SecurityWeek
Hacker Conversations: Ron Reiter, and the Making of a Professional Hacker
Ron Reiter was a childhood hacker in Israel and recruited into the IDF’s Unit 8200. Now he is CTO and co-founder of cybersecurity firm Sentra.
CSO
Equipped with AI tools, hackers make apps riskier than ever
The odds of attacks are growing as attackers can now easily access code modification and reverse engineering tools.
The Hacker News
Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices
pple and Google just rolled out a cross-platform feature called "Detecting Unwanted Location Trackers" (DULT) on iOS and Android to protect users.
Bleeping Computer
Apple backports fix for zero-day exploited in attacks to older iPhones
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS zero-day tagged as exploited in attacks.
Bleeping Computer
Apple backports fix for RTKit iOS zero-day to older iPhones
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks.
Security Affairs
Threat actors may have exploited a zero-day in older iPhones, Apple warns
Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS.
SecurityWeek
$2.5 Million Offered at Upcoming 'Matrix Cup' Chinese Hacking Contest
Chinese hacking contest Matrix Cup is offering rewards for exploits targeting OS, smartphones, enterprise software, and security products.
CSO
Google, Meta, Spotify accused of flouting Apple’s device fingerprinting rules
Security researchers allege that several apps are collecting data from iOS devices, violating Apple’s policy on device fingerprinting.
The Cyber Express
Finland Warns of New Android Malware that Siphons Money from your Bank
Finland has warned of an ongoing Android malware campaign that targets banking details of its victims by enticing them to
Security Affairs
Finland authorities warn of Android malware campaign targeting bank users
Finland's Transport and Communications Agency (Traficom) warned about an ongoing Android malware campaign targeting bank accounts.
Bleeping Computer
Finland warns of Android malware attacks breaching bank accounts
Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
Ars Technica
Anthropic releases Claude AI chatbot iOS app
Anthropic finally comes to mobile, launches plan for teams that includes 200K context window.
Cyber Security News
Safari is Not So Private! Safari Flaw Exposing EU iPhone Users to Trackers
A significant security flaw has been identified in Apple's Safari browser that could potentially expose iPhone users in the European Union to unauthorized tracking.
CyberNews
Apple expected to launch revamped iPad model at May 7th event
Apple will hold an event on May 7 amid reports that it will roll out the long-anticipated revamped versions of iPad Pro and iPad Air next month.
Bleeping Computer
US imposes visa bans on 13 spyware makers and their families
The Department of State has started imposing visa restrictions on mercenary spyware makers and peddlers, prohibiting their entry into the United States, as announced earlier in February.
CyberNews
Trust Wallet warns iOS users of zero-day exploit
Trust Wallet warned Apple iPhone owners of a possible zero-day vulnerability.
SecurityWeek
You Against the World: The Offenders Dilemma
Inside the four pillars of an offensive playbook – Red Teams, Penetration Testing, Automation and AI, and vulnerability assessment.
The Hacker News
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
A sophisticated cyber-espionage campaign has re-emerged, targeting South Asia with an iOS spyware implant called LightSpy.
Security Affairs
Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
HACKRead
iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks
Apple has issued security alerts to millions of iPhone users across 92 countries, stating that their devices are being targeted by mercenary spyware.
The Cyber Express
Apple’s Response to Rising Threats with ‘Mercenary Spyware Attacks’ Alert
Apple issued notifications to users in 92 countries on April 11, alerting them of possible mercenary spyware attacks. However, with
Infosecurity News
Apple Boosts Spyware Alerts For Mercenary Attacks
The revision points out companies like NSO Group, known for surveillance tools like Pegasus
Bleeping Computer
Apple: Mercenary spyware attacks target iPhone users in 92 countries
Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device.
Security Affairs
Apple warns of mercenary spyware attacks on iPhone users in 92 countries
Apple is warning iPhone users in over 90 countries of targeted mercenary spyware attacks, Reuters agency reported.
CyberNews
Apple warns of 'mercenary spyware attack'
Apple has warned its users in India and ninety-one other countries that they were possible victims of a mercenary spyware attack
The Hacker News
Apple Expands Spyware Alert System to Warn Users of Mercenary Attacks
Apple's updated spyware alert system now warns individual users of potential targeting by mercenary spyware attacks.
Security Affairs
Crowdfense is offering a larger $30M exploit acquisition program
Zero-day broker firm Crowdfense announced a 30 million USD offer as part of its Exploit Acquisition Program.
CyberNews
Jon Stewart says Apple begged him not to talk to FTC chair Khan on air
With Apple battling regulators in courts, another hit has come from Jon Stewart. The tech giant tried to tell the comedian whom not to interview.
DarkReading
Suspected MFA Bombing Attacks Target Apple iPhone Users
Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line.
.jpg)
Cyber Security News
Apple ID “push bombing” Attack Targeting Apple Users to Steal passwords
Apple users are falling prey to a phishing campaign designed to hijack their Apple IDs through what's known as a “push bombing”.
.webp)
Cyber Security News
iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage
A new threat has emerged, targeting unsuspecting iPhone users through the seemingly secure iMefofferssage platform.
Bleeping Computer
New Darcula phishing service targets iPhone users via iMessage
A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.
Ars Technica
“MFA Fatigue” attack targets iPhone owners with endless password reset prompts
Rapid-fire prompts sometimes followed with spoofed calls from "Apple support."
Bleeping Computer
Google: Spyware vendors behind 50% of zero-days exploited in 2023
Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.
SC Magazine
Apple ID ‘push bombing’ scam campaign hits cyber startup founders
Attackers trigger hundreds of password reset prompts in an attempt to take over iCloud accounts.
DarkReading
Apple Security Bug Opens iPhone, iPad to RCE
CVE-2024-1580 allows remote attackers to execute arbitrary code on affected devices.
Krebs on Security
Recent ‘MFA Bombing’ Attacks Targeting Apple Users
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that…
CyberNews
Apple picks Baidu for AI features in China - report
Apple has chosen China’s search giant Baidu to provide AI features for its products in the country, including the upcoming iPhone 16, local media has reported.
Bleeping Computer
Google's new AI search results promotes sites pushing malware, scams
Google's new AI-powered 'Search Generative Experience' algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams.
The Hacker News
New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys
Researchers uncover "GoFetch" vulnerability in Apple M-series chips, potentially allowing attackers to extract secret cryptographic keys.
DarkReading
Apple Is Sparse With Details in Latest iOS Update
The security update is available for iPhone and iPad users depending on the version of the device they own.
The Hacker News
U.S. Justice Department Sues Apple Over Monopoly and Messaging Security
U.S. Department of Justice and 16 state AGs have filed a lawsuit against Apple, accusing it of maintaining an illegal smartphone monopoly.
SC Magazine
Apple lawsuit: US officials say iPhone ‘monopoly’ undermines security
The antitrust suit disputes Apple’s position that its restrictive ecosystem protects users.
The Record
Exploring the surveillance partnership between the government and data brokers
Investigative reporter Byron Tau discusses his new book, “Means of Control: How the Hidden Alliance of Tech and Government is Creating a New American Surveillance State.”
Ars Technica
Apple may hire Google to power new iPhone AI features using Gemini—report
With Apple's own AI tech lagging behind, the firm looks for a fallback solution.
Bleeping Computer
Brave: Sharp increase in installs after iOS DMA update in EU
Brave has seen a sharp increase in users installing its privacy-focused Brave Browser on iPhones after Apple introduced changes to adhere to the new European Digital Markets Act.
Latest Hacking News
Apple Addressed Two iOS Zero-Days With Latest Updates
After opening the new year with zero-day fixes, Apple has once again addressed two more zero-days in its iOS devices, urging users to update as soon as possible. These vulnerability fixes not only arrive for
Bleeping Computer
MiTM phishing attack can let attackers unlock and steal a Tesla
Researchers demonstrated how they could conduct a Man-in-the-Middle (MiTM) phishing attack to compromise Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.
CyberNews
Crypto apps rally alongside bitcoin prices
Crypto apps and their popularity as bitcoin prices surge
CyberNews
As Big Tech scrambles to meet EU rules, investigations seen as likely
From overhauling online platforms to backroom engineering, Big Tech firms have scrambled over the last six months to comply with landmark EU tech rules.
SC Magazine
Apple’s 17.4 emergency update patches two iPhone zero-days
Security pros say the zero-days are serious because nation-states tend to exploit flaws to launch spyware attacks on high-risk individuals.
Bleeping Computer
Apple blames Spotify for $1.95 billion fine over "abusive" App store rules
The European Commission has fined Apple €1.8 billion, or approximately $1.95 million, for allegedly abusing its market dominance in music streaming app distribution to prevent developers from promoting cheaper services outside the app.
Infosecurity News
Predator Spyware Targeted Mobile Phones in New Countries
Despite being exposed to human rights violations, the Predator spyware continues to be used across the world – including in new countries
CyberNews
Apple explains how it will comply with EU laws and how bad they are
Prior to the release of iOS 17.4, Apple has published a whitepaper that explains what changes the company has rolled out to comply with the new EU Digital Markets Act.
Computerworld
Apple warns of increased iPhone security risks
Apple has told its European customers that new EU competition laws will make iPhones less safe.
Computerworld
Apple warns of increased iPhone security risks
Apple has told its European customers that new EU competition laws will make iPhones less safe.
The Record
Researchers spot new infrastructure likely used for Predator spyware
Analysts at Insikt Group were able to identify potential Predator customers in Angola, Armenia, Botswana, Egypt, Indonesia, Kazakhstan, Mongolia, Oman, the Philippines, Saudi Arabia, and Trinidad and Tobago.
PCMag
FCC Moves to Protect Domestic Abuse Survivors From Connected Car Stalking
FCC Chair Jessica Rosenworcel wants to use the agency's authority under the Safe Connections Act to make sure abusers don't exploit connected car features to stalk victims.
Bleeping Computer
Brave browser launches privacy-focused AI assistant on Android
Brave Software is the next company to jump into AI, announcing a new privacy-preserving AI assistant called "Leo" is rolling out on the Android version of its browser through the latest release, version 1.63.
Bleeping Computer
Registrars can now block all domains that resemble brand names
Registrars can now block people from registering tens of thousands of domain names that look like, are spelling variations of, or otherwise infringe on brand names.
Computerworld
Enterprise mobility 2024: Welcome, genAI
Many of the buzziest IT trends — low-code automation, digital employee experience, and yes, even generative AI — are making their way into the major mobility management platforms. Here’s what to look for in 2024 and beyond.
SecurityWeek
AT&T Says the Outage to Its US Cellphone Network Was Not Caused by a Cyberattack
AT&T says the massive outage to its US cellphone network on Thursday was not caused by a cyberattack as rumored.
The Hacker News
Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability
A high-severity flaw in Apple's Shortcuts could expose your data without consent! Learn how Apple patched this with iOS 17.3 and more.
PCMag
iOS 17.3 Update Fixed Shortcuts Bug That Sent Data to Attackers
The malicious Shortcuts used the 'Expand URL' function to bypass Apple's safeguards, making it possible for third parties to transmit data to malicious websites.
HACKRead
Apple Shortcuts Vulnerability Exposes Sensitive Data, Update Now!
Cybersecurity firm Bitdefender discovered a vulnerability in Apple Shortcuts, allowing attackers to access sensitive data without prompting users.
The Hacker News
Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage
Apple's iMessage is getting a major security boost with PQ3, the 'strongest' post-quantum encryption yet
Ars Technica
70,000 AT&T customers are without service across the US
Cause of outage is unknown, but some suspect it's network-to-network "peering."
Cyber Security News
VoltSchemer - Wireless Charger Attack Boils Phone and Injects Voice Commands
Researchers discovered VoltSchemer which enables the execution of innovative attacks on wireless chargers by tweaking power supply voltage.
Ars Technica
New app always points to the supermassive black hole at the center of our galaxy
iPhone compass app made with AI assistance locates the heart of the Milky Way.
Bleeping Computer
New ‘Gold Pickaxe’ Android, iOS malware steals your face for fraud
A new iOS and Android trojan named 'Gold Pickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access.
Security Affairs
9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data
Exploring the Risks: Unveiling 9 Potential Techniques Hackers Employ to Exploit Public Wi-Fi and Compromise Your Sensitive Data
The Hacker News
MoqHao Android Malware Evolves with Auto-Execution Capability
A new variant of MoqHao Android malware silently auto-executes upon installation, snatching data, and hijacking Wi-Fi.
CyberNews
Apple CEO Tim Cook was not overpaid, judge rules
A federal judge dismissed an investor lawsuit accusing Apple of overpaying Chief Executive Tim Cook and four other top executives by tens of millions of dollars.
The Hacker News
Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore
Google starts blocking sideloaded apps in Singapore: This pilot program targets apps that abuse permissions to steal one-time passwords and sensitive
The Cyber Express
Securing Your Safari: Cybersecurity Best Practices for Apple’s Web Browser
Many people use Safari as the pre-installed web browser on devices like Macs, iPhones, and iPads. Yet, the extent of
SecurityWeek
At Least 30 Journalists, Lawyers and Activists Hacked With Pegasus in Jordan, Forensic Probe Finds
Pegasus spyware from NSO Group was used in Jordan to hack the cellphones of journalists, lawyers, human rights and political activists.
SecurityWeek
Apple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw Exploitation
Apple releases first security update for Vision Pro VR headset as CISA issues warning about exploitation of iOS vulnerability.
The Hacker News
CISA Warns of Active Exploitation of Critical Vulnerability in iOS, iPadOS, and macOS
Critical Apple kernel bug in iOS, macOS, and more exploited in the wild. CISA urges FCEB agencies to patch by February 21st.
Bleeping Computer
CISA warns of patched iPhone kernel bug now exploited in attacks
CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively exploited in attacks.
DarkReading
Apple Warns iPhone Sideloading Changes Will Increase Cyber Threats
The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams.
Bleeping Computer
iPhone apps abuse iOS push notifications to collect user data
Numerous iOS apps are using background processes triggered by push notifications to collect user data about devices, potentially allowing the creation of fingerprinting profiles used for tracking.
CyberNews
Microsoft hits $3 trillion market value
Microsoft's stock market value crossed $3 trillion for the first time, retaining its place as the world's second most valuable company, just behind iPhone maker Apple.
PCMag
X Now Supports Passkey Login on iOS
X, the company formerly known as Twitter, is catching up to the times by adopting passkey logins. But for now, you'll need an iPhone to use it.
DarkReading
Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine
The new bug is Apple's 12th WebKit zero-day in the last year, highlighting the increasing enterprise exposure to browser-borne threats.
DarkReading
Apple's Anti-Theft Security Slows Down iPhone Crooks
The new iOS update includes Stolen Device Protection which limits what users can do on their iPhones when away from known locations (such as home or work), to prevent criminals from making unauthorized changes.
CyberNews
CISA warns Apple users to update multiple products
Multiple iOS versions running on certain Apple products are at risk and should be updated now, warns the US Cybersecurity Infrastructure and Security Agency (CISA).
CyberNews
iPhone users: turn on new security feature
Apple has released a new security feature called Stolen Device Protection – and you should definitely turn it on, experts say.
Cyber Security News
Apple Critical Zero-day Flaw Exposes iPhones & Macs
Apple has released its first zero-day vulnerability patch of 2024 which affected several Apple products including tvOS, iOS, iPadOS, macOS.
The Hacker News
Apple Issues Patch for Critical Zero-Day in iPhones, Macs - Update Now
Apple fixes first "in-the-wild" zero-day of 2024. Update iPhones, iPads, and Macs NOW!
SC Magazine
Apple patches zero day affecting operating systems for devices, Macs
Apple released a bevy of security updates to fix a slew of vulnerabilities in its products on Monday, including a zero day that “may have been exploited” in operating systems for its iPhones, iPads and Macintosh computers.
Bleeping Computer
Apple fixes first zero-day bug exploited in attacks this year
Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and Apple TVs.
DarkReading
iPhone, Android Ambient Light Sensors Allow Stealthy Spying
Ambient light sensors on smart-device screens can effectively be turned into a camera, opening up yet another path to snooping on unwitting victims.
Computerworld
10 must-have security tips for digital nomads
When you’re on the road, either for business travel or because your company allows remote work from anywhere, you have to take extra steps to ensure data security, safety and privacy.
PCMag
iOS 17.3 Arrives Next Week With New Stolen Phone Protection Features
Apple will release iOS 17.3 sometime next week, and with it, several new features, including a Stolen Device Protection setting to protect your account from iPhone thieves.
Cyber Security News
New iShutdown Scripts Enable Detection of Spyware On iPhones
There were only two methods for conducting forensic investigations on iOS devices which were either to examine an encrypted full iOS backup.
Cyber Security News
LeftoverLocals Attack Let Attackers Steal AI Data From Apple, Qualcomm & AMD GPUs
Researchers Tyler Sorensen and Heidy Khlaaf of Trail of Bits found the vulnerability, which they named LeftoverLocals.
HACKRead
Kaspersky's iShutdown Tool Detects Pegasus Spyware and Other Mawlare on iOS Devices
The iShutdown tool has been launched a few weeks after Kaspersky cybersecurity researchers revealed significant insights into Operation Triangulation. This investigation delves into how spyware threats compromise iPhones.
Bleeping Computer
iShutdown scripts can help detect iOS spyware on your iPhone
Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices by checking Shutdown.log, a system log file that stores reboot events.
Bleeping Computer
AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks
A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space.
Loading more articles....