Security News
A strange bug in iOS is causing the Clock app to crash when creating a new alarm if the device's timezone is set to Beirut, Lebanon. Today, a reader shared the bug with BleepingComputer, and after testing it on devices running iOS 14.4 and 14.4.1, we can confirm that the Clock apps crashes if we are using the Beirut timezone.
Apple on Monday released security patches for macOS, iOS, iPadOS, watchOS, and Safari to fix up a vulnerability that can be exploited by malicious web pages to run malware on victims' computers and gadgets. Apple thanks Clément Lecigne of Google's Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research for reporting the arbitrary code execution security flaw, CVE-2021-1844, which is present in WebKit, the browser engine used by various bits of Cupertino code.
A popular jailbreaking tool called "Unc0ver" has been updated to support iOS 14.3 and earlier releases, thereby making it possible to unlock almost every single iPhone model using a vulnerability that Apple in January disclosed was actively exploited in the wild. The latest release, dubbed unc0ver v6.0.0, was released on Sunday, according to its lead developer Pwn20wnd, expanding its compatibility to jailbreak any device running iOS 11.0 through iOS 14.3 using a kernel vulnerability, including iOS 12.4.9-12.5.1, 13.5.1-13.7, and 14.0-14.3.
The jailbreak-which UnC0ver said works on iOS versions 11.0 to 14.3-exploits the kernel vulnerability CVE-2021-1782, one of three iOS flaws for which Apple released an emergency update, iOS 14.4, last month. Anyone with a device running 14.3 or earlier version of iOS can use the tool to hack into their iPhone, according to UnC0ver.
Google Chrome for iOS is getting a new privacy feature that lets you lock your opened Incognito tabs behind your iPhone's Face ID or Touch ID biometric authentication features. If a user leaves their phone unlocked, someone can launch Chrome and view the currently open Incognito mode tabs.
Google Chrome for iOS is getting a new privacy feature that lets you lock your opened Incognito tabs behind your iPhone's Face ID or Touch ID biometric authentication features. If a user leaves their phone unlocked, someone can launch Chrome and view the currently open Incognito mode tabs.
Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google. To achieve this, Apple relies on Google Safe Browsing - or Tencent Safe Browsing for users in Mainland China - a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent.
Apple's forthcoming iOS 14.5 release, currently in beta, will conceal the IP address of Safari web surfers from Google's Safe Browsing service, integrated into Safari to spot fraudulent websites. That means when Safari users visit a website with Safe Browsing active, their IP addresses will be associated with an Apple domain rather than their internet service provider or corporate network.
Qualys announced it is expanding Qualys VMDR to mobile devices with support for Android and iOS/iPadOS delivering an end-to-end solution for mobile device security. Qualys' all-in-one VMDR provides in-depth mobile device visibility, data security insights, proactive posture monitoring, and automated response for all iOS and Android devices and installed apps - just like VMDR does for on premises, endpoints, clouds, containers, OT and IoT assets.
Facebook has created a new screen in its iOS app that will urge people to allow it to continue stalking their online activities for targeted advertising. This is in response to Apple preparing to introduce a prompt that asks users whether or not they want to grant Facebook's software permission to track them when they use other apps and websites.