Security News
Apple last week patched two actively exploited vulnerabilities in macOS Monterey yet has left users of older supported versions of its desktop operating system unprotected. In a blog post on Tuesday, security biz Intego said fixes applied to address CVE-2022-22675 and CVE-2022-22674 in macOS Monterey were not backported to macOS Big Sur or macOS Catalina.
Apple, as ever, isn't saying anything about the platforms that didn't get updates, so it's impossible to say whether they're immune and thus unaffected, affected but simply being ignored, or affected and still awaiting updates that will show up in a few days. Intriguingly, Apple's core Security Updates page at HT201222 reports that there are updates denoted tvOS 15.4.1 and watchOS 8.5.1, but Apple merely remarks that these updates have "No published CVE entries".
Apple rushed out patches for two zero-days affecting macOS and iOS Thursday, both of which are likely under active exploitation and could allow a threat actor to disrupt or access kernel activity. Apple released separate security updates for the bugs - a vulnerability affecting both macOS and iOS tracked as CVE-2022-22675 and a macOS flaw tracked as CVE-2022-22674.
Apple has released updates for its mobile and desktop operating systems to patch security holes that may well have been exploited in the wild. On Thursday, the iPhone giant issued macOS Monterey 12.3.1; iOS 15.4.1 and iPadOS 15.4.1; tvOS 15.4.1; and watchOS 8.5.1 to address vulnerabilities in its software.
Apple and Meta shared data with child hackers pretending to be law enforcement. It was revealed on March 30 that both Apple and Facebook parent company, Meta, were duped by child hackers impersonating law enforcement officers last year, according to a report from Bloomberg.
Apple on Thursday rolled out emergency patches to address two zero-day flaws in its mobile and desktop operating systems that it said may have been exploited in the wild. Both the vulnerabilities have been reported to Apple anonymously.
Apple has released security updates on Thursday to address two zero-day vulnerabilities exploited by attackers to hack iPhones, iPads, and Macs. In security advisories published today, Apple said that they're aware of reports the issues "May have been actively exploited."
The malicious uses of these technologies are scary: Police reportedly arrived on the scene last week and found the man crouched beside the woman’s passenger side door. According to the police, the...
Transcend released the results of its latest survey of technology decision makers, which assessed their readiness for Apple's in-app deletion requirements for iOS apps that offer account creation. Less than a quarter of respondents understand the full scope of Apple's in-app deletion requirements, despite clarifications from Apple.
As SophosLabs reported last year cybercriminals were nevertheless able to draw iPhone users into their cryptocoin app scams by using Enterprise Provisioning. The technological basis for these scam apps is surprisingly simple: the crooks persuade you, for example on the basis of a friendship carefully cultivated via a dating site, into giving them the same sort of administrative power over your iPhone that is usually reserved for companies managing corporate-owned devices []. Typically, [this means] they can remotely wipe them, unilaterally or on request, block access to company data, enforce specific security settings such as lock codes and lock timeouts.