Apple’s latest iPhone security feature just made life more difficult for spyware makers


Buried in an ocean of flashy novelties announced by Apple this week, the tech giant also revealed new security technology for its latest iPhone 17 and iPhone Air devices. This new security technology was made specifically to fight against surveillance vendors and the types of vulnerabilities they rely on the most, according to Apple.

The feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs, which are some of the most common vulnerabilities exploited by spyware developers and makers of phone forensic devices used by law enforcement.

Read more…
Source: TechCrunch News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Potential for Malicious Cyber Activities to Disrupt the 2022 Beijing Winter Olympics and Paralympics

    January 31, 2022

    The FBI is warning entities associated with the February 2022 Beijing Winter Olympics and March 2022 Paralympics that cyber actors could use a broad range of cyber activities to disrupt these events. These activities include distributed denial of service (DDoS) attacks, ransomware, malware, social engineering, data theft or leaks, phishing campaigns, disinformation campaigns, or insider ...

  • U.S. unveils plan to improve cyber defenses for water utilities

    January 27, 2022

    The White House on Thursday unveiled a plan to beef up cybersecurity in the nation’s water sector, an extension of its efforts to thwart attacks against critical infrastructure including electricity and natural gas pipeline operators. Senior administration officials said water facilities use automation and electronic networks that are vulnerable to cyber attacks, which could include producing ...

  • Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems

    January 27, 2022

    Given this technology’s ubiquity, Trend Micro researchers decided to investigate further and discovered multiple security vulnerabilities, resulting in 13 new CVE IDs for the six most common DDS implementations. This includes one vulnerability in the standard specifications and other deployment issues in the DDS software ecosystem (including a fully open production system). These vulnerabilities have ...

  • Context and Recommendations to Protect Against Malicious Activity by Iranian Cyber Group Emennet Pasargad

    January 26, 2022

    This Private Industry Notice provides a historical overview of Iran-based cyber company Emennet Pasargad’s tactics, techniques, and procedures (TTPs) to enable recipients to identify and defend against the group’s malicious cyber activities. On 20 October 2021, a grand jury in the US District Court for the Southern District of New York indicted two Iranian nationals ...

  • CISA adds 17 vulnerabilities to list of bugs exploited in attacks

    January 22, 2022

    This week, the Cybersecurity and Infrastructure Security Agency (CISA) added seventeen actively exploited vulnerabilities to the ‘Known Exploited Vulnerabilities Catalog. The ‘Known Exploited Vulnerabilities Catalog’ is a list of vulnerabilities that have been seen abused by threat actors in attacks and that are required to be patched by Federal Civilian Executive Branch (FCEB) agencies. “Binding Operational Directive ...

  • CISA: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats

    January 18, 2022

    Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy. Most recently, public and private entities in Ukraine ...