Apple’s latest iPhone security feature just made life more difficult for spyware makers


Buried in an ocean of flashy novelties announced by Apple this week, the tech giant also revealed new security technology for its latest iPhone 17 and iPhone Air devices. This new security technology was made specifically to fight against surveillance vendors and the types of vulnerabilities they rely on the most, according to Apple.

The feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs, which are some of the most common vulnerabilities exploited by spyware developers and makers of phone forensic devices used by law enforcement.

Read more…
Source: TechCrunch News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Utilities ‘Concerningly’ at Risk from Active Exploits

    June 14, 2021

    The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months — something analysts called out as a “concerning datapoint,” and an important reminder that ransomware isn’t the only threat utility networks need to secure against. A new report from WhiteHat Security measured the amount of ...

  • Open Source Vulnerabilities Converging DevOps & SecOps

    May 20, 2021

    Workplace evolution is in favor of traditional siloes being torn down and replaced with increased cross-functional collaboration, working in lockstep to deliver better outcomes. But it is not as easy as it sounds. Security and development teams have historically worked in siloes, which has created a long- standing disconnect between them. Both teams are responsible for ...

  • Lazarus covets COVID-19-related intelligence

    December 23, 2020

    As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that actors, such as the Lazarus group, are going after intelligence that could help these efforts by attacking entities related to COVID-19 research. While tracking the Lazarus group’s continuous campaigns targeting various ...

  • Supply Chain Attacks in the Age of Cloud Computing: Risks, Mitigations, and the Importance of Securing Back Ends

    October 26, 2020

    Security is an aspect that every enterprise needs to consider as they use and migrate to cloud-based technologies. On top of the list of resources that enterprises need to secure are networks, endpoints, and applications. However, another critical asset that enterprises should give careful security consideration to is their back-end infrastructure which, if compromised, could ...

  • Diving Into End-to-End Deep Learning for Cybersecurity

    August 21, 2020

    The application of artificial intelligence (AI) across various industries has undeniably made significant improvements in the digital era. With the capability to interpret and make complex decisions based on data, AI technologies have enabled tasks or processes to function with human-like intelligence, enhancing the speed of and innovating business operations and adding valuable user experiences. The ...

  • Configuring a Windows Domain to Dynamically Analyze an Obfuscated Lateral Movement Tool

    July 7, 2020

    Researchers at FireEye recently encountered a large obfuscated malware sample that offered several interesting analysis challenges. It used virtualization that prevented us from producing a fully-deobfuscated memory dump for static analysis. Statically analyzing a large virtualized sample can take anywhere from several days to several weeks. Bypassing this time-consuming step presented an opportunity for collaboration ...