Apple’s latest iPhone security feature just made life more difficult for spyware makers


Buried in an ocean of flashy novelties announced by Apple this week, the tech giant also revealed new security technology for its latest iPhone 17 and iPhone Air devices. This new security technology was made specifically to fight against surveillance vendors and the types of vulnerabilities they rely on the most, according to Apple.

The feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs, which are some of the most common vulnerabilities exploited by spyware developers and makers of phone forensic devices used by law enforcement.

Read more…
Source: TechCrunch News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Utility security is so bad, US DoE offers rate cuts to improve it

    October 7, 2022

    The US Department of Energy has proposed regulations to financially reward cybersecurity modernization at power plants by offering rate deals for everything from buying new hardware to paying for outside help. In a notice of proposed rulemaking published earlier this week (which nullified a similar 2021 plan), the DoE said the time was right “to establish ...

  • CISA Releases Five Industrial Control Systems Advisories

    October 4, 2022

    CISA has released five (5) Industrial Control Systems (ICS) advisories on October 04, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-22-277-01 Johnson Controls Metasys ADX Server ICSA-22-277-02 Hitachi Energy Modular Switchgear Monitoring ICSA-22-277-03 Horner ...

  • U.S. Department of Homeland Security Kicks Off Cybersecurity Awareness Month

    October 3, 2022

    WASHINGTON – Throughout October, in recognition of Cybersecurity Awareness Month, the Department of Homeland Security is committed to raising awareness about how to combat the constant and ever-increasing threat from malicious cyber actors. Many of the Department’s component agencies play a lead role in strengthening the nation’s resilience across public and private sectors, investigating malicious ...

  • CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks

    October 3, 2022

    CISA has issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks, which seeks improve asset visibility and vulnerability enumeration across the federal enterprise. Although BOD 23-01 is only applicable to federal civilian executive branch (FCEB) agencies, CISA recommends all stakeholders review and incorporate the standards it sets forth. Doing so ...

  • The secrets of Schneider Electric’s UMAS protocol

    September 29, 2022

    UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs. Schneider Electric controllers that use UMAS include Modicon M580 CPU (part numbers BMEP* and BMEH*) and Modicon M340 CPU (part numbers BMXP34*). Controllers are configured and programmed using engineering software – EcoStruxure™ Control Expert (Unity ...

  • Control System Defense: Know the Opponent

    September 22, 2022

    Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. These cyber actors, including advanced persistent threat (APT) groups, target OT/ICS assets to achieve political gains, economic advantages, or destructive effects. Because OT/ICS systems physical operational processes, cyber ...