Security News

Meta Platforms on Friday disclosed that it had identified over 400 malicious apps on Android and iOS that it said targeted online users with the goal of stealing their Facebook login information. 42.6% of the rogue apps were photo editors, followed by business utilities, phone utilities, games, VPNs, and lifestyle apps.

CISA added two new vulnerabilities to its list of security bugs exploited in the wild today, including a Windows privilege escalation vulnerability and an arbitrary code execution flaw affecting iPhones and Macs. Apple also patched the arbitrary code execution vulnerability on Monday and confirmed that it was exploited in attacks as a zero-day bug in the iOS and macOS kernel.

Apple has fixed a slew of vulnerabilities in macOS, iOS, and iPadOS, including a zero-day kernel vulnerability exploited by attackers in the wild. "Apple is aware of a report that this issue may have been actively exploited," the company said, and noted that the vulnerability has been remediated with improved bounds checks.

Apple has released another round of security updates to address multiple vulnerabilities in iOS and macOS, including a new zero-day flaw that has been used in attacks in the wild.It's worth noting that CVE-2022-32917 is also the second Kernel related zero-day flaw that Apple has remediated in less than a month.

Just to be clear, if you don't want to upgrade to iOS 16 just yet, you still need to update, because the iOS 15.7 and iPadOS 15.7 updates include numerous security patches, including a fix for a bug dubbed CVE-2022-32917. APPLE-SA-2022-09-12-1: iOS 16 The big one! As well as a bunch of new features, this includes the Safari patches delivered separately for macOS, and a fix for CVE-2022-32917.

Apple released iOS 16 today with new features to boost iPhone users' security and privacy, including Lockdown Mode and Security Check. As Apple said in July when it first unveiled it, the Lockdown Mode security feature is not meant for everyday usage but, instead, designed to defend high-risk individuals from targeted attacks with mercenary spyware.

Apple is releasing iOS 16 today with new features to boost iPhone users' security and privacy, including Lockdown Mode and Security Check. As Apple said in July when it first unveiled it, the Lockdown Mode security feature is not meant for everyday usage but, instead, designed to defend high-risk individuals from targeted attacks with mercenary spyware.

Apple announced additional security and privacy updates for its newest mobile operating system. In this Help Net Security video, you’ll learn more about the latest privacy and security features in...

Researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services credentials, posing a major security risk. "Over three-quarters of the apps contained valid AWS access tokens allowing access to private AWS cloud services," Symantec's Threat Hunter team, a part of Broadcom Software, said in a report shared with The Hacker News.

Researchers at Symantec's Threat Hunting team, part of Broadcom Software, found 1,859 applications containing hard-coded AWS credentials, most of them being iOS apps and just 37 for Android. The threat analysts highlight three notable cases in their report where the exposed AWS tokens could have had catastrophic consequences for both authors and users of the vulnerable apps.