Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Apple Security Advisory 05-13-2024-3

Apple Security Advisory 05-13-2024-3 - iOS 16.7.8 and iPadOS 16.7.8 addresses bypass vulnerabilities.

Packet Storm
Open in Source
#vulnerability#web#ios#apple
Apple Security Advisory 05-13-2024-2

Apple Security Advisory 05-13-2024-2 - iOS 17.5 and iPadOS 17.5 addresses bypass and code execution vulnerabilities.

Apple Security Advisory 05-13-2024-1

Apple Security Advisory 05-13-2024-1 - Safari 17.5 addresses a bypass vulnerability.

Apple and Google join forces to stop unwanted tracking

Google and Apple are pushing forward on industry guidelines to stop the sue of Bluetooth devices for unwanted tracking

Patch Tuesday, May 2024 Edition

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw.

GHSA-jm3v-qxmh-hxwv: Scrapy's redirects ignoring scheme-specific proxy settings

### Impact When using system proxy settings, which are scheme-specific (i.e. specific to `http://` or `https://` URLs), Scrapy was not accounting for scheme changes during redirects. For example, an HTTP request would use the proxy configured for HTTP and, when redirected to an HTTPS URL, the new HTTPS request would still use the proxy configured for HTTP instead of switching to the proxy configured for HTTPS. Same the other way around. If you have different proxy configurations for HTTP and HTTPS in your system for security reasons (e.g., maybe you don’t want one of your proxy providers to be aware of the URLs that you visit with the other one), this would be a security issue. ### Patches Upgrade to Scrapy 2.11.2. ### Workarounds Replace the built-in retry middlewares (`RedirectMiddleware` and `MetaRefreshMiddleware`) and the `HttpProxyMiddleware` middleware with custom ones that implement the fix from Scrapy 2.11.2, and verify that they work as intended. ### References This ...

Talos joins CISA to counter cyber threats against non-profits, activists and other at-risk communities

Commercial spyware tools can threaten democratic values by enabling governments to conduct covert surveillance on citizens, undermining privacy rights and freedom of expression.

Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices

Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. "This will help mitigate the misuse of devices designed to help keep track of belongings," the companies said in a joint statement, adding it aims to address "

Police Accessed Proton Mail User Data in Terrorism Probe

By Deeba Ahmed Encrypted email services like ProtonMail and Wire promise privacy, but can they guarantee anonymity? A recent case in Spain has users questioning the limitations of encryption when law enforcement steps in. This is a post from HackRead.com Read the original post: Police Accessed Proton Mail User Data in Terrorism Probe

Why car location tracking needs an overhaul

Refuge robbed: Car location tracking is becoming a tool of control in situations of domestic abuse. It's time car companies responded.