Security News

Brave: Sharp increase in installs after iOS DMA update in EU
2024-03-12 22:25

Brave has seen a sharp increase in users installing its privacy-focused Brave Browser on iPhones after Apple introduced changes to adhere to the new European Digital Markets Act. To comply with the Digital Markets Act, Apple introduced a new feature in iOS 17.4 that asks EU users to pick a default web browser from a list that includes Brave, among other options.

Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)
2024-03-06 09:34

Apple has fixed two iOS zero-day vulnerabilities exploited by attackers in the wild. "Additional CVE entries [are] coming soon," Apple noted for both updates.

Apple fixes two new iOS zero-days exploited in attacks on iPhones
2024-03-05 21:34

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. The company says it addressed the security flaws for devices running iOS 17.4, iPadOS 17.4, iOS 16.76, and iPad 16.7.6 with improved input validation.

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
2024-02-19 13:14

Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the...

Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts
2024-02-15 14:00

Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts - thought to be a world first. iOS target Android and iOS respectively, tricking users into performing biometric verification checks that are ultimately used to bypass the same checks employed by legitimate banking apps in Vietnam and Thailand - the geographic focus of these ongoing attacks.

iOS users beware: GoldPickaxe trojan steals your facial data
2024-02-15 10:14

Group-IB uncovered a new iOS trojan designed to steal users' facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe. iOS trojan targets victims in the Asia-Pacific region.

New ‘Gold Pickaxe’ Android, iOS malware steals your face for fraud
2024-02-15 08:00

A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.

CISA Warns of Active Exploitation Apple iOS and macOS Vulnerability
2024-02-01 05:02

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities...

iPhone apps abuse iOS push notifications to collect user data
2024-01-25 18:28

Numerous iOS apps are using background processes triggered by push notifications to collect user data about devices, potentially allowing the creation of fingerprinting profiles used for tracking. "Apps should not attempt to surreptitiously build a user profile based on collected data and may not attempt, facilitate, or encourage others to identify anonymous users or reconstruct user profiles based on data collected from Apple-provided APIs or any data that you say has been collected in an 'anonymized,' 'aggregated,' or otherwise non-identifiable way," reads a section of Apple App Store review guidelines.

X adds passkeys support for iOS users in the United States
2024-01-23 20:19

X, formerly Twitter, announced today that iOS users in the United States can now log into their accounts using passkeys. The passkeys will be linked to the iOS device they're generated on and will significantly reduce the risk of breaches by providing protection against phishing attacks and blocking unauthorized access attempts.