Update now! February’s Patch Tuesday tackles three zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Apple

Tags: Adobe

Tags: SAP

Tags: Citrix

Tags: Cisco

Tags: Atlassian

Tags: Google

Tags: Mozilla

Tags: Forta

Tags: OpenSSH

Tags: CVE-2023-21823

Tags: CVE-2023-21715

Tags: OneNote

Tags: CVE-2023-23376

Tags: CVE-2023-21706

Tags: CVE-2023-21707

Tags: CVE-2023-21529

Tags: CVE-2023-21716

Tags: CVE-2023-23378

Tags: CVE-2023-22501

Tags: CVE-2023-24486

Tags: CVE-2023-24484

Tags: CVE-2023-24484

Tags: CVE-2023-24483

Tags: CVE-2023-25136

Tags: GoAnywhere

Microsoft has released updates to patch three zero-days and lots of other vulnerabilities and so have several other vendors

(Read more…)

The post Update now! February’s Patch Tuesday tackles three zero-days appeared first on Malwarebytes Labs.

Read more

Update now! Apple patches vulnerabilities in MacOS and iOS

Categories: Apple

Categories: Exploits and vulnerabilities

Tags: Apple

Tags: macOS Ventura

Tags: 13.2.1

Tags: iOS

Tags: iPadOS

Tags: 16.3.1

Tags: CVE-2023-23514

Tags: CVE-2023-23522

Tags: CVE-2023-23529

Tags: use after free

Tags: type confusion

Apple has released patches for macOS Ventura, iPadOs, and iOS. Among the patched vulnerabilities is a WebKit vulnerability which may have been exploited in the wild.

(Read more…)

The post Update now! Apple patches vulnerabilities in MacOS and iOS appeared first on Malwarebytes Labs.

Read more

How to use Apple’s advanced iCloud security tools

Apple recently rolled out new iCloud security features that could help protect mobile professionals when they’re on the road. The features include better iCloud data security, improved iMessage security, and more.

Here is how to use these new iCloud protections.

Secure your digital assets

No one should doubt that protecting personal or enterprise data has become more important than ever. Apple introduced Lockdown Mode for iCloud in 2022, following this up with even more protections in December and, most recently, introducing free privacy and security sessions in Apple retail stores in 2023.

To read this article in full, please click here

Read more

Qualys now supports macOS in its cloud security tools

Qualys, sometimes described as one of the pioneering SaaS vendors, has bent with the times to begin offering Mac support within its cloud security offering.

A pioneer in SaaS goes Mac

Since it launched in 1999, Qualys has traditionally offered its services to PCs, mobile devices, and cloud-native applications. The company’s original 2000 product, QualysGuard, was distinguished as one of the first to market vulnerability management tools.

To read this article in full, please click here

Read more

US agency calls Apple, Google App Stores 'harmful'

Apple appears to have been given yet another set of reasons to expand its legal team as the US National Telecommunications and Information Administration (NTIA) calls for antitrust action to force Apple and Google to make big changes to their mobile app store business models.

What’s the problem?

NTIA is the principal advisor on telecommunications and Internet policy to the Biden administration. It argues that the way things are run at present may be “harmful,” arguing that Google’s and Apple’s “gatekeeper” positions may harm consumers by raising prices and reducing innovation.

To read this article in full, please click here

Read more

Own an older iPhone? Check you’re on the latest version to avoid this bug

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: iOS 12.5.7

Tags: CVE-2022-42856

Tags: type confusion

Tags: WebKit

Apple has now released security content for iOS 12.5.7 which includes a patch for an actively exploited vulnerability in WebKit and many other updates.

(Read more…)

The post Own an older iPhone? Check you’re on the latest version to avoid this bug appeared first on Malwarebytes Labs.

Read more

VASTFLUX ad fraud massively affected millions of iOS devices, dismantled

Categories: Apple

Categories: News

Tags: VASTFLUX

Tags: HUMAN

Tags: fast flux

Tags: VAST

Tags: Matryoshka

Tags: JavaScript

Tags: JS

Tags: iOS

Tags: ad fraud

Tags: malvertising

Tags: Video Ad Serving Template

Tags: VAST

Tags: command-and-control

Tags: C2

An evasive ad fraud campaign affecting iOS users has come to light. It’s called VASTFLUX.

(Read more…)

The post VASTFLUX ad fraud massively affected millions of iOS devices, dismantled appeared first on Malwarebytes Labs.

Read more