Security News

Windows 10, Linux, iOS, Chrome and Many Others at Hacked Tianfu Cup 2021
2021-10-17 23:50

Windows 10, iOS 15, Google Chrome, Apple Safari, Microsoft Exchange Server, and Ubuntu 20 were successfully broken into using original, never-before-seen exploits at the Tianfu Cup 2021, the fourth edition of the international cybersecurity contest held in the city of Chengdu, China. The Chinese version of Pwn2Own was started in 2018 in the wake of government regulation in the country that barred security researchers from participating in international hacking competitions because of national security concerns.

WhatsApp rolls out iOS, Android end-to-end encrypted chat backups
2021-10-14 20:31

WhatsApp is rolling out end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing your chats, regardless of where they are stored. Currently, WhatsApp allows you to create backups of all your chats and store them on online storage services.

Apple silently fixes iOS zero-day, asks bug reporter to keep quiet
2021-10-13 15:25

Apple has silently fixed a 'gamed' zero-day vulnerability with the release of iOS 15.0.2, on Monday, a security flaw that could let attackers gain access to sensitive user information. In July, Apple also silently patched an 'analyticsd' zero-day flaw with the release of 14.7 without crediting Tokarev in the security advisory, instead promising to acknowledge his report in security advisories for an upcoming update.

Apple fixes iOS zero-day exploited in the wild (CVE-2021-30883)
2021-10-12 16:33

With the newest iOS and iPad updates, Apple has fixed another vulnerability that is being actively exploited by attackers. The vulnerability may be exploited by an application to execute arbitrary code with kernel privileges, Apple explained.

Apple patches 'actively exploited' iPhone zero-day with iOS 15.0.2 update
2021-10-12 16:02

If you're using an iPhone, install the iOS 15.0.2 update immediately: Apple has warned that the latest OS upgrade patches an "Actively exploited" zero-day. Described as a "Memory corruption issue" by Apple, the vuln is present within the IOMobileFrameBuffer kernel extension, used for managing display memory.

Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug
2021-10-12 15:17

Apple on Monday rushed out a security update for iOS 15.0.2 and iPadOS 15.0.2 to fix a remote code-execution zero-day vulnerability that's being actively exploited.Within hours, a security researcher had picked the bug apart and published both proof-of-concept code and an explanation of the vulnerability, meaning that now's a really good time to update your iOS device.

Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks
2021-10-11 18:48

Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads. While Apple has not provided any details on how this vulnerability was used in attacks, they state that there are reports of it being actively used in attacks.

Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days
2021-09-26 21:38

Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for a previously plugged security weakness abused by NSO Group's Pegasus surveillance tool to target iPhone users. Chief among them is CVE-2021-30869, a type confusion flaw that resides in the kernel component XNU developed by Apple that could cause a malicious application to execute arbitrary code with the highest privileges.

Frustrated dev drops three zero-day vulns affecting Apple iOS 15 after six-month wait
2021-09-24 19:43

Upset with Apple's handling of its Security Bounty program, a bug researcher has released proof-of-concept exploit code for three zero-day vulnerabilities in Apple's newly released iOS 15 mobile operating system. "I've reported four 0-day vulnerabilities this year between March 10 and May 4, as of now three of them are still present in the latest iOS version and one was fixed in 14.7, but Apple decided to cover it up and not list it on the security content page," the researcher wrote.

iOS 15: How to enable Mail Privacy Protection
2021-09-24 14:48

If you have access to Apple's iOS 15 Developer Beta, learn how to use an important security feature called Mail Privacy Protection. If you're lucky enough to have access to the iOS 15 Developer Beta, you're probably already tinkering with all the new features, including Mail Privacy Protection.