WWDC: 18+ ways Apple plans to make you more secure

Vision Pro, Apple Silicon, Macs, new enterprise tools — and privacy protection were all among the many WWDC announcements Apple made this week.

Introducing these protections, Craig Federighi, Apple’s senior vice president for  software engineering said: “We are focused on keeping our users in the driver’s seat when it comes to their data by continuing to provide industry-leading privacy features and the best data security in the world.

To read this article in full, please click here

Read more

Microsoft gives Apple a migraine

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: macOS

Tags: Ventura 13.4

Tags: Monterey 12.6.6

Tags: Big Sur 11.7.7

Tags: libxpc

Tags: SIP

Tags: XPC

Tags: NVRAM

Tags: CVE-2023-32369

Tags: Migraine

Microsoft has released details about a vulnerability that can bypass macOS’s System Integrity Protection

(Read more…)

The post Microsoft gives Apple a migraine appeared first on Malwarebytes Labs.

Read more

A week in security (May 22-28)

Categories: News

Tags: Cisco

Tags: Zyxel

Tags: ChatGPT

Tags: Malvertising

Tags: Apple

Tags: Google

Tags: insider threat

Tags: Pentagon explosion

Tags: CISA

Tags: ransomware guide

Tags: Rheinmetall

Tags: BlackBasta

Tags: WordPress

A list of topics we covered in the week of May 22- 28 of 2023

(Read more…)

The post A week in security (May 22-28) appeared first on Malwarebytes Labs.

Read more

Addigy promises a fix for Apple devices stuck on OSUpdateScan

Enterprise admins handling fleets of Macs take note: there’s a new security management tool from Apple device management firm Addigy.

The MDM Watchdog Utility monitors the MDM framework on devices and automatically forces software patches to be installed if they’re not already in place. This is designed to help solve a specific problem in which some (not all) managed Macs do not properly install Apple’s Rapid Security Response updates.

When security isn’t

In today’s fast-moving threat environment, Apple has introduced Rapid Security Response (RSR) as a key front line against new threats. The defense is intended to be distributed and installed across Apple’s platforms as swiftly as possible once new threats are identified. The idea is that by expediting distribution and making installation a quicker process, it will be easier to maintain security across Mac fleets. That’s important as the scale of Apple deployments grows and enterprises move to support employee choice.

To read this article in full, please click here

Read more

Update now! Apple issues patches for three actively used zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: RSR

Tags: CVE-2023-32409

Tags: CVE-2023-28204

Tags: CVE-2023-32373

Tags: out of bounds

Tags: use after free

Apple issued information about patches against three actively exploited zero-days in WebKit. One vulnerability is new, two were patched earlier this month.

(Read more…)

The post Update now! Apple issues patches for three actively used zero-days appeared first on Malwarebytes Labs.

Read more

Why Apple's iOS 16.6 upgrade will be talk of the town

Apple’s big developer event is approaching, and it looks as if the company will press home its message on privacy as it begins to seed support for the AR operating systems it’s now expected to announce there.

Apple wants to get you updating

As of now, the Worldwide Developer Conference (WWDC) starting June 5 seems set to see Apple introduce its first mixed reality glasses, likely called RealityPro. These will be accompanied by an operating system that recent patent filings suggest will be called xrOS or xrProOS. The event will also see Apple introduce new iterations of its other operating systems, which developers will be able to work with soon after the show.

To read this article in full, please click here

Read more

Apple bans employees from using ChatGPT. Should you?

Read more

Steve Wozniak: ChatGPT-type tech may threaten us all

Apple co-founder Steve Wozniak has been touring the media to discuss the perils of generative artificial intelligence (AI), warning people to be wary of its negative impacts. Speaking to both the BBC and Fox News, he stressed that AI can misuse personal data, and raised concerns it could help scammers generate even more effective scams, from identity fraud to phishing to cracking passwords and beyond.

AI puts a spammer in the works

“We’re getting hit with so much spam, things trying to take over our accounts and our passwords, trying to trick us into them,” he said.

To read this article in full, please click here

Read more

Update now! May 2023 Patch Tuesday tackles three zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: CVE-2023-29336

Tags: CVE-2023-24932

Tags: bootkit

Tags: CVE-2023-29325

Tags: Outlook

Tags: preview

Tags: CVE-2023-24941

Tags: Apple

Tags: Cisco

Tags: Google

Tags: Android

Tags: VMWare

Tags: SAP

Tags: Mozilla

Microsoft’s Patch Tuesday round up for May 2023 includes patches for three zero-day vulnerabilities and one critical remote code execution vulnerability

(Read more…)

The post Update now! May 2023 Patch Tuesday tackles three zero-days appeared first on Malwarebytes Labs.

Read more