FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ Naked Security

β€œSnakes in airplane mode” – what if your phone says it’s offline but isn’t?

By Paul Ducklin β€” August 21st 2023 at 17:45
WYSIWYG is short for "what you see is what you get". Except when it isn't...

☐ β˜† βœ‡ The Hacker News

Apple Sets New Rules for Developers to Prevent Fingerprinting and Data Misuse

By THN β€” July 29th 2023 at 05:30
Apple has announced plans to require developers to submit reasons to use certain APIs in their apps starting later this year with the release of iOS 17, iPadOS 17, macOS Sonoma, tvOS 17, and watchOS 10 to prevent their abuse for data collection. "This will help ensure that apps only use these APIs for their intended purpose," the companyΒ saidΒ in a statement. "As part of this process, you'll need
☐ β˜† βœ‡ Naked Security

S3 Ep145: Bugs With Impressive Names!

By Paul Ducklin β€” July 27th 2023 at 18:47
Fascinating fun (with a serious and educational side) - listen now! Full transcript available inside.

☐ β˜† βœ‡ Naked Security

S3 Ep141: What was Steve Jobs’s first job?

By Paul Ducklin β€” June 29th 2023 at 16:58
Latest episode - listen now! (Full transcript inside.)

☐ β˜† βœ‡ The Hacker News

EncroChat Bust Leads to 6,558 Criminals' Arrests and €900 Million Seizure

By Ravie Lakshmanan β€” June 27th 2023 at 11:23
Europol on TuesdayΒ announcedΒ that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds. The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch authorities intercepted and analyzed over 115 million conversations that took place over the encrypted messaging platform between no
☐ β˜† βœ‡ Naked Security

Aussie PM says, β€œShut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

By Paul Ducklin β€” June 23rd 2023 at 16:10
Don't treat rebooting your phone once a day as a cybersecurity talisman... here are 8 additional tips for better mobile phone security.

☐ β˜† βœ‡ The Hacker News

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

By Ravie Lakshmanan β€” June 1st 2023 at 15:14
A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbedΒ Operation TriangulationΒ that began in 2019. "The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root privileges, gaining complete control over the device and user data," KasperskyΒ said. The Russian
☐ β˜† βœ‡ Naked Security

Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!

By Paul Ducklin β€” May 19th 2023 at 01:02
All Apple users have zero-days that need patching, though some have more zero-days than others.

☐ β˜† βœ‡ The Hacker News

NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders

By Ravie Lakshmanan β€” April 20th 2023 at 10:11
Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. "NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-click exploit chains against civil society targets around the world," the interdisciplinary laboratory
☐ β˜† βœ‡ Naked Security

Apple issues emergency patches for spyware-style 0-day exploits – update now!

By Paul Ducklin β€” April 8th 2023 at 01:20
A bug to hack your browser, then a bug to pwn the kernel... reported from the wild by Amnesty International.

☐ β˜† βœ‡ The Hacker News

Apple Issues Urgent Security Update for Older iOS and iPadOS Models

By Ravie Lakshmanan β€” March 28th 2023 at 03:41
Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked asΒ CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. It wasΒ originally addressedΒ by the tech giant with improved checks as part of updates released on February 13, 2023. An anonymous researcher has been
☐ β˜† βœ‡ Naked Security

Apple patches everything, including a zero-day fix for iOS 15 users

By Paul Ducklin β€” March 28th 2023 at 00:23
Got an older iPhone that can't run iOS 16? You've got a zero-day to deal with! That super-cool Studio Display monitor needs patching, too.

☐ β˜† βœ‡ WIRED

The Sketchy Plan to Build a Russian Android Phone

By Masha Borak β€” March 3rd 2023 at 12:00
Amid isolating sanctions, a Russian tech giant plans to launch new Android phones and tablets. But experts are skeptical the company can pull it off.
☐ β˜† βœ‡ The Hacker News

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

By Ravie Lakshmanan β€” February 22nd 2023 at 12:56
Apple has revised theΒ security advisoriesΒ it released last month to include three new vulnerabilities impactingΒ iOS, iPadOS, andΒ macOS. The first flaw is aΒ race conditionΒ in the Crash Reporter component (CVE-2023-23520) that could enable a malicious actor to read arbitrary files as root. The iPhone maker said it addressed the issue with additional validation. The two other vulnerabilities,
❌