S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]
Credit to Author: Paul Ducklin| Date: Thu, 16 Feb 2023 17:46:04 +0000
Latest episode – listen now! (Full transcript inside.)
Read moreCredit to Author: Paul Ducklin| Date: Thu, 16 Feb 2023 17:46:04 +0000
Latest episode – listen now! (Full transcript inside.)
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: patch Tuesday Tags: Microsoft Tags: Apple Tags: Adobe Tags: SAP Tags: Citrix Tags: Cisco Tags: Atlassian Tags: Google Tags: Mozilla Tags: Forta Tags: OpenSSH Tags: CVE-2023-21823 Tags: CVE-2023-21715 Tags: OneNote Tags: CVE-2023-23376 Tags: CVE-2023-21706 Tags: CVE-2023-21707 Tags: CVE-2023-21529 Tags: CVE-2023-21716 Tags: CVE-2023-23378 Tags: CVE-2023-22501 Tags: CVE-2023-24486 Tags: CVE-2023-24484 Tags: CVE-2023-24484 Tags: CVE-2023-24483 Tags: CVE-2023-25136 Tags: GoAnywhere Microsoft has released updates to patch three zero-days and lots of other vulnerabilities and so have several other vendors |
The post Update now! February’s Patch Tuesday tackles three zero-days appeared first on Malwarebytes Labs.
Read moreCategories: Apple Categories: Exploits and vulnerabilities Tags: Apple Tags: macOS Ventura Tags: 13.2.1 Tags: iOS Tags: iPadOS Tags: 16.3.1 Tags: CVE-2023-23514 Tags: CVE-2023-23522 Tags: CVE-2023-23529 Tags: use after free Tags: type confusion Apple has released patches for macOS Ventura, iPadOs, and iOS. Among the patched vulnerabilities is a WebKit vulnerability which may have been exploited in the wild. |
The post Update now! Apple patches vulnerabilities in MacOS and iOS appeared first on Malwarebytes Labs.
Read moreApple recently rolled out new iCloud security features that could help protect mobile professionals when they’re on the road. The features include better iCloud data security, improved iMessage security, and more.
Here is how to use these new iCloud protections.
No one should doubt that protecting personal or enterprise data has become more important than ever. Apple introduced Lockdown Mode for iCloud in 2022, following this up with even more protections in December and, most recently, introducing free privacy and security sessions in Apple retail stores in 2023.
Credit to Author: Paul Ducklin| Date: Tue, 14 Feb 2023 13:08:32 +0000
Everyone update now! Except for those who don’t need to! Or who need to but will only get updates later on, though Apple isn’t saying yet!
Read moreQualys, sometimes described as one of the pioneering SaaS vendors, has bent with the times to begin offering Mac support within its cloud security offering.
Since it launched in 1999, Qualys has traditionally offered its services to PCs, mobile devices, and cloud-native applications. The company’s original 2000 product, QualysGuard, was distinguished as one of the first to market vulnerability management tools.
Apple appears to have been given yet another set of reasons to expand its legal team as the US National Telecommunications and Information Administration (NTIA) calls for antitrust action to force Apple and Google to make big changes to their mobile app store business models.
NTIA is the principal advisor on telecommunications and Internet policy to the Biden administration. It argues that the way things are run at present may be “harmful,” arguing that Google’s and Apple’s “gatekeeper” positions may harm consumers by raising prices and reducing innovation.
Credit to Author: Paul Ducklin| Date: Thu, 26 Jan 2023 15:57:17 +0000
Lastest episode – listen now! (Or read the transcript.)
Read moreCategories: Apple Categories: Exploits and vulnerabilities Categories: News Tags: iOS 12.5.7 Tags: CVE-2022-42856 Tags: type confusion Tags: WebKit Apple has now released security content for iOS 12.5.7 which includes a patch for an actively exploited vulnerability in WebKit and many other updates. |
The post Own an older iPhone? Check you’re on the latest version to avoid this bug appeared first on Malwarebytes Labs.
Read moreCategories: Apple Categories: News Tags: VASTFLUX Tags: HUMAN Tags: fast flux Tags: VAST Tags: Matryoshka Tags: JavaScript Tags: JS Tags: iOS Tags: ad fraud Tags: malvertising Tags: Video Ad Serving Template Tags: VAST Tags: command-and-control Tags: C2 An evasive ad fraud campaign affecting iOS users has come to light. It’s called VASTFLUX. |
The post VASTFLUX ad fraud massively affected millions of iOS devices, dismantled appeared first on Malwarebytes Labs.
Read more