28 Mar, 2023
0-day, Apple, Exploit, iOS, iPad, iPadOS, iPhone, macOS, Security News, Vulnerability, zero day
by Paul Ducklin Apple’s latest update blast is out, including an extensive range of security patches for all devices that Apple offcially supports. There are fixes for iOS, iPadOS, tvOS and watchOS, along with patches for all three supported flavours of macOS, and even a special update to the firmware . . . Read more
15 Mar, 2023
0-day, Exploit, Microsoft, MOTW, NTLM v2, Outlook, patch tuesday, Security News, SmartScreen, Vulnerability, Windows, zero day
by Paul Ducklin Thanks to the precise four-week length of February this year, last month’s coincidence of Firefox and Microsoft updates has happened once again. Last month, Microsoft dealt with three zero-days, by which we mean security holes that cybercriminals found first, and figured out how to abuse in real-life . . . Read more
15 Dec, 2022
0-day, Apple, Ben-Gurion University, Data loss, iOS, Malware, Microsoft, Naked Security Podcast, podcast, Privacy, Security News, skimming, supply chain, Vulnerability, zero day
Return o’ the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Review your servers, your patches and your authentication policies – there’s a proof-of-concept out
In all the excitement, we kind of lost count ourselves. Were there six 0-days, or only four?
29 Oct, 2022
0-day, chrome, Chromium, CVE-2022-3723, Edge, Exploit, google, Google Chrome, Security News, Vulnerability, zero day
We’ve said it before/And we’ll say it again/It’s not *if* you should patch/It’s a matter of *when*. (Hint: now!)
25 Oct, 2022
0-day, Apple, CVE-2022-42827, Exploit, iOS, iPad, iPhone, Mac, OS-X, Security News, Vulnerability, zer-day
Ventura hits the market with 112 patches, Catalina’s gone missing, and iPhones and iPads get a critical kernel-level zero-day patch…
There’s a zero-day patch, but it’s not for the zero-day you thought.
Running Chrome? Do the “Help-About-Update” dance move right now, just to be sure…
You’ll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.