Recherche : [Apple] - Cyberveille

PasivRobber: Chinese Spyware or Security Tool? https://www.kandji.io/blog/pasivrobber

17/04/2025 08:54:09

In March 2025, our team found a suspicious mach-O file named wsus. Read the full analysis on its likely origins, target users, and observed functionality.

TTP - Apple Offers Apps With Ties to Chinese Military https://www.techtransparencyproject.org/articles/apple-offers-apps-with-ties-to-chinese-military

06/04/2025 11:24:48

Millions of Americans have downloaded apps that secretly route their internet traffic through Chinese companies, according to an investigation by the Tech Transparency Project (TTP), including several that were recently owned by a sanctioned firm with links to China’s military.

TTP’s investigation found that one in five of the top 100 free virtual private networks in the U.S. App Store during 2024 were surreptitiously owned by Chinese companies, which are obliged to hand over their users’ browsing data to the Chinese government under the country’s national security laws. Several of the apps traced back to Qihoo 360, a firm declared by the Defense Department to be a “Chinese Military Company." Qihoo did not respond to questions about its app-related holdings.

Apple belatedly fixes exploited flaws in older OSes https://www.theregister.com/2025/04/02/apple_patch_bundle/

02/04/2025 09:06:29

Apple has delivered a big batch of OS updates, some of which belatedly patch older versions of its operating systems to address exploited-in-the-wild flaws the iGiant earlier fixed in more recent releases.

TCCing is Believing https://objective-see.org/blog/blog_0x7F.html

31/03/2025 19:31:21

Apple finally adds TCC events to Endpoint Security!
Since the majority of macOS malware circumvents TCC through explicit user approval, it would be incredibly helpful for any security tool to detect this — and possibly override the user’s risky decision. Until now the best (only?) option was to ingest log messages generated by the TCC subsystem. This approach was implemented in a tool dubbed Kronos, written by Calum Hall Luke Roberts (now, of Phorion fame). Unfortunately, as they note, this approach did have it drawbacks:

Apple's Passwords app was vulnerable to phishing attacks for nearly three months after launch https://9to5mac.com/2025/03/18/apples-passwords-app-was-vulnerable-to-phishing-attacks-for-nearly-three-months-after-launch/?ref=metacurity.com

19/03/2025 21:02:20

In iOS 18, Apple spun off its Keychain password management tool—previously only tucked away in Settings—into a standalone app called...

Apple Drops Another WebKit Zero-Day Bug https://www.darkreading.com/mobile-security/apple-drops-another-webkit-zero-day-bug

17/03/2025 09:17:49

For the third time in as many months, Apple has released an emergency patch to fix an already exploited zero-day vulnerability impacting a wide range of its products.

The new vulnerability, identified as CVE-2025-24201, exists in Apple's WebKit open source browser engine for rendering Web pages in Safari and other apps across macOS, iOS, and iPadOS. WebKit is a frequent target for attackers because of how deeply integrated it is with Apple's ecosystem.

Apple yanks encrypted storage in U.K. instead of allowing backdoor access https://www.washingtonpost.com/technology/2025/02/21/apple-yanks-encrypted-storage-uk-instead-allowing-backdoor-access/

21/02/2025 16:31:59

Company will no longer provide its highest security offering in Britain in the wake of a government order to let security officials see protected data.

Microsoft spots XCSSET macOS malware variant used for crypto theft https://www.bleepingcomputer.com/news/security/microsoft-spots-xcsset-macos-malware-variant-used-for-crypto-theft/

18/02/2025 15:37:22

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app.

SparkCat crypto stealer in Google Play and App Store https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/

05/02/2025 09:18:19

Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model.

Apple fixes this year’s first actively exploited zero-day bug https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/

28/01/2025 08:34:50

Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users.

Microsoft: macOS bug lets hackers install malicious kernel drivers https://www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/

13/01/2025 19:43:30

Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
#Apple #Computer #InfoSec #Integrity #Microsoft #Protection #SIP #Security #System #Vulnerability #macOS

Apple sends spyware victims to this nonprofit security lab https://techcrunch.com/2024/12/20/why-apple-sends-spyware-victims-to-this-nonprofit-security-lab/

27/12/2024 11:50:28

Cybersecurity experts, who work with human rights defenders and journalists, agree that Apple is doing the right thing by sending notifications to victims of mercenary spyware — and at the same time refusing to forensically analyze the devices.

The Wiretap: Kamala Harris’ Campaign Staff Suspected iPhones Had Been Hacked. Apple Declined To Give Them The Help They Wanted. https://www.forbes.com/sites/thomasbrewster/2024/12/17/the-wiretap-kamala-harris-campaign-suspected-its---iphones-had-been-hacked-apple-declined-to-help/

18/12/2024 16:22:28

Apple rejects requests for a copy of a Harris campaign staffer's iPhone.

On These Apps, the Dark Promise of Mothers Sexually Abusing Children https://www.nytimes.com/2024/12/07/us/child-abuse-apple-google-apps.html

09/12/2024 20:49:11

Smartphone apps downloaded from Apple and Google can allow parents and other abusers to connect with pedophiles who pay to watch — and direct — criminal behavior.

What a new threat report says about Mac malware in 2024 https://appleinsider.com/articles/24/12/04/what-a-new-threat-report-says-about-mac-malware-in-2024

09/12/2024 14:02:09

Apple's macOS has been under siege in 2024 as malware-as-a-service platforms and AI-driven threats make the year a turning point for Mac security.

Leaked Documents Show What Phones Secretive Tech ‘Graykey’ Can Unlock https://www.404media.co/leaked-documents-show-what-phones-secretive-tech-graykey-can-unlock-2/

19/11/2024 20:57:47

The documents provide never-been-seen insight into the current cat-and-mouse game between forensics companies and phone manufacturers Apple and Google.