Security News

An extortion campaign targeting Chinese, Korean, and Japanese speakers recently started using a new piece of spyware, mobile security firm Lookout reported on Wednesday. The campaign is focused on infecting iOS and Android of illicit sites, such as those offering escort services, in order to steal personal information, likely with the intent to blackmail or extort victims.

Apple on Monday released a major point-upgrade to its flagship iOS and iPadOS mobile operating systems to patch a handful of serious security vulnerabilities. The iOS 14.3 and iPadOS 14.3 release will provide cover for 11 documented security flaws, some serious enough to expose iPhones and iPads to code execution attacks.

Google Project Zero has disclosed the details of an iOS exploit that allows an attacker to hack iPhones remotely over Wi-Fi and steal sensitive data, without any user interaction. According to Beer, the exploit leverages a single memory corruption vulnerability that can be used against an iPhone 11 Pro device to bypass mitigations and achieve native code execution and kernel memory reading and writing.

Apple has new features in iOS 14 and macOS 11 Safari that disable trackers from learning which websites you visit to protect your privacy. Apple has introduced a new privacy tracking feature in Safari in iOS 14 and macOS 11 Big Sur that will let you know which websites are tracking you and display the trackers that Safari has blocked.

When browsing webpages, such as news articles in the Safari web browser on an iPhone or iPad, users can choose to select and share a partial text excerpt from the page, rather than the entire page itself. "It's actually a useful feature that's great for pointing out specific passages in blogs, news articles, and more," Juli Clover, the website's editor had said earlier.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. In it, he noted [PDF] that in three years, the optimal cost per component on a chip had dropped by a factor of 10, while the optimal number had increased by the same factor, from 10 to 100.

Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have been pwned on this year's contest," the event organizers said.

Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild. The zero-days were discovered and reported to Apple by Google's Project Zero security team.

Apple on Thursday issued security updates for iOS, iPadOS, watchOS, and macOS that address three holes reported by Google's Project Zero bug hunters among exploitable flaws found by others. The iPhone giant's security bulletins note that the three flaws discovered and reported by Project Zero - CVE-2020-27930, CVE-2020-27950, and CVE-2020-27932 - are being actively exploited in the wild.

Apple has patched today three iOS zero-day vulnerabilities actively exploited in the wild and affecting iPhone, iPad, and iPod devices. The zero-days were addressed by Apple earlier today, with the release of iOS 14.2, the mobile OS's latest stable version.