening at the Cybersecurity and Infrastructure Security Agency (CISA). They also touch on Apple’s decision to refuse creating backdoors for encryption, setting a new precedent in digital security. Tune in for an insightful discussion on the……
-
Trigon: Latest iOS Kernel Exploit Uncovered
A sophisticated kernel exploit leveraging CVE-2023-32434, an integer overflow vulnerability in Apple’s XNU virtual memory subsystem, has been unveiled by security researchers. DubbedTrigon, this exploit chain enables deterministic kernel read/write primitives on A10(X) devices, bypassing Apple’s KTRR and PPL protections through physical memory mapping techniques. Initially exploited in the Operation Triangulation campaign against Kaspersky researchers,…
-
Sicherheitslücke in Apples „Wo ist?”-Netzwerk lässt Hacker deinen Aufenthaltsort tracken
First seen on t3n.de Jump to article: t3n.de/news/sicherheitsluecke-in-apples-wo-ist-netzwerk-laesst-hacker-deinen-aufenthaltsort-tracken-1675416/