Buried in an ocean of flashy novelties announced by Apple this week, the tech giant also revealed new security technology for its latest iPhone 17 and iPhone Air devices. This new security technology was made specifically to fight against surveillance vendors and the types of vulnerabilities they rely on the most, according to Apple.
The feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs, which are some of the most common vulnerabilities exploited by spyware developers and makers of phone forensic devices used by law enforcement.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Supply Chain Attacks in the Age of Cloud Computing: Risks, Mitigations, and the Importance of Securing Back Ends
October 26, 2020
Security is an aspect that every enterprise needs to consider as they use and migrate to cloud-based technologies. On top of the list of resources that enterprises need to secure are networks, endpoints, and applications. However, another critical asset that enterprises should give careful security consideration to is their back-end infrastructure which, if compromised, could ...
- Diving Into End-to-End Deep Learning for Cybersecurity
August 21, 2020
The application of artificial intelligence (AI) across various industries has undeniably made significant improvements in the digital era. With the capability to interpret and make complex decisions based on data, AI technologies have enabled tasks or processes to function with human-like intelligence, enhancing the speed of and innovating business operations and adding valuable user experiences. The ...
- Configuring a Windows Domain to Dynamically Analyze an Obfuscated Lateral Movement Tool
July 7, 2020
Researchers at FireEye recently encountered a large obfuscated malware sample that offered several interesting analysis challenges. It used virtualization that prevented us from producing a fully-deobfuscated memory dump for static analysis. Statically analyzing a large virtualized sample can take anywhere from several days to several weeks. Bypassing this time-consuming step presented an opportunity for collaboration ...
- Ripple20 Vulnerability Mitigation Best Practices
June 22, 2020
On June 16th, the Department of Homeland Security and CISA ICS-CERT issued a critical security advisory warning covering multiple newly discovered vulnerabilities affecting Internet-connected devices manufactured by multiple vendors. This set of 19 vulnerabilities in a low-level TCP/IP software library developed by Treck has been dubbed “Ripple20” by researchers from JSOF. A networking stack is a software component that provides ...
- US firms overconfident in their cybersecurity preparedness
July 25, 2018
A new survey finds that American firms overrate how prepared they are for a cyberattack. Research and consulting firm Ovum found that 68% of US firms believe they have better-than-average cyber-readiness for their industry. As humans, we often overrate our own abilities, with more than 50% of a group thinking they’re above-average at some task, like ...
- Why is incident response automation and orchestration so hot?
March 16, 2017
I couldn’t attend the RSA Conference this year, but many cybersecurity professionals and my ESG colleagues told me that incident response (IR) automation and orchestration was one of the hottest topics in the halls of the Moscone Center—through the bar at the W hotel and even at the teahouse on the garden at Yerba Buena. Was ...