Apple

Pierluigi Paganini May 18, 2023
Apple fixed three new actively exploited zero-day vulnerabilities

Apple released security updates to address three zero-day vulnerabilities in iPhones, Macs, and iPads that are actively exploited in attacks. Apple has addressed three new zero-day vulnerabilities that are actively exploited in attacks in the wild to hack into iPhones, Macs, and iPads. The three vulnerabilities, tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373, reside in the […]

Pierluigi Paganini May 02, 2023
The first iPhone Rapid Security Response update released by Apple fails to install

Apple has released its first Rapid Security Response update, but many iPhone users reported problems during the installation of the iOS Security Response. On June 2022, Apple announced that the Rapid Security Response feature would be available starting with iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 operating systems.  Once a Rapid Security Response has been […]

Pierluigi Paganini April 11, 2023
Apple released emergency updates to fix recently disclosed zero-day bugs on older devices

Apple released updates to backport patches addressing two actively exploited zero-day vulnerabilities in older iPhones, iPads, and Macs. Apple has released emergency updates to backport security patches that address two actively exploited zero-day flaws also affecting older iPhones, iPads, and Macs. On April 7, 2023, Apple has released emergency security updates to address two actively exploited zero-day […]

Pierluigi Paganini April 07, 2023
Apple addressed two actively exploited zero-day flaws

Apple released emergency security updates to address two actively exploited zero-day vulnerabilities impacting iPhones, Macs, and iPads. Apple has released emergency security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-28205 and CVE-2023-28206, impacting iPhones, Macs, and iPads. Impacted devices include: Both vulnerabilities were reported by Clément Lecigne of Google’s Threat Analysis Group […]

Pierluigi Paganini March 27, 2023
Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices

Apple released updates to backport security patches that address actively exploited CVE-2023-23529 WebKit zero-day for older iPhones and iPads. Apple released security updates to backport patches that address an actively exploited zero-day flaw (CVE-2023-23529) for older iPhones and iPads. The CVE-2023-23529 flaw is a type confusion issue in WebKit that was addressed by the IT giant with […]

Pierluigi Paganini February 22, 2023
Experts found a large new class of bugs ‘class’ in Apple devices

Tech giant Apple discloses three new vulnerabilities affecting its iOS, iPadOS, and macOS operating systems. Apple updated its advisories by adding three new vulnerabilities, tracked as CVE-2023-23520, CVE-2023-23530 and CVE-2023-23531, that affect iOS, iPadOS, and macOS. An attacker can trigger the CVE-2023-23530 flaw to execute arbitrary code out of its sandbox or with certain elevated privileges. The vulnerability resides in the Foundation […]

Pierluigi Paganini February 14, 2023
Apple fixes the first zero-day in iPhones and Macs this year

Apple has released emergency security updates to fix a new actively exploited zero-day vulnerability that impacts iPhones, iPads, and Macs. Apple has released emergency security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-23529, that impacts iOS, iPadOS, and macOS. The flaw is a type confusion issue in WebKit that was addressed […]

Pierluigi Paganini January 06, 2023
Microsoft details techniques of Mac ransomware

Microsoft warns of different ransomware families (KeRanger, FileCoder, MacRansom, and EvilQuest) targeting Apple macOS systems. Microsoft Security Threat Intelligence team warns of four different ransomware families (KeRanger, FileCoder, MacRansom, and EvilQuest) that impact Apple macOS systems. The initial vector in attacks involving Mac ransomware typically relies on user-assisted methods, such as downloading and running fake […]

Pierluigi Paganini December 20, 2022
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS

Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper. Microsoft has disclosed details of a now-fixed security vulnerability dubbed Achilles (CVE-2022-42821, CVSS score: 5.5) in Apple macOS that could be exploited by threat actors to bypass the Gatekeeper security feature. The Apple Gatekeeper is designed to protect […]

Pierluigi Paganini December 14, 2022
Apple fixed the tenth actively exploited zero-day this year

Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari to fix a new actively exploited zero-day (CVE-2022-42856). Apple released security updates to address a new zero-day vulnerability, tracked as CVE-2022-42856, that is actively exploited in attacks against iPhones. The flaw is the tenth actively exploited zero-day vulnerability since the start of the […]