You searched for appl/ | SC Media

Your search for appl/ returned 1454 results

Your search for appl/ returned 1454 results

Sort Results:

Relevant Recent
Cybercrime, Malware, Security News

Docs reveal how Fruitfly Mac spyware initially spread

A tweet from security researcher Patrick Wardle has shed new light on the original attack vector used to spread the Mac spyware Fruitfly to unsuspecting victims more than a decade. Wardle, the chief research officer at Digita Security and director of research at Synack, said he came across some FBI documents that identify the point…
Mobile Security, Security News, Vulnerabilities

A weakness in Apple’s DEP authentication leaves users open to attack

Researchers have noted a lack of authentication in the  Apple Device Enrollment Program that could allow a malicious actor to steal Wi-Fi passwords and VPN configurations. The vulnerability was dug out by Duo Labs who found Apple’s device enrollment program (DEP) has an authentication weakness that can be exploited when organizations use Apple’s mobile device…
Apple updates guidelines for gov't, law enforcement data requests
Cybercrime, Security News

Australian Apple hacker avoids jail, gets eight months probation

A Melbourne teenager who pleaded guilty in Australia’s Children’s Court to repeatedly hacking into Apple’s corporate systems because he admired the company was reportedly sentenced to eight months of probation and will avoid jail time. “Your offending is serious, sustained and sophisticated,” said the magistrate presiding over the case, according to The Age. “You knew…
Security News, Vulnerabilities

Apple pushes out Mojave 10.14, patches numerous vulnerabilities

Apple has issued an update to fix a number of issues in macOS Mojave leading to arbitrary code execution, the ability to read restricted memory and access local users Apple IDs among others. All were patched with the release of macOS Mojave 10.14 on Sept. 24. The first issue, CVE-2018-5383, impacted a number of iMac,…
Network Security, Patch Management, Security News, Vulnerabilities

Apple issues updates for multiple operating systems, Safari browser

Apple yesterday released software updates for five of its offerings: Safari, ioS, watchOS, tvOS and Apple Support for iOS. The company fixed three vulnerabilities in Safari 12: a logic issue that could enable a malicious website to exfiltrate autofilled data (CVE-2018-4307), an error that prevents users from deleting their browsing history if their visits involved…
Security News

iOS Webkit flaw found that forces iPhone restart

An independent cybersecurity researcher has come up with a short CSS that can force Apple iOS devices to do a full restart. The researcher, who tweets under the name Sabri, posted the 15-lines of code needed to exploit the flaw to Github on Sept. 15. In addition to affecting iOS devices the CSS can also…
Criminals fuse Zeus, Carberp code for more sinister trojan
Security News, Vulnerabilities

New cold-boot attacks allow stolen encryption keys and more

F-Secure researchers have developed a new tool to carry out cold boot attacks which could allow attackers to steal encryption keys and other sensitive information from devices left in sleep mode. The firm’s Principal Security Consultant Olle Segerdahl and his fellow cybersecurity consultant Pasi Saarinen developed an attack to bypass BIOS mitigations by exploiting a…
Cryptocurrency, Security News

Monero miner found in third-party Kodi add-ons for Linux and Windows

The now-shuttered XvBMC and Bubbles third-party add-on repositories, along with the still operating Gaia, have been hosting more than just software products, as researchers have discovered these sites have been abused to propagate a cryptomining campaign centered on the popular open-source media player Kodi. ESET researchers have reported that the three add-on repositories, two of…
Security News, Vulnerabilities

Apple’s Safari and Microsoft’s Edge browsers contain spoofing bug

Apple’s Safari and Microsoft’s Edge browser users are vulnerable to a bug that would allow attackers to spoof website addresses. Independent security researcher Rafay Baloch spotted the vulnerability that could allow JavaScript to update the address bar while the page was still loading effectively causing the browser to display the intended address while loading content from…
Cybercrime, Data Breach, Security News

MEGA Chrome extension compromised to steal credentials and cryptocurrency

Cybercriminals exploited the MEGA Chrome extension to steal cryptocurrency and user credentials affecting 1.6 million users. The incident was first discovered by the independent researcher and Monero Project Contributor SerHack who promptly tweeted a warning that the 3.39.4 version of the MEGA Chrome extension had been compromised. “On 4 September 2018 at 14:30 UTC, an unknown…
Next post in Cybercrime