EUVD-2015-6948

Malware in sbrugna...

Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware

A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android's built-in...

'CryptoRom' Crypto Scam Abusing iPhone Features to Target Mobile Users

Social engineering attacks leveraging a combination of romantic lures and cryptocurrency fraud have been deceiving unsuspecting victims into installing fake apps by taking advantage of legitimate iOS features like TestFlight and Web Clips. Cybersecurity company Sophos, which has named the organiz...

Code injection

The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app...

CVE-2015-7016

The CVE-2015-7016 issue affects Apple Mac OS X (MCX Application Restrictions) prior to OS X 10.11.1 where Managed Configuration mishandles provisioning profiles. This enables a crafted developer-signed app to bypass entitlement restrictions and gain privileges, due to a flaw in how provisioning p...

CVE-2015-7016

The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement restrictions and gain privileges via a crafted developer-signed app...

Apple Patches Dozens of Flaws in iOS 8.4, OS X 10.10.4

Apple has released new versions of iOS and OS X, both of which include a significant number of security patches, several for bugs that can lead to remote code execution and other serious issues. Version 8.4 of iOS contains fixes for more than 30 security vulnerabilities, including bugs in the iOS...