Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2022-32784: About the security content of Safari 15.6

The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.

CVE
Open in Source
#web#ios#mac#intel#zero_day#webkit
CVE-2023-23505: About the security content of iOS 15.7.3 and iPadOS 15.7.3

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access information about a user’s contacts.

CVE-2023-23524: About the security content of watchOS 9.3.1

A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, tvOS 16.3.2, watchOS 9.3.1. Processing a maliciously crafted certificate may lead to a denial-of-service.

Researchers Share New Insights Into RIG Exploit Kit Malware's Operations

The RIG exploit kit (EK) touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal. "RIG EK is a financially-motivated program that has been active since 2014," Swiss cybersecurity company PRODAFT said in an exhaustive report shared with The Hacker News. "Although it has yet to substantially change its exploits in its more recent activity, the type and

Password managers: A rough guide to enterprise secret platforms

The second part of our password manager series looks at business-grade tech to handle API tokens, login credentials, and more

News Corp: Hackers sat undetected on its network for 2 years

By Waqas Rupert Murdoch's News Corp revealed a data breach in 2022, but it turns out that hackers had been in the media giant's network two years prior. This is a post from HackRead.com Read the original post: News Corp: Hackers sat undetected on its network for 2 years

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format. "These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games," AhnLab Security Emergency response Center (ASEC) said in a report last week. ChromeLoader (aka

PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks

The PlugX remote access trojan has been observed masquerading as an open source Windows debugger tool called x64dbg in an attempt to circumvent security protections and gain control of a target system. "This file is a legitimate open-source debugger tool for Windows that is generally used to examine kernel-mode and user-mode code, crash dumps, or CPU registers," Trend Micro researchers Buddy