The latest versions of iOS and iPadOS (16.3) and macOS (Ventura 13.2) have fixed the vulnerabilities tracked as CVE-2023-23530 and CVE-2023-23531. We explain the nature of these bugs, why they deserve your attention, what Pegasus spyware has to do with it, and why you should take these and future iOS, iPad and macOS security updates seriously. NSPredicate, FORCEDENTRY, Pegasus, … [Read more...] about Update iPhone to iOS 16.3 and Mac to macOS Ventura 13.2
iOS
Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild
Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821 (CVSS score: 6.5), the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution. "A successful … [Read more...] about Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild
Update iOS! There is a dangerous vulnerability in WebKit (CVE-2022-22620)
Apple has released an urgent update for iOS and iPadOS that fixes the CVE-2022-22620 vulnerability. They recommend updating devices as soon as possible, as the company have reason to believe that the vulnerability is already being actively exploited by unknown actors. Why vulnerability CVE-2022-22620 is dangerous As usual, Apple experts do not disclose the details of the … [Read more...] about Update iOS! There is a dangerous vulnerability in WebKit (CVE-2022-22620)
FinSpy (aka FinFisher) spyware for Windows, macOS, Linux, Android, and iOS
At Kaspersky’s recent Security Analyst Summit, our experts presented a detailed report on FinSpy (aka FinFisher) spyware and its distribution methods, including some previously unknown ones. You can read more about their findings in Securelist’s post. In this article, meanwhile, we explore what kind of malware FinSpy is and how you can protect yourself from it. What is FinSpy … [Read more...] about FinSpy (aka FinFisher) spyware for Windows, macOS, Linux, Android, and iOS
6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS
As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction. The unpatched flaws, collectively named 'Mouse Trap,' were disclosed on Wednesday by security researcher Axel Persinger, who said, "It's clear that this application is very vulnerable and puts users at risk … [Read more...] about 6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS
New ‘unc0ver’ Tool Can Jailbreak All iPhone Models Running iOS 11.0
A popular jailbreaking tool called "unc0ver" has been updated to support iOS 14.3 and earlier releases, thereby making it possible to unlock almost every single iPhone model using a vulnerability that Apple in January disclosed was actively exploited in the wild. The latest release, dubbed unc0ver v6.0.0, was released on Sunday, according to its lead developer Pwn20wnd, … [Read more...] about New ‘unc0ver’ Tool Can Jailbreak All iPhone Models Running iOS 11.0
Google uncovers new iOS security feature Apple quietly added after zero-day attacks
Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor," the improved sandbox system for iMessage data was disclosed by Samuel Groß, a security researcher with Project Zero, a team of security … [Read more...] about Google uncovers new iOS security feature Apple quietly added after zero-day attacks
Why you need to update iOS and iPadOS to version 14.4 immediately
Apple has released a security update to close three zero-day vulnerabilities: CVE-2021-1780, CVE-2021-1781, and CVE-2021-1782. Because Apple believes unnamed cybercriminals are already exploiting those vulnerabilities, the company advises all iOS and iPadOS users to update their operating systems. The vulnerabilities CVE-2021-1780 and CVE-2021-1781 are vulnerabilities in the … [Read more...] about Why you need to update iOS and iPadOS to version 14.4 immediately
Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition
Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have been pwned on this year's contest," the event organizers said. "11 out of 16 targets … [Read more...] about Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition
Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered
Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild. Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with … [Read more...] about Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered