An issue in iOS WebView that is trivial to exploit can give an attacker the ability to trigger phone calls from a targeted device, researcher Collin Mulliner said.
Browsing Tag: apple
A phishing campaign aimed at Apple users in China that relies heavily on typosquatting has resurfaced.
Apple said over the weekend it would soon distrust certificates issued by WoSign’s Free SSL Certificate G2 intermediate CA on macOS.
The latest on the Yahoo breach, Germany’s problem with WhatsApp-Facebook, Facebook’s osquery tool for Windows, and Zerodium’s $1.5M iOS bounty are all discussed.
The news of the week is discussed, including Schneier’s DDoS article, a patched IE/Edge zero day, a new OS X malware detection method, and Google’s Project Zero prize.
Today’s release of iOS 10 also included patches for seven vulnerabilities and the news that security updates will now be delivered by HTTPS connections.
A researcher says the future of OS X malware detection may be rooted in patterns and heatmap visualization.
Researchers at Kaspersky Lab on Wednesday confirmed that an OS X variant of a recently discovered family of cross-platform backdoors exists.
Apple has patched the Trident vulnerabilities in OS X and Safari. The flaws were originally disclosed in iOS and used to spy on a UAE human rights activist.
Competing zero-day acquisition programs pay out much more than Apple’s new bug bounty program, but researchers used to submitting bugs gratis to Apple aren’t complaining much.