Security News

iOS 14: New privacy and security features
2020-09-22 05:30

Apple has released iOS 14, with a bucketload of new and improved functional features and a handful of privacy and security ones. New privacy and security features in iOS 14 The new iOS will tell you when an app is using your camera or microphone.

Dashlane rewrites its iOS app, improving efficiency, speed, and performance
2020-09-22 01:30

Dashlane announced the completion of a bottom-to-top rewrite of its iOS app, improving efficiency, speed, and performance. The goal of the rewrite encompassed keeping up with the ever-changing iOS landscape, while making sure there was minimal disturbance for current iOS app users, diligently maintaining usable code, and providing a better digital experience for millions of Dashlane users.

iOS 14 and iPadOS 14 Patch Vulnerabilities, Introduce New Privacy Features
2020-09-18 03:40

Apple has patched nearly a dozen vulnerabilities and it has introduced new privacy features with the release of iOS 14 and iPadOS 14 this week. The issues could result in applications causing a system crash or writing kernel memory, identifying other installed applications, leaking user information, or accessing restricted files; may allow attackers to download malicious content, execute arbitrary code, or view notification contents from the lockscreen; may lead to arbitrary code execution or a cross-site scripting attack; may allow a user to read kernel memory; or could result in the screen lock not engaging after the specified time period.

Apple will release iOS 14 without this privacy feature: What iPhone users and developers need to know
2020-09-04 23:07

The iOS 14, iPadOS 14, and tvOS 14 anti-tracking feature is on hold until early 2021 to give developers time to make the necessary changes, according to Apple. Apple released iOS 14 without a new anti-tracking feature.

Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild
2020-09-01 00:40

Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device," Cisco said in an advisory posted over the weekend.

Attackers Actively Targeting Cisco IOS XR Vulnerability
2020-08-31 13:47

Cisco over the weekend published information on a vulnerability in the IOS XR software that could be exploited to cause a denial of service condition. Cisco has warned that attackers are already attempting to exploit the vulnerability.

Facebook Hits Back At Apple’s iOS 14 Privacy Update
2020-08-27 16:10

Facebook is lambasting an upcoming Apple mobile operating system privacy update, which requires application to ask users for permission before collecting and sharing their data. In the iOS 14 update, Apple iPhone and iPad users have an explicit option to opt out of allowing apps to collect data using the Apple device identifier.

Popular iOS SDK Accused of Spying on Billions of Users and Committing Ad Fraud
2020-08-26 09:31

Although the names of the compromised apps using the SDK have not been disclosed, the code was uncovered in the iOS version of the Mintegral SDK, with the first version of the malicious SDK dating back to July 17, 2019. Hijack User Ad Clicks Stating that the SDK contains several anti-debug protection intending to hide the actual behavior of the application, Snyk uncovered evidence that Mintegral SDK not only intercepts all the ad clicks within an app but also use this information to fraudulently attribute the click to its ad network even in cases where a competing ad network has served the ad. It's worth noting that apps that feature in-app ads include SDKs from multiple ad networks with ad mediators' help.

Popular iOS SDK Accused of Spying on Billions of Users and Committing Ad Fraud
2020-08-25 10:54

Although the names of the compromised apps using the SDK have not been disclosed, the code was uncovered in the iOS version of the Mintegral SDK, with the first version of the malicious SDK dating back to July 17, 2019. Hijack User Ad Clicks Stating that the SDK contains several anti-debug protection intending to hide the actual behavior of the application, Snyk uncovered evidence that Mintegral SDK not only intercepts all the ad clicks within an app but also use this information to fraudulently attribute the click to its ad network even in cases where a competing ad network has served the ad. It's worth noting that apps that feature in-app ads include SDKs from multiple ad networks with ad mediators' help.

Malicious Behavior Allegedly Found in Advertising SDK Used by 1,200 iOS Apps
2020-08-24 16:27

Researchers at developer security company Snyk claim to have identified malicious behavior in an advertising SDK that is present in more than 1,200 iOS applications offered in the Apple App Store. Snyk says it has only identified the malicious behavior in iOS versions of the Mintegral advertising SDK; the code does not appear to be present in Android versions.