iOS | SC Media

iOS

Report: Apple demands companies obtain consent before recording users’ app sessions

By

Apple has reportedly issued an ultimatum to companies that rely on “session replay” tools to track the way users interact with their iPhone apps: disclose the practice and seek explicit consent for it, or be removed from the app store. Apple’s mandate comes after a TechCrunch report last Wednesday revealed that Air Canada, Hollister, Expedia,…

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple patches two flaws reportedly exploited in zero-day attacks; also nixes FaceTime eavesdropping bug

By

Apple yesterday released security updates for iOS and macOS Mojave, repairing four vulnerabilities, including two that a Google researcher says were exploited in the wild as zero days. The two exploited flaws consisted of memory corruption issues caused by insufficient input validation. The first, CVE-2019-7286, is a privilege escalation vulnerability in the Foundation framework that…

Apple releases iOS 8.0.2 to quell buggy update complaints

Apple’s Siri Shortcuts feature vulnerable to abuse, researchers warn

By

Siri Shortcuts, Apple’s recently introduced native feature for iOS 12, can potentially be abused by threat actors to deliver malware to unsuspecting mobile device users, researchers are warning. The tool allows users to quickly execute and automate multiple-step tasks with just a single tap or voice command. Device owners who download the Siri Shortcuts app…

A flaw that allowed users to break through the passcode screen was eliminated in iOS 7.0.2.

Group FaceTime for iOS exposes users’ full contact info

By

A researcher has apparently found a way to exploit the new Group FaceTime feature in iOS 12.1 in order to access iPhone users’ contact information. The Hacker News has reported that Spanish researcher Jose Rodriguez made the discovery just hours after the release of version 12.1 last Oct. 31, and subsequently created a video of his…

Apple tweaks lock screen options in iOS security update

By

Apple yesterday issued its first software update for the iOS 12 operating system, fixing two bugs that both impact lock screen security. It also separately remedied 19 vulnerabilities in iCloud for Windows 7.7. The release of iOS 12.0.1 repairs CVE-2018-4380, a flaw in the VoiceOver feature, which a local attacker could exploit to view photos…

applePatch

Apple issues updates for multiple operating systems, Safari browser

By

Apple yesterday released software updates for five of its offerings: Safari, ioS, watchOS, tvOS and Apple Support for iOS. The company fixed three vulnerabilities in Safari 12: a logic issue that could enable a malicious website to exfiltrate autofilled data (CVE-2018-4307), an error that prevents users from deleting their browsing history if their visits involved…

Next post in Malware