S3 Ep145: Bugs With Impressive Names!
Credit to Author: Paul Ducklin| Date: Thu, 27 Jul 2023 16:47:06 +0000
Fascinating fun (with a serious and educational side) – listen now! Full transcript available inside.
Read moreApple
Was Steve Jobs right about this?
Perhaps Steve Jobs was right to limit the amount of time he let his children use iPhones and iPads — a tradition Apple maintains with its Screen Time tool, which lets parents set limits on device use. Now, an extensive UNESCO report suggests that letting kids spend too much time on these devices can be bad for them.
Baked in inequality and lack of social skills
That’s the headline claim, but there’s a lot more to the report in terms of exploring data privacy, misuse of tech, and failed digital transformation experiments.
Update now! Apple fixes several serious vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: WebKit Tags: CVE-2023-38606 Tags: CVE-2023-32409 Tags: CVE-2023-37450 Tags: CVE-2023-32416 Apple has released security updates for several products to address several serious vulnerabilities including some actively exploited zero-days. |
The post Update now! Apple fixes several serious vulnerabilities appeared first on Malwarebytes Labs.
Read moreApple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day
Credit to Author: Paul Ducklin| Date: Mon, 24 Jul 2023 23:18:20 +0000
Another month, another patch for in-the-wild iPhone malware (and a whole lot more).
Read moreApple: Proposed UK law is a ‘serious, direct threat’ to security, privacy
New UK government surveillance laws are so over-reaching that tech companies can’t possibly meet all of their requirements, according to Apple, which argues the measures will make the online world far less safe.
Apple, WhatsApp, Meta all threaten to quit UK messaging
The UK Home Office is pushing proposals to extend the Investigatory Powers Act (IPA) with a range of proposals that effectively require messaging providers such as Apple, WhatsApp, or Meta to install backdoors into their services. All three services are now threatening to withdraw messaging apps from the UK market if the changes move forward.
This is why personal encryption is vital to the future of business
Data encryption is threatened by government forces who haven’t yet recognized that without personal security, you cannot have enterprise security. Because attackers will exploit any available weakness to undermine protection — and if your people or your customers aren’t secure, neither is your business.
Get with the data
Attackers will always go where the money is. They will spend lots of it to mount attacks. They will delve deeper, and if they’re spending money, they also have the necessary resources to investigate absolutely anyone they can identify as a potential target.
[Updated] Apple issues Rapid Security Response for zero-day vulnerability
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: Safari Tags: WebKit Tags: macOS Tags: iOS Tags: iPadOs Tags: CVE-2023-37450 Tags: drive-by Tags: code execution Apple has issued an update for a zero-day vulnerability in the WebKit browser engine which may be actively exploited. |
The post [Updated] Apple issues Rapid Security Response for zero-day vulnerability appeared first on Malwarebytes Labs.
Read moreUpdate now! Microsoft patches a whopping 130 vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: Adobe Tags: Apple Tags: Android Tags: Cisco Tags: Fortinet Tags: MOVEit Tags: Mozilla Tags: SAP Tags: VMware Tags: CVE-2023-32049 Tags: CVE-2023-35311 Tags: CVE-2023-32046 Tags: CVE-2023-36874 Tags: CVE-2023-36844 For the July 2023 Patch Tuesday, Microsoft has issued security updates for 130 vulnerabilities, four of which are known to have been actively exploited. |
The post Update now! Microsoft patches a whopping 130 vulnerabilities appeared first on Malwarebytes Labs.
Read moreApple issues Rapid Security Response for zero-day vulnerability
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: Safari Tags: WebKit Tags: macOS Tags: iOS Tags: iPadOs Tags: CVE-2023-37450 Tags: drive-by Tags: code execution Apple has issued an update for a zero-day vulnerability in the WebKit browser engine which may be actively exploited. |
The post Apple issues Rapid Security Response for zero-day vulnerability appeared first on Malwarebytes Labs.
Read moreApple's disappearing Rapid Security Response update (u)
Apple on Monday distributed its latest Rapid Security Response update to iPhones, iPads, and Macs, rolling out an important security patch to protect devices against a recently identified attack Apple says is already in active use.
“Apple is aware of a report that this issue may have been actively exploited,” the company said in its security note.
That’s bad, as it means someone somewhere has already been attacked using this vulnerability. The patch repairs a flaw found in WebKit in which processing web content could lead to arbitrary code execution.