SecurityWeek
Hacker Conversations: Ron Reiter, and the Making of a Professional Hacker
Ron Reiter was a childhood hacker in Israel and recruited into the IDF’s Unit 8200. Now he is CTO and co-founder of cybersecurity firm Sentra.
SecurityWeek
Ron Reiter was a childhood hacker in Israel and recruited into the IDF’s Unit 8200. Now he is CTO and co-founder of cybersecurity firm Sentra.
Cyber Security News
A new arbitrary code execution vulnerability has been discovered in iTunes that could allow a threat actor to perform malicious activities
The Cyber Express
The digital landscape continues to be a battleground, with cyber threats evolving and attackers targeting an ever-wider range of victims.
CyberNews
Trust Wallet warned Apple iPhone owners of a possible zero-day vulnerability.
The Cyber Express
Trust Wallet, a leading provider of crypto wallets, has issued an advisory to Apple users regarding potential iMessage vulnerability. The
The Cyber Express
Apple issued notifications to users in 92 countries on April 11, alerting them of possible mercenary spyware attacks. However, with
Bleeping Computer
Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device.
The Record
Apple also updated its support page, explaining how the threat notifications work and what targeted users should do if they receive one.
Cyber Security News
This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and
Security Affairs
Zero-day broker firm Crowdfense announced a 30 million USD offer as part of its Exploit Acquisition Program.
SecurityWeek
Quantum decryption will make all certificates and everything else using RSA encryption vulnerable to everyone.
Cyber Security News
This sophisticated service enables cybercriminals to launch phishing campaigns across over 20,000 domains.
DarkReading
How security teams in the region fortify their defenses amid short-staffing — and increased DDoS, phishing, and ransomware campaigns — during the Muslim holy month.
SecurityWeek
US government conducting airline privacy review, SEC’s overreaching SolarWinds hack probe, MFA bombing of Apple users.
HACKRead
Some of the known targets of this iMessage phishing campaign are USPS, DHL, Evri, Australia Post, Bulgarian Posts, and Singapore Post.
DarkReading
Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line.
The Hacker News
Beware of Darcula, a Phishing-as-a-Service platform targeting 100+ countries with over 20,000 fake domains.
Cyber Security News
A new threat has emerged, targeting unsuspecting iPhone users through the seemingly secure iMefofferssage platform.
SC Magazine
Netcraft researchers say the Chinese-language PhaaS platform targeted postal organization in more than 100 countries, including USPS.
Bleeping Computer
A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.
DarkReading
Pervasive and inexpensive phishing kit encompasses hundreds of templates targeting Kuwait Post, Etisalat, Jordan Post, Saudi Post. Australia Post, Singapore Post, and postal services in South Africa, Nigeria, Morocco, and more.
The Hacker News
U.S. Department of Justice and 16 state AGs have filed a lawsuit against Apple, accusing it of maintaining an illegal smartphone monopoly.
Bleeping Computer
Tuta Mail has announced TutaCrypt, a new post-quantum encryption protocol to secure communications from powerful and anticipated decryption attacks.
SecurityWeek
An upgraded ESC security chip makes the firmware of several HP business PCs resilient to quantum computer attacks.
CyberNews
Russian cybersecurity firms have allegedly designated a US government offensive cyber group with its very own codename, Sand Eagle.
SC Magazine
Security pros say the zero-days are serious because nation-states tend to exploit flaws to launch spyware attacks on high-risk individuals.
DarkReading
Dark Reading's roundup of strategic cyber-operations insights for chief information security officers and security leaders. Also this week: SEC enforcement actions, biometrics regulation, and painful encryption changes in the pike.
Latest Hacking News
Apple announced a significant security upgrade to its existing encryption – PQ3 protocol – ensuring users a safer communication with quantum resistance. Apple iMessage Adds Quantum Resistance The Cupertino giant Apple has now planned to enhance its
DarkReading
Apple's PQ3 for securing iMessage and Signal's PQXH show how organizations are preparing for a future in which encryption protocols must be exponentially harder to crack.
Security Affairs
Apple announced the implementation of a post-quantum cryptographic protocol called PQ3 will be integrated into iMessage.
Bleeping Computer
Apple is adding to the iMessage instant messaging service a new post-quantum cryptographic protocol named PQ3, designed to defend encryption from quantum attacks.
DarkReading
The revamped iMessage app uses Apple's new PQ3 post-quantum cryptographic protocol, which its engineers say will make it the most secure messaging app — but Signal's president begs to differ.
The Hacker News
Apple's iMessage is getting a major security boost with PQ3, the 'strongest' post-quantum encryption yet
Cyber Security News
Apple has released its new PQ3 (post-quantum) cryptographic protocol, claimed to be the first-ever messaging protocol to reach Level 3 security.
Ars Technica
How Kybers and ratcheting are boosting the resiliency of Apple's messaging app.
PCMag
Apple is launching its latest iMessage security protocol, PQ3, with its next OS updates for all Apple products that use the end-to-end encrypted messaging app.
SecurityWeek
Apple unveils PQ3, a new post-quantum cryptographic protocol for iMessage designed to protect communications against quantum attacks
Computerworld
Apple, already preparing for the next generation of threats, is introducing upgraded encryption to protect iMessage against future attacks using quantum computers.
Computerworld
Apple, already preparing for the next generation of threats, is introducing upgraded encryption to protect iMessage against future attacks using quantum computers.
SC Magazine
The feature will roll out publicly with iOS 17.4 in March and is already available in beta.
PCMag
A revision to the Investigatory Powers Act (IPA) could allow officials to quietly stop a company like Apple from rolling out certain features.
The Hacker News
Italy's data watchdog accuses ChatGPT of violating EU privacy laws by collecting sensitive data and exposing children to inappropriate content.
HACKRead
The iShutdown tool has been launched a few weeks after Kaspersky cybersecurity researchers revealed significant insights into Operation Triangulation. This investigation delves into how spyware threats compromise iPhones.
Infosecurity News
Kaspersky experts developed the tool after analyzing Shutdown.log, a file retaining reboot information
SecurityWeek
Apple’s latest Magic Keyboard firmware addresses a recently disclosed Bluetooth keyboard injection vulnerability.
The Hacker News
CISA adds six new flaws to its KEV catalog, highlighting urgent need for network security upgrades!
Bleeping Computer
The U.S. Cybersecurity and Infrastructure Security Agency has added to its to the Known Exploited Vulnerabilities catalog six vulnerabilities that impact products from Adobe, Apache, D-Link, and Joomla.
Bleeping Computer
2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities.
DarkReading
The Operation Triangulation attacks are abusing undocumented functions in Apple chips to circumvent hardware-based security measures.
HACKRead
The findings came as part of Operation Triangulation, months after Kaspersky discovered that their employees’ iPhones had been hacked by spyware.
Security Affairs
Experts discovered that Operation Triangulation targeting Apple iOS devices leveraged an undocumented hardware feature.
HACKRead
Apple warned Indian opposition figures and journalists of possible state-backed hacking last year, causing tension with the government questioning the claims and pressuring Apple to soften them.
CyberNews
Amnesty International has confirmed what Apple had already warned about – that the government of India is using Pegasus spyware to target journalists and the opposition.
The Hacker News
Kaspersky discovers the "most sophisticated attack chain" targeting Apple iOS devices.
SecurityWeek
iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices.
Ars Technica
"Triangulation" infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.
Bleeping Computer
The Operation Triangulation spyware attacks targeting iPhone devices since 2019 leveraged undocumented features in Apple chips to bypass hardware-based security protections.
The Hacker News
Chinese-speaking threat actors, known as the Smishing Triad, are posing as UAE authorities to gather sensitive information via malicious SMS messages.
The Record
A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research.
Infosecurity News
The Resecurity team discovered the threat and promptly notified UAE law enforcement agencies
Security Affairs
Smishing Triad: Researchers warn crooks impersonating UAE Federal Authority for Identity and citizenship ahead of the Holiday Season
SecurityWeek
Apple is testing a new security feature that should limit what iPhone thieves can do with a stolen phone, even if they have the passcode.
SecurityWeek
Apple’s latest iOS and macOS platform refresh has been fitted with a new feature to catch impersonators on its iMessage service.
The Hacker News
Apple has released patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address multiple vulnerabilities.
SecurityWeek
A study commissioned by Apple shows that 2.6 billion personal data records were compromised in breaches in the past two years.
SecurityWeek
Idaho National Laboratory breach, GPS attacks target airplanes, Russian accuses China and North Korea of hacking.
Computerworld
Apple’s iMessage will soon offer a new secure identity verification system enterprise professionals might want to use: Contact Key Verification.
Ars Technica
Some changes will arrive for non-EU users, too, but not the easy removals.
SecurityWeek
New capability detects attacks on iMessage servers and allows users to verify a conversation partner’s identity.
Infosecurity News
Kaspersky said the attack exploited five vulnerabilities, four of which were unknown zero-days
Cyber Security News
TriangleDB", this malware infection chain consists of a malicious iMessage attachment which launches a chain of exploits on affected devices.
SecurityWeek
Kaspersky analyzes the stealth techniques that were used in the ‘Operation Triangulation’ iOS zero-click attacks.
Bleeping Computer
The team behind the Matrix open standard and real-time communication protocol has announced the release of its second major version, bringing end-to-end encryption to group VoIP, faster loading times, and more.
The Hacker News
Sophisticated Apple iOS attack dubbed Operation Triangulation employed clever techniques to targets victims with a backdoor implant called "TriangleDB
SecurityWeek
Privacy-focused messaging firm Signal is pouring cold water on widespread rumors of a zero-day exploit in its popular encrypted chat app.
The Hacker News
🔒 Signal refutes viral reports of a zero-day flaw in its encrypted messaging app. Extensive investigation found no evidence to support the claim.
SecurityWeek
SecurityWeek interview with Natalie Silvanovich, a member of Project Zero – an elite group of researchers employed by Google.
The Hacker News
Libwebp image library under attack! A new CVE-2023-5129 has emerged, scoring a maximum 10.0 on CVSS. Get the details now
Bleeping Computer
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and patched two weeks ago.
The Hacker News
🚨 Attention users! Apple issues patches for 3 new critical zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari.
Cyber Security News
The iPhone of Galina Timchenko, the co-founder, CEO, and publisher of the Russian independent media outlet Meduza was found to have NSO Group's Pegasus spyware.
DarkReading
The exploit is one of many that government and intelligence agencies have to infect target devices with the notorious surveillance tool.
The Hacker News
Russian journalist Galina Timchenko's iPhone hacked with NSO Group's Pegasus spyware
Ars Technica
With 70 zero-days uncovered so far this year, 2023 is on track to set a new record.
SecurityWeek
After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware.
The Hacker News
Mozilla is also rushing to fix a zero-day vulnerability (CVE-2023-4863) that is actively exploited in browsers.
The Record
The phone of a prominent Russian journalist and critic of the Kremlin was infected with Pegasus spyware, according to new research.
Bleeping Computer
Apple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to infect iOS devices with NSO's Pegasus spyware.
Bleeping Computer
Apple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to infect iOS devices with NSO's Pegasus spyware.
Infosecurity News
Federal agencies have one month to fix BlastPass vulnerabilities
The Hacker News
Google releases patch for a new Chrome zero-day vulnerability (CVE-2023-4863) that's being exploited in the wild.
Bleeping Computer
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies today to patch security vulnerabilities abused as part of a zero-click iMessage exploit chain to infect iPhones with NSO Group's Pegasus spyware.
Latest Hacking News
Apple recently patched two vulnerabilities actively exploited in the wild to target iPhones. The researchers found these iOS zero-day flaws exploited to deliver spyware to a US-based civil society organization. iOS Zero-Day Flaws Exploited To Deliver
Computerworld
IT should immediately update all enterprise Apple devices with an essential security update to defend against an insidious NSO Group zero-click attack.
Infosecurity News
Users of iOS devices urged to enable lockdown mode
Cyber Security News
According to Citizen Lab, the exploit chain was capable of infecting iPhones running the most recent version of iOS (16.6) without the victim's involvement.
The Hacker News
🚨 Urgent Spyware Alert! Apple patched 2 new zero-day vulnerabilities in iOS, iPadOS, and macOS devices.
SecurityWeek
Apple pushes out an urgent point-update to its flagship iOS and macOS platforms to fix a pair of security defects being exploited in the wild.
Bleeping Computer
Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain to deploy NSO Group's Pegasus commercial spyware onto fully patched iPhones.
The Hacker News
A large-scale smishing campaign is hitting the U.S. through compromised Apple iCloud accounts.
Loading more articles....