It wasn’t dead, just resting.
Want to know more about this topic or about us? Contact us!
It wasn’t dead, just resting.
by Paul Ducklin Apple patches a raft of serious security holes. Police arrest eight suspects in an online scamming ring. We explain how WhatsApp messages from hacked accounts are helping cybercrooks bypass 2FA. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. LISTEN NOW . . . Read more
by Paul Ducklin We’ve seen several news stories talking up some great new features in Apple’s latest software update for iOS, which was released yesterday. However, we’re much more interested in the security patches that arrived in the update to iOS 14.6, because Apple fixed 38 significant bugs, covered by . . . Read more
by Paul Ducklin Remember XcodeGhost? It was a pirated and malware-tainted version of Apple’s XCode development app that worked in a devious way. You may be wondering, as we did back in 2015, why anyone would download and use a pirated version of Xcode.app when the official version is available . . . Read more
At least 6,500 cryptocurrency users have been infected by new, ‘extremely intrusive’ malware that’s spread via trojanized macOS, Windows and Linux apps. A new remote access tool (RAT) has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private . . . Read more
Noted Apple security expert Patrick Wardle discusses how cybercriminals are stepping up their game in targeting Apple users with new techniques and cyberattacks. A recently uncovered zer0-click Apple zero-day flaw, used in a spyware campaign against Al Jazeera journalists, shed light this week on the impact of Apple security issues being . . . Read more
Adobe fixed three critical-severity flaws in Adobe Prelude, Adobe Experience Manager and Adobe Lightroom. Adobe Systems has stomped out critical-severity flaws across its Adobe Prelude, Adobe Experience Manager and Adobe Lightroom applications. If exploited, the serious vulnerabilities could lead to arbitrary code execution. Overall, Adobe issued patches for flaws tied . . . Read more
The new backdoor comes with multiple payloads and new detection evasion tactics. A macOS backdoor variant has been uncovered that relies of multi-stage payloads and various updated anti-detection techniques. Researchers linked it to the OceanLotus advanced persistent threat (APT) group. The Vietnam-backed OceanLotus (also known as APT 32) has been . . . Read more
Attackers can exploit the feature and send people’s data directly to remote servers, posing a privacy and security risk, researchers said. Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypasses content filters and VPNs. They say . . . Read more
Developers will have to reveal how data is shared with any “third-party partners,” which include analytics tools, advertising networks, third-party SDKs or other external vendors.