iOS apps infected with the XcodeGhost malware have been removed from the App Store and three command domains communicating with infected apps have been shut down.
Browsing Tag: apple
Exploit vendor Zerodium will host a month-long million-dollar bug bounty focused on Apple iOS 9.
Apple pushed out iOS 9 Wednesday, addressing a cornucopia of vulnerabilities, including bugs that could lead to arbitrary code execution, credential leakage, interface spoofing, among other issues.
There is a major vulnerability in a library in iOS that allows an attacker to overwrite arbitrary files on a target device and, when used in conjunction with other techniques, install a signed app that the device will trust without prompting the user with a warning dialog. The vulnerability lies in a library in both[…]
Dennis Fisher talks with Window Snyder of Fastly about her early interest in technology, what it was like meeting the L0pht crew at the MIT Flea as a teenager, her time at @stake, working on XP SP2 at Microsoft, Apple’s security evolution and much more.
Researchers have discovered a new strain of iOS malware dubbed KeyRaider that targets jailbroken devices and has the ability to steal certificates, private keys, and Apple account information. The malware already has claimed the private Apple account data of more than 225,000 victims. The KeyRaider malware was discovered by researchers at Palo Alto Networks, who[…]
A patched iOS vulnerability can be exploited to allow malicious apps to bypass background restrictions and exploit Apple devices.
Apple pushed out a new version of QuickTime that patched nine vulnerabilities, including a handful of denial of service and code execution bugs.
Apple patched an issue last week in iOS that could have allowed attackers to bypass the third-party app-sandbox protection mechanism on devices and read arbitrary managed preferences via a special app.
Italian researcher Luca Todesco explains how exploiting two vulnerabilities in OS X gain enable root access for a hacker. He won’t, however, say why he went public with details and exploit code before Apple patched.