Apple has patched 10 vulnerabilities in iOS, including a pair of bugs that allowed arbitrary code execution and one that enables an attacker to run random binaries on a target device.
Browsing Category: Apple
Apple responds to the Masque vulnerability, saying that it is unaware of any users affected by the vulnerability, which allows hackers to swap out legitimate iOS apps with malicious ones.
Mike Mimoso and Dennis Fisher talk about the Windows Schannel vulnerability and whether it’s ripe for mass exploitation, as well as the WireLurker attack and why Apple hasn’t addressed it.
Researchers at FireEye disclosed Masque, a vulnerability in iOS that enabled the WireLurker attacks. It was reported in July, but has yet to be patched by Apple.
A Windows version of the WireLurker malware has been discovered, and like the Mac OS X version, it too is believed to have been shut down.
Researchers at Palo Alto Networks discovered a new family of Mac OS X malware that was capable of also infecting iOS devices. The command infrastructure supporting WireLurker has been shut down.
The last year has produced a rogues’ gallery of vulnerabilities in transport layer security implementations and new attacks on the key protocols, from Heartbleed to the Apple gotofail flaw to the recent POODLE attack. To help developers and security researchers identify applications that are vulnerable to known SSL/TLS attacks and configuration problems, Google is releasing a[…]
Apple has fixed a huge number of security vulnerabilities in OS X and iTunes and, at the same time, is being hit with criticisms about privacy issues in the new version of OS X. The latest version of the operating system, known as Yosemite, sends location information to Apple by default via the Spotlight search[…]
FBI Director James Comey said Thursday that the recent movement toward default encryption of smartphones and other devices could “lead us to a very, very dark place.” Echoing comments made by law enforcement officials for the last several decades, Comey said that the advanced cryptosystems available today threaten to cripple the ability of intelligence and law[…]
The changes that both Google and Apple have made to their mobile operating systems to encrypt the data on users’ devices have generated praise from the security and privacy communities and vitriol and criticism from the law enforcement and political worlds in equal measure.