Apple iCloud Security Update (HT211847)

Apple iCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:icloud"; ifdescription...

CVE-2020-36521

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or...

Input validation

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or...

CVE-2020-36521

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or...

CVE-2020-36521

CVE-2020-36521 is an out-of-bounds read in the ImageIO path triggered by processing a malicious TIFF, fixed via input validation improvements. Affected products include Apple iCloud for Windows (11.4 and 7.21) and iOS/iPadOS 14.0+, watchOS 7.0, tvOS 14.0, and iTunes for Windows 12.10.9. Impact pe...

Apple iCloud for Windows 缓冲区错误漏洞

Apple iCloud for Windows is an American Apple Apple cloud service based on the Windows platform. The product supports storage of music, photos, apps, contacts, etc. A security vulnerability exists in Apple iCloud for Windows version 7.21, which stems from the fact that the processing of malicious...

Apple puts the password on life support with passkey

The "passwordless future" is something many internet users--and a great majority of the cybersecurity industry--have hoped for. Now Apple is about to make those hopes a reality. With the release of iOS 16 yesterday, and macOS Ventura next month, Apple fans will be able to use passkeys, its passwo...

New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts

Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation. "The threat actor targets individuals and employees that may have access to a Facebook Business account wit...

9 Years Jail for iCloud Phishing Scam Hacker Who Stole Nude Photos

By Deeba Ahmed The hacker was arrested in 2021 for breaching Apple iCloud accounts and stealing more than 620,000 private images… This is a post from HackRead.com Read the original post: 9 Years Jail for iCloud Phishing Scam Hacker Who Stole Nude Photos...

Apple’s passkeys attempt to solve the password problem

The recent Apple Worldwide Developers Conference WWDC revealed another teasing of what has been referred to as "the end of passwords forever". Passkeys are a "new biometric sign-in standard". Biometrics in security circles are used for things like identity cards, building access, and so on. This...

CVE-2022-26724

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication...

CVE-2022-26724

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication...

CVE-2022-26724

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication...

Authentication flaw

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication...

CVE-2022-26724

The CVE-2022-26724 issue affects tvOS and is described as an authentication issue that was addressed with improved state management. It is fixed in tvOS 15.5, where a local user may previously have been able to enable iCloud Photos without authentication. The Apple security content entry for tvOS...

CVE-2022-26724

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 15.5. A local user may be able to enable iCloud Photos without authentication...

Apple’s child safety features are coming to a Messages app near you

Apple will soon be rolling out its promised child safety features in the Messages app for users in Australia, Canada, New Zealand, and the UK. The announcement comes four months after the features initial launch in the US on the iOS, iPad, and macOS devices. To make communicating with Messages...

MetaMask Asks Apple Users to Disable iCloud Backup for Wallet After User Lost $650,000

By Waqas MetaMask has warned Apple users to disable automatic iCloud backup of their wallet data. The warning results from… This is a post from HackRead.com Read the original post: MetaMask Asks Apple Users to Disable iCloud Backup for Wallet After User Lost $650,000...

Powering and Protecting Online Privacy: iCloud Private Relay and Information for Akamai Customers

See how Apple worked with Akamai to launch iCloud Private Relay. Learn about the service and how it can be best leveraged for Akamai customers...

Sync iCloud COS < 2.0.1 - Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the 本地文件夹 or URL前缀 settings of the plugin: " style=animation-name:rotation...