Skip to content

Bugs With Impressive Names! – Naked Security

Apple recently released a full update that includes not only the second Rapid Response patch but also a fix for another zero-day vulnerability. The zero-day in WebKit, which was previously addressed in the Rapid Response patch, has now been accompanied by a fix for a kernel-level vulnerability. Interestingly, the zero-day in WebKit was attributed to… 

Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day – Naked Security

Apple users were urged to download a Rapid Response patch to fix a web-browsing security hole that had been exploited in real-world spyware attacks. The bug fix addressed a code execution vulnerability and was released as an emergency measure. While not a true zero-click attack, where cybercriminals can take over a device without any user… 

Apple silently pulls its latest zero-day update – what now? – Naked Security

Betteridge’s Law of Headlines states that any headline posed as a question can be answered with a simple “No.” While this may be a humorous observation, it is not an actual law or rule. In this case, the question of whether anyone knows when Apple will release a new update remains unanswered. Apple has not… 

Urgent! Apple fixes critical zero-day hole in iPhones, iPads and Macs – Naked Security

The second-ever Apple Rapid Security Response has been released, providing emergency patches for the latest versions of macOS, iOS, and iPadOS. These patches are designed to be quicker to build, test, and publish than full version updates, as well as faster to download and install. Unlike full system updates, these emergency patches do not make… 

What was Steve Jobs’s first job? – Naked Security

DOUG.  …it also involved a multitude of other cybercrimes. This individual, a 22-year-old from the UK, was involved in SIM swapping attacks, where he would manipulate mobile phone carriers to transfer victims’ phone numbers to his control. With access to their phone numbers, he would then take over their online accounts, including social media, email, and… 

Apple patch fixes zero-day kernel hole reported by Kaspersky – update now! – Naked Security

is an important HTML tag used for creating sections on a web page. In June 2023, Kaspersky reported a new strain of iPhone malware called the Triangulation Trojan. Although Kaspersky was not the main target, it was necessary for the company to hunt for the malware on its own devices. The malware was injected quietly… 

3 zero-days fixed, so be sure to patch now! – Naked Security

Apple recently introduced its new Rapid Security Response process, which allows the company to push out critical patches for key system components without a full-size operating system update. These patches typically deal with zero-day bugs that affect core software such as the Safari browser and WebKit. The reason these bugs are dangerous is that browsers… 

Apple takes “tight-lipped” to a whole new level – Naked Security

The Naked Security podcast recently discussed the issue of passwords, botnets, and malware on Macs. The podcast is hosted by Doug Aamoth and Paul Ducklin, who discuss various cybersecurity topics. The podcast began with a segment on This Week in Tech History and discussed the release of BASIC, a popular programming language. The hosts then… 

Tracked by hidden tags? Apple and Google unite to propose safety and security standards… – Naked Security

Apple’s AirTag system has been in the news for various reasons, including firmware hacking, being used as a low-bandwidth community radio network, and being involved in a tragic stalking incident that ended in a murder charge. While Apple has introduced measures to make AirTags harder to exploit, the growing market for similar devices and Google’s… 

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram – Naked Security

A data-stealing-as-a-service toolkit called Atomic macOS Stealer (AMOS) has been found being advertised on an underground Telegram channel. This toolkit was specifically built to target Mac users and can steal passwords, files, comprehensive system information, and secret data from eight different browsers and dozens of cryptowallets. The malware comes with an online AMOS cloud portal…