3591 matches found
CVE-2021-1825
CVE-2021-1825 is a WebKit/WebKit-related input validation issue that could enable cross-site scripting when processing malicious web content. Apple’s security content for Safari 14.1 and related WebKit components lists this CVE under WebKit’s input validation and notes it is fixed in Safari 14.1 ...
Apple delays plans to search devices for child abuse imagery
After the uproar from users and privacy advocates about Apple’s controversial plans to scan users devices for photos and messages containing child abuse and exploitation media, the company has decided to put the brakes on the plan. If you may recall, Apple announced in early August that it would...
Apple Delays Plans to Scan Devices for Child Abuse Images After Privacy Backlash
Apple is temporarily hitting the pause button on its controversial plans to screen users' devices for child sexual abuse material CSAM after receiving sustained blowback over worries that the tool could be weaponized for mass surveillance and erode the privacy of users. "Based on feedback from...
iCloud phishing scam – Man stole private photos of 620,000 women
By Waqas LA County resident booked in iCloud phishing scam pretended to be an Apple agent and stole 620,000 photos, 9,000 videos of 306 young women. This is a post from HackRead.com Read the original post: iCloud phishing scam - Man stole private photos of 620,000 women...
California Man Stole 620,000 iCloud Photos in Search of Nudes
Plus: The T-Mobile hacker, another big bad Microsoft bug, and more of the week’s top security news...
California Man Hacked iCloud Accounts to Steal Nude Photos
A California man impersonated an Apple customer support technician in a socially engineered email campaign that stole people’s iCloud passwords to break into accounts and collected upwards of 620,000 private photos and videos. Hao Kuo Chi, 40, of La Puente, has agreed to plead guilty to four...
Apple: Image-Detection Backdoor ‘Narrow’ in Scope
Apple provided additional design and security details this week about the planned rollout of a feature aimed at detecting child sexual abuse material CSAM images stored in iCloud Photos. Privacy groups like the Electronic Frontier Foundation warned that the process of flagging CSAM images...
Apple Releases Security Update
Apple has released a security update to address vulnerabilities in iCloud for Windows 12.5. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary updates. This...
About the security content of iCloud for Windows 12.5
About the security content of iCloud for Windows 12.5 This document describes the security content of iCloud for Windows 12.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
KLA12263 Multiple vulnerabilities in Apple iCloud
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A code execution vulenrability in ImageIO can be exploited via special crafted image to execute arbitrary code. 2. A...
Last Week’s Security News: Black Hat Pwnie Awards, iPhone Checks Photos, Evil Windows Print Server, Cisco VPN Routers Takeovers
Hello everyone! Last Weeks Security News, August 1 - August 8. Black Hat Pwnie Awards Last week was more quiet than normal with Black Hat USA and DEF CON security conferences. I would like to start with the Pwnie Awards, which are held annually at Black Hat. Its like an Oscar or Tony in the...
Apple Adds a Backdoor to iMessage and iCloud Storage
Apples announcement that its going to start scanning photos for child abuse material is a big deal. Here are five news stories. I have been following the details, and discussing it in several different email lists. I dont have time right now to delve into the details, but wanted to post something...
Apple’s search for child abuse imagery raises serious privacy questions
The Internet has been on fire since the August 4 discovery disclosed publicly by Mathew Green that Apple will be monitoring photos uploaded to iCloud for child sexual abuse material CSAM. Some see this as a great move by Apple that will protect children. Others view this as a potentially dangerou...
Apple to Scan Every Device for Child Abuse Content — But Experts Fear for Privacy
Apple on Thursday said it's introducing new child safety features in iOS, iPadOS, watchOS, and macOS as part of its efforts to limit the spread of Child Sexual Abuse Material CSAM in the U.S. To that effect, the iPhone maker said it intends to begin client-side scanning of images shared via every...
The vulnerabilities of operating systems such as iOS, iPadOS, macOS, tvOS, the browser Safari, the multimedia player iTunes, and the iCloud service allow attackers to compromise the integrity of protected information.
The vulnerabilities of operating systems such as iOS, iPadOS, macOS, tvOS, the browser Safari, the multimedia player iTunes, and the iCloud service are related to incorrect processing of logical operations. Exploiting these vulnerabilities allows a malicious actor to compromise the integrity of...
Apple Will Offer Onion Routing for iCloud/Safari Users
At this years Apple Worldwide Developer Conference, Apple announced something called "iCloud Private Relay." Thats basically its private version of onion routing, which is what Tor does. Privacy Relay is built into both the forthcoming iOS and MacOS versions, but it will only work if youre an...
Vulnerabilities of operating systems such as macOS, watchOS, iOS, iPadOS, tvOS, and the iCloud for Windows service, related to resource release errors, allow a perpetrator to trigger a service failure.
The vulnerabilities of operating systems such as macOS, watchOS, iOS, iPadOS, tvOS, and the iCloud for Windows service are related to resource release errors. Exploiting these vulnerabilities can allow a malicious actor to cause service failures remotely...
Top 10 Privacy and Security Features Apple Announced at WWDC 2021
Apple on Monday announced a number of privacy and security-centric features to its upcoming versions of iOS and macOS at its all-online Worldwide Developers Conference. Here is a quick look at some of the big-ticket changes that are expected to debut later this fall: 1 — Decouple Security Patches...
How Apple Gave Chinese Government Access to iCloud Data and Censored Apps
In July 2018, when Guizhou-Cloud Big Data GCBD agreed to a deal with state-owned telco China Telecom to move iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Now, according to a...
webkitgtk: Input validation issue leading to cross site scripting attack
An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross sit...