Lucene search
K

3591 matches found

CVE
CVE
added 2021/09/08 2:55 p.m.336 views

CVE-2021-1825

CVE-2021-1825 is a WebKit/WebKit-related input validation issue that could enable cross-site scripting when processing malicious web content. Apple’s security content for Safari 14.1 and related WebKit components lists this CVE under WebKit’s input validation and notes it is fixed in Safari 14.1 ...

6.1CVSS6.4AI score0.01263EPSS
Exploits0References7Affected Software8
Malwarebytes
Malwarebytes
added 2021/09/07 10:1 a.m.21 views

Apple delays plans to search devices for child abuse imagery

After the uproar from users and privacy advocates about Apple’s controversial plans to scan users devices for photos and messages containing child abuse and exploitation media, the company has decided to put the brakes on the plan. If you may recall, Apple announced in early August that it would...

Exploits0
The Hacker News
The Hacker News
added 2021/09/04 9:8 a.m.48 views

Apple Delays Plans to Scan Devices for Child Abuse Images After Privacy Backlash

Apple is temporarily hitting the pause button on its controversial plans to screen users' devices for child sexual abuse material CSAM after receiving sustained blowback over worries that the tool could be weaponized for mass surveillance and erode the privacy of users. "Based on feedback from...

6.5AI score
Exploits0
HackRead
HackRead
added 2021/08/30 6:16 p.m.32 views

iCloud phishing scam – Man stole private photos of 620,000 women

By Waqas LA County resident booked in iCloud phishing scam pretended to be an Apple agent and stole 620,000 photos, 9,000 videos of 306 young women. This is a post from HackRead.com Read the original post: iCloud phishing scam - Man stole private photos of 620,000 women...

1.4AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2021/08/28 2:45 p.m.29 views

California Man Stole 620,000 iCloud Photos in Search of Nudes

Plus: The T-Mobile hacker, another big bad Microsoft bug, and more of the week’s top security news...

1.2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/08/25 11:41 a.m.24 views

California Man Hacked iCloud Accounts to Steal Nude Photos

A California man impersonated an Apple customer support technician in a socially engineered email campaign that stole people’s iCloud passwords to break into accounts and collected upwards of 620,000 private photos and videos. Hao Kuo Chi, 40, of La Puente, has agreed to plead guilty to four...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/08/17 1:58 p.m.38 views

Apple: Image-Detection Backdoor ‘Narrow’ in Scope

Apple provided additional design and security details this week about the planned rollout of a feature aimed at detecting child sexual abuse material CSAM images stored in iCloud Photos. Privacy groups like the Electronic Frontier Foundation warned that the process of flagging CSAM images...

6.8AI score
Exploits0References6
CISA
CISA
added 2021/08/17 12:0 a.m.19 views

Apple Releases Security Update

Apple has released a security update to address vulnerabilities in iCloud for Windows 12.5. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary updates. This...

6.9AI score
Exploits0References1
Apple
Apple
added 2021/08/16 12:0 a.m.27 views

About the security content of iCloud for Windows 12.5

About the security content of iCloud for Windows 12.5 This document describes the security content of iCloud for Windows 12.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

7.8CVSS8.6AI score0.01785EPSS
Exploits0References1Affected Software1
Kaspersky
Kaspersky
added 2021/08/16 12:0 a.m.30 views

KLA12263 Multiple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A code execution vulenrability in ImageIO can be exploited via special crafted image to execute arbitrary code. 2. A...

7.8CVSS8.7AI score0.01785EPSS
Exploits0References3
Information Security Automation
Information Security Automation
added 2021/08/11 10:18 p.m.72 views

Last Week’s Security News: Black Hat Pwnie Awards, iPhone Checks Photos, Evil Windows Print Server, Cisco VPN Routers Takeovers

Hello everyone! Last Weeks Security News, August 1 - August 8. Black Hat Pwnie Awards Last week was more quiet than normal with Black Hat USA and DEF CON security conferences. I would like to start with the Pwnie Awards, which are held annually at Black Hat. Its like an Oscar or Tony in the...

10CVSS0.09691EPSS
Exploits0
Schneier on Security
Schneier on Security
added 2021/08/10 11:37 a.m.26 views

Apple Adds a Backdoor to iMessage and iCloud Storage

Apples announcement that its going to start scanning photos for child abuse material is a big deal. Here are five news stories. I have been following the details, and discussing it in several different email lists. I dont have time right now to delve into the details, but wanted to post something...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/06 9:10 p.m.63 views

Apple’s search for child abuse imagery raises serious privacy questions

The Internet has been on fire since the August 4 discovery disclosed publicly by Mathew Green that Apple will be monitoring photos uploaded to iCloud for child sexual abuse material CSAM. Some see this as a great move by Apple that will protect children. Others view this as a potentially dangerou...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/08/06 2:29 p.m.69 views

Apple to Scan Every Device for Child Abuse Content — But Experts Fear for Privacy

Apple on Thursday said it's introducing new child safety features in iOS, iPadOS, watchOS, and macOS as part of its efforts to limit the spread of Child Sexual Abuse Material CSAM in the U.S. To that effect, the iPhone maker said it intends to begin client-side scanning of images shared via every...

6.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.4 views

The vulnerabilities of operating systems such as iOS, iPadOS, macOS, tvOS, the browser Safari, the multimedia player iTunes, and the iCloud service allow attackers to compromise the integrity of protected information.

The vulnerabilities of operating systems such as iOS, iPadOS, macOS, tvOS, the browser Safari, the multimedia player iTunes, and the iCloud service are related to incorrect processing of logical operations. Exploiting these vulnerabilities allows a malicious actor to compromise the integrity of...

4.3CVSS6AI score0.01163EPSS
Exploits0References8Affected Software6
Schneier on Security
Schneier on Security
added 2021/06/22 11:54 a.m.43 views

Apple Will Offer Onion Routing for iCloud/Safari Users

At this years Apple Worldwide Developer Conference, Apple announced something called "iCloud Private Relay." Thats basically its private version of onion routing, which is what Tor does. Privacy Relay is built into both the forthcoming iOS and MacOS versions, but it will only work if youre an...

0.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.5 views

Vulnerabilities of operating systems such as macOS, watchOS, iOS, iPadOS, tvOS, and the iCloud for Windows service, related to resource release errors, allow a perpetrator to trigger a service failure.

The vulnerabilities of operating systems such as macOS, watchOS, iOS, iPadOS, tvOS, and the iCloud for Windows service are related to resource release errors. Exploiting these vulnerabilities can allow a malicious actor to cause service failures remotely...

7.8CVSS7.2AI score0.02788EPSS
Exploits0References9Affected Software6
The Hacker News
The Hacker News
added 2021/06/08 10:0 a.m.42 views

Top 10 Privacy and Security Features Apple Announced at WWDC 2021

Apple on Monday announced a number of privacy and security-centric features to its upcoming versions of iOS and macOS at its all-online Worldwide Developers Conference. Here is a quick look at some of the big-ticket changes that are expected to debut later this fall: 1 — Decouple Security Patches...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/18 2:7 p.m.62 views

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps

In July 2018, when Guizhou-Cloud Big Data GCBD agreed to a deal with state-owned telco China Telecom to move iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Now, according to a...

6.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/05/18 2:2 p.m.4 views

webkitgtk: Input validation issue leading to cross site scripting attack

An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross sit...

6.1CVSS6.1AI score0.01263EPSS
Exploits0References5
Rows per page
Query Builder