Security News
A recently observed campaign is attempting to infect the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to take over devices, Trend Micro reports. The attack involved the use of malicious links posted on forums popular in Hong Kong, which led users to real news sites where a hidden iframe would load and run malware.
Apple has just announced its latest something for everyone security and feature updates for iOS, iPadOS, macOS, watchOS, and tvOS. In terms of security, the attention grabber is iOS/iPad 13.4, which fixes 30 CVEs. As usual, WebKit browser engine and Safari gave Apple plenty to fix, all but one of which were found by sources outside the company, including an arbitrary code execution flaw, CVE-2020-3899, credited to Google's open source fuzzing tool, OSS-Fuzz.
Apple has released a slew of patches across its iOS and macOS operating systems, Safari browser, watchOS, tvOS and iTunes. Of the CVEs disclosed, 30 affected Apple's iOS, 11 impacted Safari and 27 affected macOS. Users for their part are urged to update to iOS 13.4, Safari 13.1 and macOS Catalina 10.15.3.
Apple has emitted a bundle of security fixes ranging across its product lines. For the flagship iOS, the 13.4 update includes fixes for 30 security holes.
Now an app developer called Mysk has discovered pasteboard's dark side - malicious apps could exploit it to work out a user's location even when that user has locked down app location sharing. In the simplest scenario, an iPhone user would take a photo, copy it between apps using the pasteboard, from which a malicious app could extract location metadata while comparing it with timestamps to determine whether it was current or taken in the past.
Any cut-and-paste data temporarily stored to an iPhone or iPad's memory can be accessed by all apps installed on the specific device - even malicious ones. To illustrate his concerns, Mysk created a rogue proof-of-concept app called KlipboardSpy and an iOS widget named KlipSpyWidget.
Almost within a year after releasing Microsoft Defender Advanced Threat Protection for macOS computers, Microsoft today announced a public preview of its antivirus software for various Linux distributions, including Ubuntu, RHEL, CentOS and Debian. If this news hasn't gotten you excited yet.... Microsoft is also planning to soon release Defender ATP anti-malware apps for smartphones and other devices running Google's Android and Apple's iOS mobile operating systems.
Almost within a year after releasing Microsoft Defender Advanced Threat Protection for macOS computers, Microsoft today announced a public preview of its antivirus software for various Linux distributions, including Ubuntu, RHEL, CentOS and Debian. If this news hasn't gotten you excited yet.... Microsoft is also planning to soon release Defender ATP anti-malware apps for smartphones and other devices running Google's Android and Apple's iOS mobile operating systems.
Learn how to keep your iOS devices-and your data-secure with these iOS 13 privacy settings and Apple resources. How to access the Privacy page in your iOS 13 Settings app.
Learn how to secure your iOS 13 devices and protect your privacy by tweaking the default settings. Devices using iOS 13 are some of the most secure in the world; however, there are settings you can change to make your iOS experience even more secure.