Lucene search
K

9 matches found

Malwarebytes
Malwarebytes
added 2021/11/16 10:56 a.m.63 views

New Mac malware raises more questions about Apple’s security patching

Apples reputation on security has been taking a beating lately. As mentioned in some of our previous coverage, security researcher Joshua Long recently shone a light on problems with Apples security patching strategy. His findings showed a shocking number of cases where Apple patched a...

9.3CVSS9.8AI score0.14542EPSS
Exploits0
ThreatPost
ThreatPost
added 2021/11/12 6:5 p.m.86 views

Mac Zero Day Targets Apple Devices in Hong Kong

Since at least late August, attackers have been using flaws in macOS and iOS – including in-the-wild use of what was then a zero-day flaw – to install a backdoor on the Apple devices of users who visited Hong Kong-based media and pro-democracy sites. This isn’t a finely targeted campaign, but it’...

9.3CVSS7.6AI score0.0415EPSS
Exploits0References15
The Hacker News
The Hacker News
added 2021/11/12 5:38 a.m.99 views

Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant

Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-patched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-see...

9.3CVSS9.5AI score0.18108EPSS
Exploits1
ThreatPost
ThreatPost
added 2021/09/24 11:29 a.m.91 views

Apple Patches 3 More Zero-Days Under Active Attack

Apple has patched three actively exploited zero-day security vulnerabilities in updates to iOS and macOS, one of which can allow an attacker to execute arbitrary code with kernel privileges. Apple released two updates on Thursday: iOS 12.5.5, which patches three zero-days that affect older versio...

9.3CVSS8.5AI score0.75994EPSS
Exploits2References9
Circl
Circl
added 2021/09/24 4:0 a.m.12 views

CVE-2021-30869

creationtimestamp| type| source ---|---|--- 2021-09-24 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=658 2021-09-24 06:47:09+00:00| exploited| https://t.me/thehackernews/1537 2021-09-24 07:45:25+00:00| exploited| https://t.me/auraxchan/26994 2021-09-24 11:00:34+00:00|...

9.3CVSS7.4AI score0.0415EPSS
Exploits0References16
The Hacker News
The Hacker News
added 2021/09/24 3:39 a.m.76 views

Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days

Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for a previously plugged security weakness abused by NSO Group's Pegasus surveillance...

9.3CVSS8.7AI score0.75994EPSS
Exploits2
VulnCheck KEV
VulnCheck KEV
added 2021/09/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2021-30869

Apple iOS, iPadOS, and macOS contain a type confusion vulnerability in the XNU which may allow a malicious application to execute code with kernel privileges...

9.3CVSS7.5AI score0.0415EPSS
Exploits0References1
Apple
Apple
added 2021/09/23 12:0 a.m.63 views

About the security content of Security Update 2021-006 Catalina

About the security content of Security Update 2021-006 Catalina This document describes the security content of Security Update 2021-006 Catalina. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...

9.3CVSS8.7AI score0.0415EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/24 6:49 p.m.1143 views

CVE-2021-30869

CVE-2021-30869 is a type confusion vulnerability in Apple’s XNU kernel that may allow a malicious application to execute arbitrary code with kernel privileges. The issue affects iOS/iPadOS and macOS (XNU IPC-related code) and was observed in-the-wild in conjunction with WebKit-related flaws; expl...

9.3CVSS7.7AI score0.0415EPSS
In wildExploits0References5Affected Software4
Rows per page
Query Builder