Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2023-42926: About the security content of macOS Sonoma 14.2

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

CVE
Open in Source
#web#mac#apple#google#dos#auth#zero_day#webkit
CVE-2023-42890: About the security content of Safari 17.2

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.

CVE-2023-42932: About the security content of macOS Ventura 13.6.3

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data.

CVE-2023-50430: A Touch of Pwn - Part I

The Goodix Fingerprint Device, as shipped in Dell Inspiron 15 computers, does not follow the Secure Device Connection Protocol (SDCP) when enrolling via Linux, and accepts an unauthenticated configuration packet to select the Windows template database, which allows bypass of Windows Hello authentication by enrolling an attacker's fingerprint.

DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia

By Waqas On Thursday, November 30, 2023, Rappler, the prominent online media giant based in the Philippines, fell victim to a relentless series of Distributed Denial of Service (DDoS) attacks. This is a post from HackRead.com Read the original post: DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia

New 5G Modems Flaws Affect iOS Devices and Android Models from Major Brands

A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS. Of the 14 flaws – collectively called 5Ghoul (a combination of "5G" and "Ghoul") – 10 affect 5G modems from the two companies, out of which three

Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS

By Waqas Another day, another Bluetooth vulnerability impacting billions of devices worldwide! This is a post from HackRead.com Read the original post: Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS

Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software

Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit

US government is snooping on people via phone push notifications, says senator

Government agencies have been asking Apple and Google for metadata related to push notifications, but the companies aren't allowed to tell users about it.

Cybersecurity considerations to have when shopping for holiday gifts

When searching for holiday gifts online, make sure you’re buying from a trusted vendor, or if you haven’t heard of the vendor before, take a few extra minutes just to look them up and read their app’s privacy policy.