Apple – Page 8 – PossibleThreat Articles

Researchers build a scary Mac attack using AI and sound

August 8, 2023 0 Comments Apple, Artificial intelligence, computers and peripherals, MacOS, Security

A UK research team based at Durham University has identified an exploit that could allow attackers to figure out what you type on your MacBook Pro — based on the sound each keyboard tap makes.

These kinds of attacks aren’t particularly new. The researchers found research dating back to the 1950s into using acoustics to identify what people write. They also note that the first paper detailing use of such an attack surface was written for the US National Security Agency (NSA) in 1972, prompting speculation such attacks may already be in place.

“(The) governmental origin of AS- CAs creates speculation that such an attack may already be possible on modern devices, but remains classified,” the researchers wrote.

To read this article in full, please click here

ComputerWorld Independent

Apple toughens up app security with API control

July 28, 2023 0 Comments Apple, Data privacy, Privacy, Security, Software Development

Apple is at war with device fingerprinting — the use of fragments of unique device-specific information to track users online. This fall, it will put in place yet another important limitation to prevent unauthorized use of this kind of tech.

Apple at WWDC 2023 announced a new initiative designed to make apps that do track users more obvious while giving users additional transparency into such use. Now it has told developers a little more about how this will work in practice.

To read this article in full, please click here

Security Sophos

S3 Ep145: Bugs With Impressive Names!

July 27, 2023 0 Comments Apple, bwain, Cryptography, data loss, iPhone, Naked Security Podcast, Podcast, spyware, tetra:burst, triangulation trojan, vulnerability, zenbleed

Credit to Author: Paul Ducklin| Date: Thu, 27 Jul 2023 16:47:06 +0000

Fascinating fun (with a serious and educational side) – listen now! Full transcript available inside.

ComputerWorld Independent

Was Steve Jobs right about this?

July 26, 2023 0 Comments Apple, Artificial intelligence, Data privacy, education industry, Mobile, small and medium business

Perhaps Steve Jobs was right to limit the amount of time he let his children use iPhones and iPads — a tradition Apple maintains with its Screen Time tool, which lets parents set limits on device use. Now, an extensive UNESCO report suggests that letting kids spend too much time on these devices can be bad for them.

Baked in inequality and lack of social skills

That’s the headline claim, but there’s a lot more to the report in terms of exploring data privacy, misuse of tech, and failed digital transformation experiments.

To read this article in full, please click here

MalwareBytes Security

Update now! Apple fixes several serious vulnerabilities

July 25, 2023 0 Comments Apple, cve-2023-32409, cve-2023-32416, cve-2023-37450, cve-2023-38606, Exploits and vulnerabilities, news, webkit

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: WebKit

Tags: CVE-2023-38606

Tags: CVE-2023-32409

Tags: CVE-2023-37450

Tags: CVE-2023-32416

Apple has released security updates for several products to address several serious vulnerabilities including some actively exploited zero-days.

Security Sophos

Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day

July 24, 2023 0 Comments Apple, Exploit, triangulation, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Mon, 24 Jul 2023 23:18:20 +0000

Another month, another patch for in-the-wild iPhone malware (and a whole lot more).

ComputerWorld Independent

Apple: Proposed UK law is a ‘serious, direct threat’ to security, privacy

July 21, 2023 0 Comments Apple, Data privacy, Government, messaging apps, Mobile, Privacy, Security, small and medium business

New UK government surveillance laws are so over-reaching that tech companies can’t possibly meet all of their requirements, according to Apple, which argues the measures will make the online world far less safe.

Apple, WhatsApp, Meta all threaten to quit UK messaging

The UK Home Office is pushing proposals to extend the Investigatory Powers Act (IPA) with a range of proposals that effectively require messaging providers such as Apple, WhatsApp, or Meta to install backdoors into their services. All three services are now threatening to withdraw messaging apps from the UK market if the changes move forward.

To read this article in full, please click here

ComputerWorld Independent

This is why personal encryption is vital to the future of business

July 18, 2023 0 Comments Apple, Data privacy, Mobile, Privacy, Security, small and medium business

Data encryption is threatened by government forces who haven’t yet recognized that without personal security, you cannot have enterprise security. Because attackers will exploit any available weakness to undermine protection — and if your people or your customers aren’t secure, neither is your business.

Get with the data

Attackers will always go where the money is. They will spend lots of it to mount attacks. They will delve deeper, and if they’re spending money, they also have the necessary resources to investigate absolutely anyone they can identify as a potential target.

To read this article in full, please click here

MalwareBytes Security

[Updated] Apple issues Rapid Security Response for zero-day vulnerability

July 17, 2023 0 Comments Apple, code execution, cve-2023-37450, drive-by, Exploits and vulnerabilities, iOS, ipados, MacOS, news, Safari, webkit

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: Safari

Tags: WebKit

Tags: macOS

Tags: iOS

Tags: iPadOs

Tags: CVE-2023-37450

Tags: drive-by

Tags: code execution

Apple has issued an update for a zero-day vulnerability in the WebKit browser engine which may be actively exploited.

MalwareBytes Security

Update now! Microsoft patches a whopping 130 vulnerabilities

July 12, 2023 0 Comments Adobe, Android, Apple, Cisco, cve-2023-32046, cve-2023-32049, cve-2023-35311, cve-2023-36844, cve-2023-36874, Exploits and vulnerabilities, fortinet, Microsoft, moveit, Mozilla, news, sap, vmware

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Adobe

Tags: Apple

Tags: Android

Tags: Cisco

Tags: Fortinet

Tags: MOVEit

Tags: Mozilla

Tags: SAP

Tags: VMware

Tags: CVE-2023-32049

Tags: CVE-2023-35311

Tags: CVE-2023-32046

Tags: CVE-2023-36874

Tags: CVE-2023-36844

For the July 2023 Patch Tuesday, Microsoft has issued security updates for 130 vulnerabilities, four of which are known to have been actively exploited.