Tag: apple
-
Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More
Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild.The vulnerability, tracked as CVE-2025-24085, has been described as a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate…
-
How to switch off Apple Intelligence on your iPhone, iPad, and Mac
Here’s a step-by-step guide on how to turn off and disable Apple Intelligence from your devices. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/27/how-to-switch-off-apple-intelligence-on-your-iphone-ipad-and-mac/
-
How to switch off Apple Intelligence on your iPhone, iPad and Mac
Here’s a step-by-step guide on how to turn off and disable Apple Intelligence from your devices. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/27/how-to-switch-off-apple-intelligence-on-your-iphone-ipad-and-mac/
-
Apple fixed the first actively exploited zero-day of 2025
Apple addressed the first zero-day vulnerability of 2025, which is actively exploited in attacks in the wild aimed at iPhone users. Apple released security updates to address 2025’s first zero-day vulnerability, tracked as CVE-2025-24085, actively exploited in attacks targeting iPhone users. The vulnerability is a privilege escalation vulnerability that impacts the Core Media framework. >>A malicious…
-
Apple Patches Actively Exploited Zero-Day Vulnerability
The Apple iOS 18.3 update fixes 28 other vulnerabilities identified by the tech company, though there is little information on them. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/apple-patches-actively-exploited-zero-day-vulnerability
-
Apple fixes this year’s first actively exploited zero-day bug
Apple has released security updates to fix this year’s first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/
-
Apples USBController aus dem iPhone entschlüsselt
Apple rüstet seine gesamte iPhone-Linie auf USB-C um. Der dafür notwendige Mikrocontroller wurde nun dekodiert. First seen on heise.de Jump to article: www.heise.de/news/Apples-USB-C-Controller-aus-dem-iPhone-entschluesselt-10253736.html
-
How to use Apple’s App Privacy Report to monitor data tracking
The App Privacy Report, which Apple introduced in iOS 15.2, allows users to monitor how apps access data and interact with third-party services. The report provides an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/27/apple-app-privacy-report-monitor-data-tracking/
-
Apple sued for using dangerous ‘forever chemicals’ in Watch bands
Tags: appleMarkets smartwatches as health helpers even as they expose some owners to PFAS First seen on theregister.com Jump to article: www.theregister.com/2025/01/22/apple_watch_pfas_bands/
-
HPE’s sensitive data exposed in alleged IntelBroker hack
IntelBroker has struck again. This time, the notorious BreachForums bigwig, which has a long list of high-profile victims, including Europol, Cisco, and GE, has claimed to have breached IT giant Hewlett Packard Enterprise (HPE).The suspected Serbian-origin hacker is offering to sell on BreachForums, sensitive data allegedly stolen from HPE including product source codes and personally…
-
Apple Confirms Removal of TikTok App US Users
Apple has confirmed that popular apps developed by ByteDance Ltd., including TikTok, will no longer be available for download or updates in the United States. This decision, effective January 19, 2025, comes in response to the Protecting Americans from Foreign Adversary Controlled Applications Act, which mandates the removal of apps from specific foreign entities amid…
-
Apple’s interoperability efforts aren’t meeting spirit or letter of EU law, advocacy groups argue
Free Software Foundation Europe and others urge European Commission to double down on DMA First seen on theregister.com Jump to article: www.theregister.com/2025/01/16/apple_dma_compliance_criticized/
-
CVE-2024-44243 macOS flaw allows persistent malware installation
Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection (SIP). Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with >>root
-
Microsoft Discovers macOS Flaw CVE-2024-44243, Bypassing SIP
CVE-2024-44243, a critical macOS vulnerability discovered recently by Microsoft, can allow attackers to bypass Apple’s System Integrity Protection… First seen on hackread.com Jump to article: hackread.com/microsoft-macos-flaw-cve-2024-44243-bypassing-sip/
-
Apple Bug Allows Root Protections Bypass Without Physical Access
Emergent macOS vulnerability lets adversaries circumvent Apple’s System Integrity Protection (SIP) by loading third-party kernels. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/apple-bug-root-protections-bypass-physical-access
-
Apple Patches Flaw That Allows Kernel Security Bypassing
Microsoft Uncovered Flaw That Affects macOS System Integrity Protection Feature. Apple patched a vulnerability that allows hackers to bypass a key security feature in macOS by through third-party kernel extensions. Microsoft researchers uncovered the flaw tracked as CVE-2024-44243. The flaw could enable hackers to install rootkits and create malware with privileged access. First seen on…
-
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug First…
-
Hotel chain ditches Google search for DuckDuckGo, ‘subjected to fraud attempts daily’
Tags: apple, attack, authentication, browser, chrome, cloud, control, cybercrime, cybersecurity, data-breach, fraud, google, jobs, malware, mfa, monitoring, phishing, privacy, ransomware, risk, scam, service, tool, windowsAt the end of 2021, Nordic Choice Hotels, now renamed Strawberry, was hit by a major ransomware attack that paralyzed operations for just over a week. Everything had to be done manually, says Martin Belak, who is responsible for the hotel chain’s technical security.”The receptionists worked with whiteboards to keep track of which rooms were…
-
macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/
-
Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection
Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known as CVE-2024-44243, this vulnerability could be exploited to load third-party kernel extensions, resulting in severe security implications for macOS users. Apple released a patch for this vulnerability as part of its December 11, 2024, security…
-
Phishing texts trick Apple iMessage users into disabling protection
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection/
-
Neue und verbesserte Version des Banshee-Stealers nimmt MacOS-Nutzer ins Visier
Check Point Software Technologies warnt vor einer neuen und verbesserten Version des Banshee-Stealers. Er nimmt MacOS-Nutzer ins Visier, was bedeutet, dass über 100 Millionen Anwender bedroht sind. Banshee tauchte mitten im Jahr 2024 als Stealer-as-a-Service für 3.000 US-Dollar als Mietmodell auf. Die Malware nutzte ab September sogar die Funktion String-Encryption aus Apples eigenem Programm XProtect,…
-
Malware targets Mac users by using Apple’s security tool
A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm.A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram, and…
-
>>Siri Data Stays Private, Not Used for Ads,<< Apple Says
Apple Inc. says its commitment to user privacy, emphasizing that its products, such as the digital assistant Siri, are designed to safeguard personal data from the very beginning and not used for any advertising purpose. >>Apple has never used Siri data to build marketing profiles, never made it available for advertising, and never sold it…
-
Banshee 2.0 Malware Steals Apple’s Encryption to Hide on Macs
The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple’s own antivirus product. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/banshee-malware-steals-apple-encryption-macs
-
Banshee stealer evades detection using Apple XProtect encryption algo
A new version of the Banshee info-stealing malware for macOS has been evading detection over the past two months by adopting string encryption from Apple’s XProtect. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/banshee-stealer-evades-detection-using-apple-xprotect-encryption-algo/
-
Apple says it does not use Siri audio for advertising
Tags: apple“We are constantly developing technologies to make Siri even more private, and will continue to do so,” Apple said in a blog post published after settling a $95 million class action lawsuit. First seen on therecord.media Jump to article: therecord.media/apple-says-siri-audio-not-used-advertising
-
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer.”Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect,” Check Point Research said in a new analysis shared with The Hacker News. “This development allows it to…
-
Private Details abgehört – Apple zahlt 95 Millionen Dollar in Siri-Sammelklage
Tags: appleFirst seen on security-insider.de Jump to article: www.security-insider.de/apple-datenschutz-sammelklage-vergleich-a-7b67a05a4083b50fc7f6e95f5944c996/
-
AWS CISO On Cybersecurity ‘Baked Into’ Chips, Security Services And Marketplace
AWS cybersecurity leader on security innovation inside Intel, AMD and Apple chips, also Nitro, EC2, services and AWS Marketplace. First seen on crn.com Jump to article: www.crn.com/news/security/2025/aws-ciso-on-cybersecurity-baked-into-chips-security-services-and-marketplace