Security News

Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices
2022-07-15 03:37

"An attacker could take advantage of this sandbox escape vulnerability to gain elevated privileges on the affected device or execute malicious commands like installing additional payloads," Jonathan Bar Or of the Microsoft 365 Defender Research Team said in a write-up. While Apple's App Sandbox is designed to tightly regulate a third-party app's access to system resources and user data, the vulnerability makes it possible to bypass these restrictions and compromise the machine.

Microsoft Defender adds network protection for Android, iOS devices
2022-07-03 14:09

Microsoft has introduced a new Microsoft Defender for Endpoint feature in public preview to help organizations detect weaknesses affecting Android and iOS devices in their enterprise networks.After enabling the new Mobile Network Protection feature on Android and iOS devices you want to monitor, the enterprise endpoint security platform will provide protection and notifications when it detects rogue Wi-Fi-related threats and rogue certificates.

Spyware vendor targets iOS and Android in Italy and Kazakhstan, collaborates with ISP
2022-06-27 13:41

The iOS application does not trigger any alert since it is signed with a certificate from a company named 3-1 Mobile SRL, enrolled in the Apple Developer Enterprise Program. The Android malicious software requires the targeted user to allow the installation of applications from unknown sources.

Google Warns Spyware Being Deployed Against Android, iOS Users
2022-06-24 11:02

Google is warning victims in Kazakhstan and Italy that they are being targeted by Hermit, a sophisticated and modular spyware from Italian vendor RCS Labs that not only can steal data but also record and make calls. Researchers from Google Threat Analysis Group revealed details in a blog post Thursday by TAG researchers Benoit Sevens and Clement Lecigne about campaigns that send a unique link to targets to fake apps impersonating legitimate ones to try to get them to download and install the spyware.

Spyware vendor works with ISPs to infect iOS and Android users
2022-06-23 17:07

Google's Threat Analysis Group revealed today that RCS Labs, an Italian spyware vendor, has received help from some Internet service providers to infect Android and iOS users in Italy and Kazakhstan with commercial surveillance tools. RCS Labs is just one of more than 30 spyware vendors whose activity is currently tracked by Google, according to Google TAG analysts Benoit Sevens and Clement Lecigne.

A great day for non-robots: iOS 16 will bypass CAPTCHAs
2022-06-21 11:45

Apple has introduced a game-changer into its upcoming iOS 16 for those who hate CAPTCHAs, in the form of a feature called Automatic Verification. The feature does exactly what its name alludes to: automatically verifies devices and Apple ID accounts without any action from the user.

Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users
2022-06-13 06:53

A technically sophisticated threat actor known as SeaFlower has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims' funds. "As of today, the main current objective of SeaFlower is to modify Web3 wallets with backdoor code that ultimately exfiltrates the seed phrase," Confiant's Taha Karim said in a technical deep-dive of the campaign.

How to always access your locked iOS device
2022-06-06 16:23

How to always access your locked iOS device We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. If you've recently changed your access password to your iOS device and you repeatedly try your old password only to remember after the device locks that you recently changed the password.

Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild
2022-05-20 21:20

Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821, the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution.

Cisco urges admins to patch IOS XR zero-day exploited in attacks
2022-05-20 20:39

Cisco has addressed a zero-day vulnerability in its IOS XR router software that allowed unauthenticated attackers to remotely access Redis instances running in NOSi Docker containers. The IOS XR Network OS is deployed on multiple Cisco router platforms, including NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers.