Security News

iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUs
2023-10-26 16:49

A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the...

How to Remove an Apple ID from an iPhone
2023-10-23 16:19

Learn how to remove an Apple ID from your iPhone easily with this step-by-step guide. There are many reasons you might wish to remove an Apple ID from an iPhone without performing a full factory reset.

Apple fixes iOS Kernel zero-day vulnerability on older iPhones
2023-10-12 16:40

Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks. The first zero-day is a privilege escalation vulnerability caused by a weakness in the XNU kernel that can let local attackers elevate privileges on vulnerable iPhones and iPads.

Apple emergency update fixes new zero-day used to hack iPhones
2023-10-04 18:19

Apple released emergency security updates to patch a new zero-day security flaw exploited in attacks targeting iPhone and iPad users. The zero-day is caused by a weakness discovered in the XNU kernel that enables local attackers to escalate privileges on unpatched iPhones and iPads.

Common Errors When Connecting Multiple iPhones to One Apple ID
2023-10-02 22:01

Surprises often arise when connecting two iPhones to the same Apple ID. Addressing several key settings helps avoid common mistakes. Although connecting two iPhones to the same Apple ID has its advantages - including expanding your or a partner's access to your documents, spreadsheets and presentations - unpleasant surprises can arise such as unintentionally revealing contact and calendar information and mistakenly sending texts from the wrong number.

Apple squashes security bugs after iPhone flaws exploited by Predator spyware
2023-09-22 19:58

Apple has emitted patches this week to close security holes that have been exploited in the wild by commercial spyware. We've just learned today that the Predator spyware sold by Intellexa used these vulnerabilities to infect at least one target's iPhone.

Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
2023-09-22 10:05

Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities exploited "Against versions of iOS before iOS 16.7.". Earlier this month, Apple closed two zero-day vulnerabilities that have been chained together by attackers to deliver NSO Group's Pegasus spyware.

Russian Journalist's iPhone Compromised by NSO Group's Zero-Click Spyware
2023-09-14 08:51

The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed. The Washington Post reported that the Russian government is not a client of NSO Group, citing an unnamed person familiar with the company's operations.

France demands Apple pull iPhone 12 due to high RF radiation levels
2023-09-13 17:41

The Agence Nationale des Fréquences has asked Apple to withdraw iPhone 12 smartphones from the French market because the device emits radiofrequency energy that is beyond the limit permitted to be absorbed by the human body. ANFR says it recently conducted measurements on 141 phones available on the French market by contracting an accredited laboratory, where it found that iPhone 12's SAR value for limbs is 5.74 W/kg, exceeding the 4.0 W/kg limit by 43.5%. As such, the agency demands that Apple withdraws all iPhone 12 devices from the French market and takes the required action to make them compliant with European regulations.

Zero-Click Exploit in iPhones
2023-09-13 11:13

Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain to deploy NSO Group's Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061, allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachments containing malicious images.