Tag Archives: apple

Indian security specialist Bhavuk Jain received $100,000 from Apple via bug bounty program for detecting a critical vulnerability in Sign in with Apple. The problem allowed remote attackers to bypass authentication and seize user accounts in third-party services and applications that supported Sign in with Apple. Recall that the Sign …

Earlier this week, ZecOps specialists reported about 0-day vulnerability in iOS, which, according to their data, hackers exploited since 2018 or even longer. However, Apple claims hackers did not use fresh iOS 0-day. The researchers wrote that exploiting the vulnerability does not require any interaction with the user, and attackers …

Apple released macOS Catalina 10.15.4, in which fixed 27 vulnerabilities. Problems affected components such as Bluetooth, call history, CoreFoundation, FaceTime, the kernel, libxml2, Mail, sudo, and Time Machine. The exploitation of vulnerabilities allowed attackers to execute arbitrary code with system or kernel privileges, increase privileges on the system, and also …

This week, Google reported about its success in adopting the HTTPS standard: 80% of applications encrypt traffic by default. So, in the official blog of the IT giant, appeared a message that currently 4 out of 5 applications (80%) available through the Google Play Store encrypt traffic by default and …

This week it became known that due to the use of third-party SDKs, the data of Twitter and Facebook users leaked to the side (of course, without any knowledge). SDK (software development kit) is a set of developmental tools that allows software specialists to create applications for a specific software …

Back in July of this year, information security specialist Bob Gendler, specializing in Apple device issues, discovered that Apple Mail on macOS stores encrypted messages in clear text in the snippets.db database. In fact, this vulnerability allows reading encrypted Apple Mail letters on macOS. As Gendler explains on his blog, …

FoxGuard researcher Monta Elkins equipped the Cisco firewall with a bug, the so-called “hardware bookmark,” without much expense and efforts. More than a year has passed since Bloomberg published an article describing the hardware “bookmarks” that were allegedly found on Supermicro server boards and allowed Chinese hackers to compromise them. …

In the Android version of the Signal secure messenger has been identified a logical error that allows spying on users. With the vulnerability, criminals can initiate a call and automatically answer it without the consent of the user. In other words, with the help of a bug, you can turn …

Today, an information security researcher known by the pseudonym axi0mX has published an open access jailbreak suitable for almost any iOS device with chips from A5 to A11 released between 2011 and 2017. That is, jailbreak is relevant for iPhone models from iPhone 4S to iPhone 8 and X. It …

The publication in ZDNet drew attention to the fact that amid a flurry of criticism that hit Google because of Manifest v3, the situation around Apple looks pretty interesting. The fact is that Apple limited the work of blockers and other extensions in Safari, but no one was indignant at …