Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System

In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version. First detailed in an analysis this week by Google Project Zero’s Samuel Groß, BlastDoor acts as a “tightly...

[SECURITY] Fedora 32 Update: firejail-0.9.62.4-1.fc32

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces. It includes a sandbox profile for Mozilla Firefox...

Apple macOS 10.12.1 / iOS < 10.2 - syslogd Arbitrary Port Replacement

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=977 syslogd running as root hosts the com.apple.system.logger mach service. It's part of the system.sb sandbox profile and so reachable from a lot of sandboxed contexts. Here's a snippet from its mach message handling loop...

Apple iOS 8.1.1 Fixes Several Code-Execution Flaws

Apple has patched 10 vulnerabilities in iOS, including a pair of bugs that allowed arbitrary code execution and one that enables an attacker to run random binaries on a target device. The patches come in iOS 8.1.1, a small update to the company’s mobile operating system. There are several serious...