Security News

Apple released iOS 16 with Lockdown, Safety Check security features
2022-09-12 14:20

Apple released iOS 16 today with new features to boost iPhone users' security and privacy, including Lockdown Mode and Security Check. As Apple said in July when it first unveiled it, the Lockdown Mode security feature is not meant for everyday usage but, instead, designed to defend high-risk individuals from targeted attacks with mercenary spyware.

Apple releasing iOS 16 with Lockdown, Safety Check security features
2022-09-12 14:20

Apple is releasing iOS 16 today with new features to boost iPhone users' security and privacy, including Lockdown Mode and Security Check. As Apple said in July when it first unveiled it, the Lockdown Mode security feature is not meant for everyday usage but, instead, designed to defend high-risk individuals from targeted attacks with mercenary spyware.

Apple strengthens security and privacy in iOS 16
2022-09-06 04:30

Apple announced additional security and privacy updates for its newest mobile operating system. In this Help Net Security video, you’ll learn more about the latest privacy and security features in...

Over 1,800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials
2022-09-01 10:19

Researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services credentials, posing a major security risk. "Over three-quarters of the apps contained valid AWS access tokens allowing access to private AWS cloud services," Symantec's Threat Hunter team, a part of Broadcom Software, said in a report shared with The Hacker News.

Over 1,000 iOS apps found exposing hardcoded AWS credentials
2022-09-01 10:00

Researchers at Symantec's Threat Hunting team, part of Broadcom Software, found 1,859 applications containing hard-coded AWS credentials, most of them being iOS apps and just 37 for Android. The threat analysts highlight three notable cases in their report where the exposed AWS tokens could have had catastrophic consequences for both authors and users of the vulnerable apps.

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability
2022-09-01 03:24

Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. An anonymous researcher has been credited for reporting the vulnerability.

Apple backports fix for actively exploited iOS zero-day to older iPhones
2022-08-31 19:16

Apple has released new security updates to backport patches released earlier this month to older iPhones and iPads addressing a remotely exploitable WebKit zero-day that allows attackers to execute arbitrary code on unpatched devices. In a security advisory published today, Apple once again said that they're aware of reports that this security issue "May have been actively exploited."

Two years on, Apple iOS VPNs still leak IP addresses
2022-08-19 07:37

Apple has left a VPN bypass vulnerability in iOS unfixed for at least two years, leaving identifying IP traffic data exposed, and there's no sign of a fix. Earlier this year, Michael Horowitz, a veteran software developer and consultant, revisited the situation and found that VPNs on iOS are still vulnerable and leaking data.

Facebook’s In-app Browser on iOS Tracks ‘Anything You Do on Any Website’
2022-08-12 13:24

Users of Apple's Instagram and Facebook iOS apps are being warned that both use an in-app browser that allows parent company Meta to track 'every single tap' users make with external websites accessed via the software. iOS users' concerns over tracking were addressed by Apple's 2021 release of iOS 14.5 and a feature called App Tracking Transparency.

Roaming Mantis hits Android and iOS users in malware, phishing attacks
2022-07-18 14:42

Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices. Roaming Mantis is believed to be a financially-motivated threat actor that started targeting European users in February.