Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks
Apple's updated spyware alert system now warns individual users of potential targeting by mercenary spyware attacks.
Les clients Apple victimes de push bombing pour réinitialiser leur identifiant
C’est un matraquage en règle pour obtenir les identifiants Apple ID auquel ont du faire face certains clients de la marque à la pomme. En effet, une vague de phishing de type « push bombing » ou de « fatigue MFA » a sévi récemment assure le site Krebs on Security. Ces techniques consistent, pour les attaquants, à envoyer de manière répétée des notifications d'authentification à deux acteurs (MFA) sur les terminaux Apple.
Known macOS Vulnerabilities Led Researcher to Root Out New Flaws
Researcher shares how he unearthed newer bugs in Apple's operating system by closer scrutiny of previous research, including vulnerabilities that came out of the Pwn2Own competition.
Apple, Google, and Microsoft commit to expanded support for FIDO standard
Faster, easier, and more secure sign-ins will be available to consumers across leading devices and platforms.
Increased Enterprise Use of iOS, Mac Means More Malware
As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and
Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests
Apple Inc. and Meta Platforms Inc., the parent company of Facebook, provided customer data to hackers who masqueraded as law enforcement officials, according to three people with knowledge of the matter. Apple and Meta provided basic subscriber details, such as a customer’s address, phone number and IP address, in mid-2021 in response to the forged “emergency data requests.” Normally, such requests are only provided with a search warrant or subpoena signed by a judge, according to the people. However, the emergency requests don’t require a court order.
Apple's AirTag uncovers a secret German intelligence agency
A researcher has sent one of Apple's AirTags to a mysterious "federal authority" in Germany to locate its true offices — and to help prove that it's really part of an intelligence agency.
Recent ‘MFA Bombing’ Attacks Targeting Apple Users – Krebs on Security
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that…
One Man’s Army of Streaming Bots Reveals a Whole Industry’s Problem | WIRED
A rare case in Danish court shows how automated clicks and fake accounts can earn hundreds of thousands of dollars on Apple Music and Spotify. Experts say it’s the tip of the iceberg. #apple #bots #music #spotify #streaming
Apple Sued for Prioritizing Market Dominance Over Security
The U.S. Department of Justice in a lawsuit filed Thursday is accusing Apple of discarding user security and privacy protections as part of a broader effort to
Apple iOS 17.4: iMessage Gets Post-Quantum Encryption in New Update
Useful quantum computers aren’t a reality—yet. But in one of the biggest deployments of post-quantum encryption so far, Apple is bringing the technology to iMessage. #apple #computing #encryption #privacy #quantum #security
Known macOS Vulnerabilities Led Researcher to Root Out New Flaws
Researcher shares how he unearthed newer bugs in Apple's operating system by closer scrutiny of previous research, including vulnerabilities that came out of the Pwn2Own competition.
Apple, Google, and Microsoft commit to expanded support for FIDO standard
Faster, easier, and more secure sign-ins will be available to consumers across leading devices and platforms.
Increased Enterprise Use of iOS, Mac Means More Malware
As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and
Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests
Apple Inc. and Meta Platforms Inc., the parent company of Facebook, provided customer data to hackers who masqueraded as law enforcement officials, according to three people with knowledge of the matter. Apple and Meta provided basic subscriber details, such as a customer’s address, phone number and IP address, in mid-2021 in response to the forged “emergency data requests.” Normally, such requests are only provided with a search warrant or subpoena signed by a judge, according to the people. However, the emergency requests don’t require a court order.
Apple's AirTag uncovers a secret German intelligence agency
A researcher has sent one of Apple's AirTags to a mysterious "federal authority" in Germany to locate its true offices — and to help prove that it's really part of an intelligence agency.
Security Researcher Allegedly Hacked Apple’s Backend, Scammed $2.5 Million
Staggeringly, Apple thanked the defendant, Noah Roskin-Frazee, in a security update less than two weeks after he was arrested.
Government hackers targeted iPhones owners with zero-days, Google says
One of the hacking campaigns used exploits developed by Variston, a Barcelona-based startup. Sources say the spyware maker is losing staff.
Here is Apple's official 'jailbroken' iPhone for security researchers | TechCrunch
A security researchers shared a picture of the instructions that go along Apple's Security Research Device and more details about this special iPhone.
A backdoor with a cryptowallet stealer inside cracked macOS software
We review a new macOS backdoor that piggybacks on cracked software to replace Bitcoin and Exodus wallets with malware.
MacOS info-stealers quickly evolve to evade XProtect detection
Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently.
iShutdown scripts can help detect iOS spyware on your iPhone
Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices by checking Shutdown.log, a system log file that stores reboot events. #Apple #Computer #InfoSec #Logging #Malware #Pegasus #Security #Spyware #iOS #iPhone
LeftoverLocals: Listening to LLM responses through leaked GPU local memory
By Tyler Sorensen and Heidy Khlaaf We are disclosing LeftoverLocals: a vulnerability that allows recovery of data from GPU local memory created by another process on Apple, Qualcomm, AMD, and Imagination GPUs. LeftoverLocals impacts the security posture of GPU applications as a whole, with particular significance to LLMs and ML models run on impacted GPU…
Amnesty confirms Apple warning: Indian journalists’ iPhones infected with Pegasus spyware
Apple's warnings in late October that Indian journalists and opposition figures may have been targeted by state-sponsored attacks prompted a forceful Behind closed doors, senior officials from Modi's administration demanded that Apple soften the political impact of the state-sponsored warnings, according to Washington Post.
This Clever New Idea Could Fix AirTag Stalking While Maximizing Privacy
Apple updated its location-tracking system in an attempt to cut down on AirTag abuse while still preserving privacy. Researchers think they’ve found a better balance.
Operation Triangulation: The last (hardware) mystery
Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.
Known macOS Vulnerabilities Led Researcher to Root Out New Flaws
Researcher shares how he unearthed newer bugs in Apple's operating system by closer scrutiny of previous research, including vulnerabilities that came out of the Pwn2Own competition.
Apple, Google, and Microsoft commit to expanded support for FIDO standard
Faster, easier, and more secure sign-ins will be available to consumers across leading devices and platforms.
Increased Enterprise Use of iOS, Mac Means More Malware
As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and
Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests
Apple Inc. and Meta Platforms Inc., the parent company of Facebook, provided customer data to hackers who masqueraded as law enforcement officials, according to three people with knowledge of the matter. Apple and Meta provided basic subscriber details, such as a customer’s address, phone number and IP address, in mid-2021 in response to the forged “emergency data requests.” Normally, such requests are only provided with a search warrant or subpoena signed by a judge, according to the people. However, the emergency requests don’t require a court order.