Collaborate Disseminate
You might not think your phone is as exposed as an internet server – but it’s handling plenty of untrusted data from unknown sources! Continue reading Update your iPhone – remote control holes revealed by researchers
Google’s Project Zero has unveiled details of a bug in Apple’s iMessage that lets attackers read data from an iPhone without any user interaction. Continue reading iMessage bug could have allowed attackers to read data from any iPhone
Mozilla has fixed a critical zero-day bug in the latest point releases of the Firefox web browser. Continue reading Update Firefox now! Zero-day found in the wild
It looks like Al was right, we should all be using Emacs. On the 4th of June, [Armin Razmjou] announced a flaw in Vim that allowed a malicious text file to trigger arbitrary code execution. It’s not every day we come across a malicious text file, and the proof of …read more
0-days may be more common than you think, but you’re not defenseless against the unknown. Read all about 0-day attacks and how to protect against them.
The post Zero Day Survival Guide | Everything You Need to Know Before Day One appeared first on Secu… Continue reading Zero Day Survival Guide | Everything You Need to Know Before Day One
Google Project Zero researcher unearths a bug in Microsoft’s Notepad Windows application. Continue reading Researcher Exploits Microsoft’s Notepad to ‘Pop a Shell’
Here’s the latest Naked Security podcast – listen now, and tell your friends and colleagues about us, too! Continue reading Ep. 023 – Facebook promises and Google Chrome patches [PODCAST]
Google’s Project Zero researchers have revealed a “high severity” macOS security flaw nicknamed ‘BuggyCow’ which Apple appears to be in no rush to patch. Continue reading Google reveals BuggyCow macOS security flaw
Google reveals macOS kernel bug after Apple failed to release fix within 90 days.
The post Google Reveals ‘High Severity’ Flaw in macOS After Apple Fails to Patch appeared first on Thurrott.com.
Continue reading Google Reveals ‘High Severity’ Flaw in macOS After Apple Fails to Patch
An Apple security update released Thursday includes fixes for three vulnerabilities hackers already have exploited, leaving customers who fail to download the new software unprotected from known threats. The security patch, iOS 12.1.4, squashes the widely-publicized FaceTime bug that allowed attackers to spy on others via audio and video. It also fixes two zero-day vulnerabilities that Ben Hawkes, a researcher on Google’s Project Zero security team, said had been exploited before the update was issued. The bugs, dubbed CVE-2019-7286 and CVE-2019-7287, would have allowed attackers to gain elevated privileges, and execute arbitrary code with kernel privileges, respectively. Few details were immediately available about how and when those bugs were exploited, though prominent experts are encouraging users to update their phone as soon as possible. Users should visit the “Settings” page on their iPhone, then follow “General” to “Software Update.” Click “Download and Install.” iOS user? Update to 12.1.4 now. It […]
The post Apple patches FaceTime flaw, and two exploited zero-days in new security update appeared first on CyberScoop.
Continue reading Apple patches FaceTime flaw, and two exploited zero-days in new security update