Security News

Apple lovers who haven't yet updated to iOS 15, you may want to pop into Settings to freshen up your iPhone now: Apple has released several critical security updates that might light a fire under your britches. On Monday and Tuesday, Apple released iOS 14.8.1, iPadOS 14.8.1, watchOS 8.1 and tvOS 15.1, patching 24 CVEs in total.

Digitally signing an email might not be a singular means to a secure end, but it can at least help recipients of your email better trust the missives you send them. Some email clients make digitally signing easier than others.

CVE-2021-30663 - Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30665 - Processing maliciously crafted web content may lead to arbitrary code execution.

Pyramid-scheme cryptocurrency scammers are exploiting Apple's Enterprise Developer Program to get bogus trading apps onto their marks' iPhones. They scammers are using a loophole that allows enterprise mobile device management programs to control corporate-owned iOS devices, according to Sophos' analysis, via Apple's Enterprise Developer program - specifically, the Apple Enterprise/Corporate Signature feature.

Apple has silently fixed a 'gamed' zero-day vulnerability with the release of iOS 15.0.2, on Monday, a security flaw that could let attackers gain access to sensitive user information. In July, Apple also silently patched an 'analyticsd' zero-day flaw with the release of 14.7 without crediting Tokarev in the security advisory, instead promising to acknowledge his report in security advisories for an upcoming update.

We were going to say "Unexpected updates", but all Apple security patches are, of course, unexpected by design. Apple deliberately announces security fixes only after they've been published, so you couldn't plan for them even if you wanted.

With the newest iOS and iPad updates, Apple has fixed another vulnerability that is being actively exploited by attackers. The vulnerability may be exploited by an application to execute arbitrary code with kernel privileges, Apple explained.

If you're using an iPhone, install the iOS 15.0.2 update immediately: Apple has warned that the latest OS upgrade patches an "Actively exploited" zero-day. Described as a "Memory corruption issue" by Apple, the vuln is present within the IOMobileFrameBuffer kernel extension, used for managing display memory.

Apple on Monday rushed out a security update for iOS 15.0.2 and iPadOS 15.0.2 to fix a remote code-execution zero-day vulnerability that's being actively exploited.Within hours, a security researcher had picked the bug apart and published both proof-of-concept code and an explanation of the vulnerability, meaning that now's a really good time to update your iOS device.

Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads. While Apple has not provided any details on how this vulnerability was used in attacks, they state that there are reports of it being actively used in attacks.