Bug in macOS Finder allows remote code execution

While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented. Researchers have uncovered a flaw in Apple’s macOS Finder system that could allow remote threat actors to dupe unsuspecting users into running arbitrary commands on their devices. The security loophole affects all versions of the macOS Big … More Bug in macOS Finder allows remote code execution

Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS

The vulnerability is under active exploitation by unknown attackers and affects a wide range of Apple’s products. Apple has released an update for its iOS, iPadOS, and macOS operating systems to patch a zero-day security flaw that is being actively exploited in the wild. The vulnerability affects a wide range of its products including the … More Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS

Most health apps engage in unhealthy data‑harvesting habits

Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent. As many as 88 percent of almost 21,000 mobile health (mHealth) applications that are accessible on the Google Play Store from Australia include code that can access and even share users’ personal data with third parties, … More Most health apps engage in unhealthy data‑harvesting habits

Gelsemium: When threat actors go gardening

ESET researchers shed light on new campaigns from the quiet Gelsemium group. Since mid-2020, ESET Research has been analyzing multiple campaigns, later attributed to the Gelsemium cyberespionage group, and has tracked down the earliest version of their main malware, Gelsevirine, to 2014. During the investigation, ESET researchers found a new version of Gelsevirine, a backdoor … More Gelsemium: When threat actors go gardening

1 million risky apps rejected or removed from Apple’s App Store in 2020

Apple also claims to have foiled US$1.5 billion worth of potentially fraudulent transactions. Apple says that it thwarted more than US$1.5 billion in potentially fraudulent transactions and prevented almost a million vulnerable and otherwise risky apps from making their way into the App Store in 2020, according to a new report highlighting the company’s efforts to protect … More 1 million risky apps rejected or removed from Apple’s App Store in 2020