Security News
Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have been pwned on this year's contest," the event organizers said.
Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild. The zero-days were discovered and reported to Apple by Google's Project Zero security team.
Apple on Thursday issued security updates for iOS, iPadOS, watchOS, and macOS that address three holes reported by Google's Project Zero bug hunters among exploitable flaws found by others. The iPhone giant's security bulletins note that the three flaws discovered and reported by Project Zero - CVE-2020-27930, CVE-2020-27950, and CVE-2020-27932 - are being actively exploited in the wild.
Apple has patched today three iOS zero-day vulnerabilities actively exploited in the wild and affecting iPhone, iPad, and iPod devices. The zero-days were addressed by Apple earlier today, with the release of iOS 14.2, the mobile OS's latest stable version.
Ensure apps can only access the photos and albums that you designate by using the new limited photos picker in iOS 14. iOS 14 introduced a substantial change to privacy controls around the access of photos and photo albums: Apple is allowing users to choose exactly which photos that apps can access instead of allowing them to be granted full access or no access to the photo library.
Avatier announced the release of Avatier for iOS and Android, a new mobile app platform that creates a collaborative, self-service approach to enterprise access without compromising security. Avatier's new mobile experience is designed for the modern workforce, giving employees, customers, contractors and vendors a single mobile app that enables self-service business agility for time-sensitive security requests.
SlashNext announced the on-device AI mobile phishing defense for iOS and Android with natural language and link-based detection to protect users from the exponential increase in mobile-based SMS phishing attacks. Now SlashNext, customers and partners can benefit from the industry's fastest and most accurate, 2.0 mobile AI phishing defense, protecting users from all forms of phishing across all their communication channels - SMS, email, social networking, gaming, collaboration and search - without compromising user privacy or performance.
Cisco yesterday released security patches for two high-severity vulnerabilities affecting its IOS XR software that were found exploited in the wild a month ago. Tracked as CVE-2020-3566 and CVE-2020-3569, details for both zero-day unauthenticated DoS vulnerabilities were made public by Cisco late last month when the company found hackers actively exploiting Cisco IOS XR Software that is installed on a range of Cisco's carrier-grade and data center routers.
Cisco on Thursday informed customers that it has patched 34 high-severity vulnerabilities affecting its IOS and IOS XE software, including many that can be exploited remotely without authentication. The company has released a total of 25 advisories as part of the September 2020 semiannual IOS and IOS XE Software Security Advisory Bundled Publication.