Security News

Two men have been charged for allegedly conspiring with Russian hackers to manipulate the taxi dispatch system at New York's John F. Kennedy International Airport. Daniel Abayev, 48, and Peter Leyman, 48, are accused of altering the JFK taxi dispatch system to advance selected taxis to the front of the taxi queue in exchange for a $10 payment, according to a federal indictment [PDF] made public on Tuesday.

When we woke up this morning, our cybersecurity infofeed was awash with "News" that Apple had just patched a security hole variously described a "Gnarly bug", a "Critical flaw" that could leave your Macs "Defenceless", and the "Achilles' heel of macOS". This isn't a new bug, it's just some new information about a bug that Apple fixed last week.

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed Achilles, was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic issue that could be weaponized by an app to circumvent Gatekeeper checks.

The most recent iPhone update-to version 16.1.2-patches a zero-day vulnerability that "May have been actively exploited against versions of iOS released before iOS 15.1.". Apple said security researchers at Google's Threat Analysis Group, which investigates nation state-backed spyware, hacking and cyberattacks, discovered and reported the WebKit bug.

Apple has just published a wide range of security fixes for all its supported platforms, from the smallest watch to the biggest laptop. In other words, if you've got an Apple product, and it's still officially supported, we urge you to do an update check now.

Apple on Tuesday rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code. The company said it's "Aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.".

In security updates released today, Apple has fixed the tenth zero-day vulnerability since the start of the year, with this latest one actively used in attacks against iPhones. In October, Apple fixed a zero-day in the iOS Kernel.

In security updates released today, Apple has fixed the tenth zero-day vulnerability since the start of the year, with this latest one actively used in attacks against iPhones.The vulnerability was disclosed in security bulletins released today for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1, with Apple warning that the flaw "May have been actively exploited" against previous versions.

Apple tracked users without their consent and deserves to be fined €6 million, according to a top advisor to France's data privacy watchdog. The Commission nationale de l'informatique et des libertés launched an investigation into Apple after a complaint filed by France Digitale, a lobby group supporting startups, accused the company of violating EU privacy laws last year.

Based on a screenshot from Apple, these categories are covered when you flip on Advanced Data Protection: device backups, messages backups, iCloud Drive, Notes, Photos, Reminders, Safari bookmarks, Siri Shortcuts, Voice Memos, and Wallet Passes. Apple says the only "Major" categories not covered by Advanced Data Protection are iCloud Mail, Contacts, and Calendar because "Of the need to interoperate with the global email, contacts, and calendar systems," according to its press release.