Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 7
133 résultats taggé Apple  ✕
PasivRobber: Chinese Spyware or Security Tool? https://www.kandji.io/blog/pasivrobber
17/04/2025 08:54:09
QRCode
archive.org
thumbnail

In March 2025, our team found a suspicious mach-O file named wsus. Read the full analysis on its likely origins, target users, and observed functionality.

kandji EN 2025 macos PasivRobber Spyware wsus analysis apple
TTP - Apple Offers Apps With Ties to Chinese Military https://www.techtransparencyproject.org/articles/apple-offers-apps-with-ties-to-chinese-military
06/04/2025 11:24:48
QRCode
archive.org
thumbnail

Millions of Americans have downloaded apps that secretly route their internet traffic through Chinese companies, according to an investigation by the Tech Transparency Project (TTP), including several that were recently owned by a sanctioned firm with links to China’s military.

TTP’s investigation found that one in five of the top 100 free virtual private networks in the U.S. App Store during 2024 were surreptitiously owned by Chinese companies, which are obliged to hand over their users’ browsing data to the Chinese government under the country’s national security laws. Several of the apps traced back to Qihoo 360, a firm declared by the Defense Department to be a “Chinese Military Company." Qihoo did not respond to questions about its app-related holdings.

techtransparencyproject EN 2025 Apple Chinese Military VPN ios AppStore
Apple belatedly fixes exploited flaws in older OSes https://www.theregister.com/2025/04/02/apple_patch_bundle/
02/04/2025 09:06:29
QRCode
archive.org
thumbnail

Apple has delivered a big batch of OS updates, some of which belatedly patch older versions of its operating systems to address exploited-in-the-wild flaws the iGiant earlier fixed in more recent releases.

theregister EN 2025 belatedly older Apple patch iOS vulnerabilities CVE-2025-24200
TCCing is Believing https://objective-see.org/blog/blog_0x7F.html
31/03/2025 19:31:21
QRCode
archive.org
thumbnail

Apple finally adds TCC events to Endpoint Security!
Since the majority of macOS malware circumvents TCC through explicit user approval, it would be incredibly helpful for any security tool to detect this — and possibly override the user’s risky decision. Until now the best (only?) option was to ingest log messages generated by the TCC subsystem. This approach was implemented in a tool dubbed Kronos, written by Calum Hall Luke Roberts (now, of Phorion fame). Unfortunately, as they note, this approach did have it drawbacks:

objective-see EN 2025 macos Apple TCC events Endpoint Security subsystem
Apple's Passwords app was vulnerable to phishing attacks for nearly three months after launch https://9to5mac.com/2025/03/18/apples-passwords-app-was-vulnerable-to-phishing-attacks-for-nearly-three-months-after-launch/?ref=metacurity.com
19/03/2025 21:02:20
QRCode
archive.org

In iOS 18, Apple spun off its Keychain password management tool—previously only tucked away in Settings—into a standalone app called...

9to5mac EN 2025 iOS apple passwords http app vulnerable phishing Keychain
Apple Drops Another WebKit Zero-Day Bug https://www.darkreading.com/mobile-security/apple-drops-another-webkit-zero-day-bug
17/03/2025 09:17:49
QRCode
archive.org

For the third time in as many months, Apple has released an emergency patch to fix an already exploited zero-day vulnerability impacting a wide range of its products.

The new vulnerability, identified as CVE-2025-24201, exists in Apple's WebKit open source browser engine for rendering Web pages in Safari and other apps across macOS, iOS, and iPadOS. WebKit is a frequent target for attackers because of how deeply integrated it is with Apple's ecosystem.

darkreading EN 2025 CVE-2025-24201spyware Apple vulnerability 0-day WebKit
Apple yanks encrypted storage in U.K. instead of allowing backdoor access https://www.washingtonpost.com/technology/2025/02/21/apple-yanks-encrypted-storage-uk-instead-allowing-backdoor-access/
21/02/2025 16:31:59
QRCode
archive.org

Company will no longer provide its highest security offering in Britain in the wake of a government order to let security officials see protected data.

washingtonpost EN 2025 Apple privacy encrypted storage backdoor
Microsoft spots XCSSET macOS malware variant used for crypto theft https://www.bleepingcomputer.com/news/security/microsoft-spots-xcsset-macos-malware-variant-used-for-crypto-theft/
18/02/2025 15:37:22
QRCode
archive.org
thumbnail

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app.

bleepingcomputer EN 2025 Apple Malware Supply-Chain-Attack Xcode XCSSET Security
SparkCat crypto stealer in Google Play and App Store https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/
05/02/2025 09:18:19
QRCode
archive.org
thumbnail

Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model.

securelist EN 2025 Apple iOS Cryptocurrencies Google-Android Malware Malware-Descriptions Malware-Technologies Mobile-Malware Trojan Trojan-stealer
Apple fixes this year’s first actively exploited zero-day bug https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/
28/01/2025 08:34:50
QRCode
archive.org
thumbnail

​Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users.

bleepingcomputer EN 2025 Actively-Exploited Apple iOS iPhone Zero-Day
Microsoft: macOS bug lets hackers install malicious kernel drivers https://www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/
13/01/2025 19:43:30
QRCode
archive.org
thumbnail

Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
#Apple #Computer #InfoSec #Integrity #Microsoft #Protection #SIP #Security #System #Vulnerability #macOS

bleepingcomputer EN 2024 CVE-2024-44243 System macOS Apple Security Integrity SIP
Apple sends spyware victims to this nonprofit security lab https://techcrunch.com/2024/12/20/why-apple-sends-spyware-victims-to-this-nonprofit-security-lab/
27/12/2024 11:50:28
QRCode
archive.org
thumbnail

Cybersecurity experts, who work with human rights defenders and journalists, agree that Apple is doing the right thing by sending notifications to victims of mercenary spyware — and at the same time refusing to forensically analyze the devices.

techcrunch EN 2024 Apple accessnow spyware victims
The Wiretap: Kamala Harris’ Campaign Staff Suspected iPhones Had Been Hacked. Apple Declined To Give Them The Help They Wanted. https://www.forbes.com/sites/thomasbrewster/2024/12/17/the-wiretap-kamala-harris-campaign-suspected-its---iphones-had-been-hacked-apple-declined-to-help/
18/12/2024 16:22:28
QRCode
archive.org
thumbnail

Apple rejects requests for a copy of a Harris campaign staffer's iPhone.

forbes EN 2024 Apple Kamala-Harris iPhone hack iVerify spyware Declined
On These Apps, the Dark Promise of Mothers Sexually Abusing Children https://www.nytimes.com/2024/12/07/us/child-abuse-apple-google-apps.html
09/12/2024 20:49:11
QRCode
archive.org

Smartphone apps downloaded from Apple and Google can allow parents and other abusers to connect with pedophiles who pay to watch — and direct — criminal behavior.

nytimes EN 2024 investigation BigoLive abuse stream child Apps Apple Google pedophiles criminal
What a new threat report says about Mac malware in 2024 https://appleinsider.com/articles/24/12/04/what-a-new-threat-report-says-about-mac-malware-in-2024
09/12/2024 14:02:09
QRCode
archive.org
thumbnail

Apple's macOS has been under siege in 2024 as malware-as-a-service platforms and AI-driven threats make the year a turning point for Mac security.

appleinsider EN 2024 Apple macOS AI-driven Mac security malware-as-a-service
Leaked Documents Show What Phones Secretive Tech ‘Graykey’ Can Unlock https://www.404media.co/leaked-documents-show-what-phones-secretive-tech-graykey-can-unlock-2/
19/11/2024 20:57:47
QRCode
archive.org
thumbnail

The documents provide never-been-seen insight into the current cat-and-mouse game between forensics companies and phone manufacturers Apple and Google.

404media EN 2024 Graykey leak analysis Apple Google ios Android forensics
Update your iPhone, Mac, Watch: Apple issues patches for several vulnerabilities | Malwarebytes https://www.malwarebytes.com/blog/news/2024/10/update-your-iphone-mac-watch-apple-issues-patches-for-several-vulnerabilities
31/10/2024 11:01:13
QRCode
archive.org
thumbnail

Apple has issued patches for several of its operating systems. The ones for iOS and iPadOS deserve your immediate attention.

malwarebytes EN 2024 Apple macOS iOS patch iPadOS CVE-2024-44274 CVE-2024-44282 CVE-2024-40867
Apple Shares Private Cloud Compute Virtual Research Environment, Provides Bounties for Vulnerabilities - MacRumors https://www.macrumors.com/2024/10/24/apple-private-cloud-compute-security-info/
25/10/2024 08:13:02
QRCode
archive.org
thumbnail

Private Cloud Compute is a cloud intelligence system that Apple designed for private artificial intelligence processing, and it's what Apple is...

macrumors EN 2024 Apple Cloud Compute private artificial intelligence Bounty processing
ShadyShader: Crashing Apple Devices with a Single Click https://www.imperva.com/blog/shadyshader-crashing-apple-m-series-with-single-click/
23/10/2024 11:41:59
QRCode
archive.org
thumbnail

ShadyShader: Crashing Apple M-Series Devices with a Single Click

imperva EN 2024 ShadyShader Apple M-Series Click crash
Apple fixes password-blurting VoiceOver bug https://www.theregister.com/2024/10/04/apple_voiceover_password_bug/
04/10/2024 14:12:53
QRCode
archive.org
thumbnail

Not a great look when the iGiant just launched its first password manager

theregister EN 2024 Apple password-blurting VoiceOver
page 1 / 7
4259 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio