Security News

An Apple AirTag is a Bluetooth-based device finder released in April 2021 that allows owners to track the device using Apple's 'Find My' service. Although Apple has implemented an intricate anti-stalking system to prevent cases of abuse, stealthy AirTag tracking continues to remain a problem.

A few days after the rickroll business, we were writing up another AirTag hack that documented how to create Bluetooth messages that could hitch a ride on Apple's AirTag network. Every two seconds, regular AirTags broadcast an identifier via a low-energy Bluetooth; any passing iPhones in the vicinity that are AirTag enabled and happen to pick up these broadcast messages co-operatively relay them back to Apple's AirTag backend, where they're saved for later lookup.

Microsoft, Apple and Google top the list of the most spoofed brands in 2021. Microsoft, Apple and Google were the top three brands criminals attempted to mimic in 2021, according to IBM's newly released X-Force Threat Intelligence Index.

A Berlin-based company has developed an AirTag clone that bypasses Apple's anti-stalker security systems. Source code for these AirTag clones is available online.

An infosec startup says it has built an Apple Airtag clone that bypasses anti-stalking protection features while running on Apple's Find My protocol. "In particular," said Bräunlein, "Apple needs to incorporate non-genuine AirTags into their threat model, thus implementing security and anti-stalking features into the Find My protocol and ecosystem instead of in the AirTag itself, which can run modified firmware or not be an AirTag at all."

Apple on Thursday patched a zero-day security vulnerability in its WebKit browser engine, issuing updates for iOS, iPadOS, and macOS. Its Safari browser, based on WebKit, received the security update separately for instances where it is being used with an older version of macOS, like Big Sur. The Apple patch is relevant not just to users of Safari, which relies on WebKit, but to users of any iOS browser, because Apple requires that all iOS browsers use WebKit - a situation currently being considered by antitrust regulators in the US and UK. Alex Russell, a program manager for Microsoft's Edge browser who formerly worked at Google and has long evangelized web technology, echoed past frustration with Apple's insistence that only WebKit is fit for iOS. "Imagine, if you can, a world where installing an alternative browser as your default actually had a chance of protecting you from Apple's shocking underinvestment in security," he lamented via Twitter.

Here on Naked Security, we've been lamenting the mysterious nature of Apple's security updates for ages. In the sudo bug case, Apple did eventually come to the party, and updated its own products in September.

Apple has patched yet another zero-day vulnerability, this time in its WebKit browser engine, that threat actors already are actively exploiting to compromise iPhones, iPads and MacOS devices. "Apple is aware of a report that this issue may have been actively exploited," the company wrote in its update notes.

Another month, another zero-day exploited in the wild that has been fixed by Apple. Apple fixed it in iOS 15.3.1 and iPadOS 15.3.1, macOS Monterey 12.2.1, and Safari 15.3.

Apple on Thursday released security updates for iOS, iPadOS, macOS, and Safari to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company's third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component that powers the Safari web browser and could be exploited by a piece of specially crafted web content to gain arbitrary code execution.