Security Affairs

NOVEMBER 12, 2021

Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong. “To protect our users, TAG routinely hunts for 0-day vulnerabilities exploited in-the-wild. ” reads the analysis published by Google.

Encryption 133

Encryption IT Security Information Security 133

Security Affairs

APRIL 7, 2023

Apple released emergency security updates to address two actively exploited zero-day vulnerabilities impacting iPhones, Macs, and iPads. Apple has released emergency security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-28205 and CVE-2023-28206, impacting iPhones, Macs, and iPads.

Education 86

Education Security Cybersecurity IT 86

Schneier on Security

DECEMBER 6, 2021

Brand name “air tags” are placed in out-of-sight areas of the target vehicles when they are parked in public places like malls or parking lots. Apple responded with a slew of anti-stalking measures , but those are more intended for keeping people safe than cars.

IT 124

IT 124

Security Affairs

MAY 11, 2021

Apple AirTag has been launched less than two weeks ago, but a security researcher already claims to have hacked them. . The Apple AirTag has been available for just a couple of weeks and hacking community is already working on it to demonstrate that how to compromise it. ” reported the 9to5Mac website. Pierluigi Paganini.

IT 117

IT Security Access Cybersecurity 117

Security Affairs

AUGUST 28, 2022

this information is important because Apple released iOS 15.4.1 At this time it is not possible to determine if the vulnerabilities in the offered exploits have been addressed by Apple. The exploits should work against the Android 12 update and iOS 15.4.1, in March, which means that the offer is recent.

IT 129

IT Security Information Security 129

Schneier on Security

FEBRUARY 20, 2023

Tile has an interesting security solution to make its tracking tags harder to use for stalking: The Anti-Theft Mode feature will make the devices invisible to Scan and Secure, the company’s in-app feature that lets you know if any nearby Tiles are following you. ” Apple’s AirTag “notifies iPhone users.”

Security 79

Security Government IT 79

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S. Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Military 94

Military Security Ransomware Insurance 94

Security Affairs

DECEMBER 10, 2021

The Log4j is widely used by both enterprise apps and cloud services, including Apple iCloud and Steam. IT giants like Apple, Amazon, Twitter, Cloudflare, Steam, Tencent, Baidu, and NetEase are running servers potentially affected by the issue. Query our API for "tags=CVE-2021-44228" for source IP addresses and other IOCs.

Libraries 141

Libraries IT Cloud Data breaches 141

Security Affairs

JANUARY 18, 2021

A duo of white hat hackers claims to have earned $50,000 from Apple for reporting serious flaws that allowed them to company’s servers. The Indian white hat hackers Harsh Jaiswal and Rahul Maini claim to have discovered multiple flaws that allowed them to access Apple servers. SecurityAffairs – hacking, Apple).

IT 93

IT CMS Authentication Access 93

Security Affairs

DECEMBER 12, 2021

Log4j is an open-source library widely used by both enterprise apps and cloud services, including Apple iCloud and Steam. IT giants like Apple, Amazon, Twitter, Cloudflare, Steam, Tencent, Baidu, and NetEase are running servers potentially affected by the issue. Tags available to all users and customers now.

Libraries 109

Libraries Digital transformation Education Government 109

Security Affairs

APRIL 1, 2023

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability. Google TAG shared indicators of compromise (IoCs) for both campaigns.

Cybersecurity 82

Cybersecurity Education Risk Security 82

Security Affairs

JULY 14, 2021

Security researchers from Google Threat Analysis Group (TAG) and Google Project Zero revealed that four zero-day vulnerabilities have been exploited in the wild earlier this year. ” Post by @_clem1 & @maddiestone on 4 0days TAG found this year (with IOCs!). Also thoughts on why we are seeing so many 0day in 2021.

Government 144

Government Security IT Cybersecurity 144

eSecurity Planet

OCTOBER 9, 2023

A surge of critical vulnerabilities and zero-day exploits has made for a very busy week in IT security, affecting a range of tech giants like Atlassian, Cisco, Apple, Arm, Qualcomm and Microsoft. Major zero-day vulnerabilities were reported in Atlassian and Cisco tools, while Apple responded to its own zero-day issue.

Libraries 103

Libraries Ransomware Access Security 103

Security Affairs

SEPTEMBER 7, 2019

Apple replied to Google about the recent report suggesting iPhones may have been hacked as part of a long-running hacking campaign. Apple criticized the report recently published by Google that claims that iPhones may have been hacked by threat actors as part of a long-running hacking campaign. SecurityAffairs – Apple, iPhone).

Security 81

Security IT Information Security 81

Security Affairs

JULY 15, 2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise The source code of the BlackLotus UEFI Bootkit was leaked on GitHub US CISA warns of Rockwell Automation ControlLogix flaws Indexing Over 15 Million WordPress Websites with PWNPress New AVrecon botnet remained under the radar for two (..)

Security 91

Security Data breaches Government Analytics 91

Krebs on Security

DECEMBER 14, 2022

The vulnerability allows attackers to craft documents that won’t get tagged with Microsoft’s “Mark of the Web,” despite being downloaded from untrusted sites. The bug already seeing exploitation is CVE-2022-44698 , which allows attackers to bypass the Windows SmartScreen security feature.

Ransomware 188

Ransomware Authentication Security Access 188

Krebs on Security

JULY 25, 2023

Spur.us , a startup that tracks proxy services, told KrebsOnSecurity that the Internet addresses Lumen tagged as the AVrecon botnet’s “Command and Control” (C2) servers all tie back to a long-running proxy service called SocksEscort. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Analytics 197

Analytics Passwords Systems administration Retail 197

The Guardian Data Protection

MAY 1, 2021

Among the new features it boasts are: the option to unlock the phone with an Apple Watch while wearing a mask; support for something called the AirTag; separate skintone variations for emojis of couples; and more diverse voice options for Apple’s voice assistant, Siri. I’ve just downloaded v14.5, But version 14.5

Privacy 66

Privacy IT 66

Security Affairs

AUGUST 30, 2019

Earlier this year, Google Threat Analysis Group (TAG) experts uncovered an iPhone hacking campaign, initially, they spotted a limited number of hacked websites used in watering hole attacks against iPhone users. “Earlier this year Google’s Threat Analysis Group (TAG) discovered a small collection of hacked websites.

Encryption 89

Encryption Access Authentication IT 89

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5

Security 81

Security Data breaches Phishing Ransomware 81

Security Affairs

JANUARY 21, 2024

million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8

Security 96

Security e-Discovery Artificial Intelligence Ransomware 96

John Battelle's Searchblog

JANUARY 13, 2014

Today comes the news that Google is buying Nest , a move that, upon reflection, should have been obvious (the price tag of more than $3 billion, not so obvious!). My first thought upon hearing this news was of Apple – if ever there was an Apple-like company, it’s Nest. Healthcare? Well…why not?

Marketing 108

Marketing IT 108

Security Affairs

APRIL 3, 2022

Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church UK Police charges two teenagers for their alleged role in the Lapsus$ extortion group Beastmode Mirai botnet now includes exploits for Totolink routers Ukraine intelligence leaks names of 620 alleged Russian FSB agents Critical CVE-2022-1162 flaw in GitLab allowed threat (..)

Security 80

Security Authentication Ransomware Cloud 80

Security Affairs

OCTOBER 3, 2021

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Security 52

Security Data breaches Information Security Risk 52

Krebs on Security

MARCH 2, 2020

An individual thought to be involved has earned accolades from the likes of Apple , Dell , and Microsoft for helping to find and fix security vulnerabilities in their products. ” A review of Majidi’s Facebook profile shows that phrase as his tag line, and that he has signed several of his posts over the years as “Fatal.001.”

Passwords 254

Passwords Manufacturing Security Data breaches 254

IBM Big Data Hub

OCTOBER 16, 2023

Personal assistants and voice assistants It’s ML that powers the tasks done by virtual personal assistants or voice assistants, such as Amazon’s Alexa and Apple’s Siri. Then, it suggests the social media user tag that individual. Machine learning in smartphones ML powers a lot of what happens with our smartphones.

Marketing 51

Marketing Data science e-Discovery Artificial Intelligence 51

erwin

APRIL 11, 2019

Facebook was in the news again last week for another major problem around the transparency of its user data, and the tech-giant also is reportedly facing 10 GDPR investigations in Ireland – along with Apple, LinkedIn and Twitter.

GDPR 100

GDPR e-Discovery Compliance Metadata 100

John Battelle's Searchblog

SEPTEMBER 13, 2012

The post Am I An Outlier, Or Are Apple Products No Longer Easy To Use? And it’s not limited to the Mac – the iPhone is also a massive fail in what was once the exclusive province of Apple: Ease of use. appeared first on John Battelle's Search Blog. I’ve been a Mac guy for almost my entire adult life.

IT 112

IT Marketing Insurance Paper 112

Krebs on Security

SEPTEMBER 6, 2021

For years leading up to 2015, “ admin@manipulaters.com ” was the name on the registration records for thousands of scam domains that spoofed some of the world’s top banks and brand names, but particularly Apple and Microsoft. For example, the Facebook profile of Burhan Ul Haq , a.k.a.

Phishing 233

Phishing IT Passwords Cloud 233

John Battelle's Searchblog

MAY 10, 2010

We're used to buzz around Apple, and in particular, we're quite used to buzz about how Apple goes to market. But with iAds, Apple has moved from the business of making ads to the business of selling them. His products are brilliant, and the cult around Jobs and his work are extraordinary. Well, yes and no.

Marketing 97

Marketing Sales Paper IT 97

John Battelle's Searchblog

MAY 21, 2010

Early last week I wrote a long-ish piece on the iAd – in which I both criticized and praised Apple for “re-gifting” a mobile ad format that already existed. Since then I’ve spoke with Apple’s head of corporate communications, as well as several other potential clients and agencies. This will change over time.

Marketing 84

Marketing Privacy IT Insurance 84

John Battelle's Searchblog

SEPTEMBER 13, 2012

And it’s not limited to the Mac – the iPhone is also a massive fail in what was once the exclusive province of Apple: Ease of use. I am certain this post will elicit all manner of Apple fanboys who claim I’m a moron, that I’ve brought upon my own demise through stupid decisions. Her email breaks early and often.

IT 76

IT Marketing Insurance Paper 76

ChiefTech

AUGUST 5, 2008

Having played around with an iPhone in the Apple store in Sydney , I've been reflecting on the hype and talking to an Apple guru I know, Damian Damjanovski , to understand better how and where it fits as an enterprise business technology. Technorati Tags: Apple , iPhone , Damian Damjanovski , Blackberry , Mallesons Stephen Jaques

IT 40

IT 40

Security Affairs

JULY 9, 2019

Cybersecurity expert Jonathan Leitschuh disclosed an unpatched critical security vulnerability in the Zoom app for Apple Mac computers, that is chained with another issue, could be exploited by attackers to execute arbitrary code on the targeted systems remotely. Then he needs to trick the victims into visiting the malicious website.

Phishing 71

Phishing Communications Cloud Cybersecurity 71

IBM Big Data Hub

FEBRUARY 14, 2024

Smarten up smartphones Facial recognition turns on smartphones and voice assistants, powered by machine learning, while Apple’s Siri, Amazon’s Alexa, Google Assistant and Microsoft’s Copilot use NLP to recognize what we say and then respond appropriately.

Artificial Intelligence 88

Artificial Intelligence Retail Unstructured data Insurance 88

ChiefTech

MAY 22, 2008

collaboration features, such as Wikis, blogs, RSS, and tagging: " Magellan shows a much needed change in the thinking at Documentum. Learning from the best in UI, Magellan adds interfaces introduced by Apple for iTunes and iPod. From the end-user perspective, Magellan will provide Web 2.0 One size, no longer fits all.

49

49

John Battelle's Searchblog

MAY 21, 2010

Early last week I wrote a long-ish piece on the iAd – in which I both criticized and praised Apple for “re-gifting” a mobile ad format that already existed. Since then I’ve spoke with Apple’s head of corporate communications, as well as several other potential clients and agencies. This will change over time.

Marketing 65

Marketing Privacy IT Insurance 65