Mike Mimoso and Chris Brook talk about the week in news–the latest Gatekeeper bypass in OS X, Stagefright 2.0, that accidental Windows Update, and Apple’s privacy initiative.
Browsing Category: Apple
Apple pushed out its latest operating system, El Capitan, yesterday, and while it boasts many security fixes, the update fails to address the outstanding vulnerability in Gatekeeper that came to light this week.
Researcher Patrick Wardle will demonstrate a Mac OS X Gatekeeper bypass that exploits a weakness in the Apple OS that allows signed apps to execute malicious code.
Researchers found a weakness in XcodeGhost that puts it at risk for man-in-the-middle attacks.
Apple watchOS2 arrived with a host of security patches, including fixes for more than a dozen code-execution bugs.
iOS apps infected with the XcodeGhost malware have been removed from the App Store and three command domains communicating with infected apps have been shut down.
Exploit vendor Zerodium will host a month-long million-dollar bug bounty focused on Apple iOS 9.
Apple pushed out iOS 9 Wednesday, addressing a cornucopia of vulnerabilities, including bugs that could lead to arbitrary code execution, credential leakage, interface spoofing, among other issues.
There is a major vulnerability in a library in iOS that allows an attacker to overwrite arbitrary files on a target device and, when used in conjunction with other techniques, install a signed app that the device will trust without prompting the user with a warning dialog. The vulnerability lies in a library in both[…]