Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability (a vulnerability which Apple was previously unaware of) that is reportedly being used in targeted attacks.
Apple has acknowledged reports that attackers may have already used this flaw in a highly sophisticated operation aimed at specific, high‑value targets. But history teaches us that once a patch goes out, attackers waste little time recycling the same vulnerability into broader, more opportunistic campaigns. What starts as a highly targeted campaign often trickles down into mass exploitation against everyday users.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Apple releases iOS 12.1.4, fixes iPhone FaceTime spying bug
February 7, 2019
Apple has released iOS 12.1.4. It’s a patch that fixes a bug that allowed users to spy on others by activating a group FaceTime call without the user’s consent. What made this bug so serious was how trivial it was to leverage, and it forced Apple to pull the plug on the feature at the server ...
- Flaw in Multiple Airline Systems Exposes Passenger Data
February 7, 2019
Researchers have discovered that multiple airline e-ticketing systems do not encrypt check-in links. The security faux pas could allow bad actors on the same network as the victim to view – and in some cases even change – their flight booking details or boarding passes. Security researchers at Wandera said that eight airlines have been sending ...
- New macOS zero-day allows theft of user passwords
February 6, 2019
A German security researcher has published a video over the weekend showing a new zero-day affecting Apple’s macOS desktop operating system. In an interview to German tech site Heise, Linus Henze, the security researcher, says the vulnerability allows a malicious app running on a macOS system to get access to passwords stored inside the Keychain –the password management ...
- Android Phones Can Get Hacked Just by Looking at a PNG Image
February 6, 2019
Using an Android device? Beware! You have to remain more caution while opening an image file on your smartphone—downloaded anywhere from the Internet or received through messaging or email apps. Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three newly-discovered critical vulnerabilities that affect millions of devices running recent versions of Google’s mobile ...
- Your New Car Is A Hacker Magnet — Automotive Industry Disconnect To Blame
February 6, 2019
The car that you drive today is a far cry from those of just a decade ago and in many ways is now an internet-connected computer on wheels. This push towards connectivity and smart-motoring has seen the automotive manufacturing industry shift towards becoming as much about software as they are transportation. And that means it ...
- iOS 12.1.4 is coming to fix the worst iPhone and iPad bug to date
February 2, 2019
If you’re running iOS 12.1 or later on your iPhone, then the iOS 12.1.4 patch that’s coming next week is a must-have because it patches what the worst iOS bug to hit iPhone and iPad users to date. According to Apple, this patch will land “next week.” iOS 12.1.4 will fix a FaceTime bug that offered ...