9 matches found
New Mac malware raises more questions about Apple’s security patching
Apples reputation on security has been taking a beating lately. As mentioned in some of our previous coverage, security researcher Joshua Long recently shone a light on problems with Apples security patching strategy. His findings showed a shocking number of cases where Apple patched a...
Mac Zero Day Targets Apple Devices in Hong Kong
Since at least late August, attackers have been using flaws in macOS and iOS – including in-the-wild use of what was then a zero-day flaw – to install a backdoor on the Apple devices of users who visited Hong Kong-based media and pro-democracy sites. This isn’t a finely targeted campaign, but it’...
Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant
Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-patched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-see...
Apple Patches 3 More Zero-Days Under Active Attack
Apple has patched three actively exploited zero-day security vulnerabilities in updates to iOS and macOS, one of which can allow an attacker to execute arbitrary code with kernel privileges. Apple released two updates on Thursday: iOS 12.5.5, which patches three zero-days that affect older versio...
CVE-2021-30869
creationtimestamp| type| source ---|---|--- 2021-09-24 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=658 2021-09-24 06:47:09+00:00| exploited| https://t.me/thehackernews/1537 2021-09-24 07:45:25+00:00| exploited| https://t.me/auraxchan/26994 2021-09-24 11:00:34+00:00|...
Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days
Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for a previously plugged security weakness abused by NSO Group's Pegasus surveillance...
VulnCheck KEV: CVE-2021-30869
Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges...
About the security content of Security Update 2021-006 Catalina
About the security content of Security Update 2021-006 Catalina This document describes the security content of Security Update 2021-006 Catalina. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...
CVE-2021-30869
CVE-2021-30869 is a type confusion vulnerability in Apple’s XNU kernel that may allow a malicious application to execute arbitrary code with kernel privileges. The issue affects iOS/iPadOS and macOS (XNU IPC-related code) and was observed in-the-wild in conjunction with WebKit-related flaws; expl...