Apple pushed its first automated patch, fixing recently uncovered vulnerabilities in the Network Time Protocol (NTP).
Browsing Category: Apple
Yik Yak, an application that allows users to share purportedly anonymous status updates with others near them, has fixed a critical privacy vulnerability in the iOS version of its app.
Apple has pulled a batch of security updates for Safari that it initially released yesterday.
Apple has patched 10 vulnerabilities in iOS, including a pair of bugs that allowed arbitrary code execution and one that enables an attacker to run random binaries on a target device.
Apple responds to the Masque vulnerability, saying that it is unaware of any users affected by the vulnerability, which allows hackers to swap out legitimate iOS apps with malicious ones.
Mike Mimoso and Dennis Fisher talk about the Windows Schannel vulnerability and whether it’s ripe for mass exploitation, as well as the WireLurker attack and why Apple hasn’t addressed it.
Researchers at FireEye disclosed Masque, a vulnerability in iOS that enabled the WireLurker attacks. It was reported in July, but has yet to be patched by Apple.
A Windows version of the WireLurker malware has been discovered, and like the Mac OS X version, it too is believed to have been shut down.
Researchers at Palo Alto Networks discovered a new family of Mac OS X malware that was capable of also infecting iOS devices. The command infrastructure supporting WireLurker has been shut down.
The last year has produced a rogues’ gallery of vulnerabilities in transport layer security implementations and new attacks on the key protocols, from Heartbleed to the Apple gotofail flaw to the recent POODLE attack. To help developers and security researchers identify applications that are vulnerable to known SSL/TLS attacks and configuration problems, Google is releasing a[…]