2025-01-31 03:53:13 Pacfic
Apple Patches Actively Exploited Zero-Day - 2d
Apple has released emergency security updates to address a zero-day vulnerability, CVE-2025-24085, that is actively being exploited. The vulnerability affects iOS, iPadOS, macOS, tvOS, watchOS, and visionOS and has been patched. This highlights the constant threat of zero-day exploits and the importance of promptly applying security updates.
Microsoft Discovers macOS SIP Bypass Vulnerability - 17d
Microsoft has analyzed CVE-2024-44243, a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) by loading malicious kernel extensions. This can lead to the installation of rootkits, creation of persistent malware, and circumvention of Transparency, Consent, and Control (TCC) mechanisms, enabling further unauthorized operations on affected systems. The discovery of this vulnerability underscores the importance of robust security measures across all platforms and the potential impacts of vulnerabilities in kernel extensions. This research also highlights that Microsoft is actively involved in securing non-windows platforms.
Apple Settles Siri Privacy Eavesdropping Lawsuit - 25d
Apple is facing a class-action lawsuit over its Siri voice assistant due to privacy concerns. The lawsuit claims Siri was eavesdropping and recording users without their consent. Apple has agreed to a $95 million settlement to resolve the issue. The settlement impacts millions of users who might have been affected. Some of the recordings have been shared with third parties. Users can disable Siri to avoid being recorded. This settlement highlights the importance of user data privacy and transparency, and it has also resulted in Apple making changes to its Siri privacy policy and functionality.
Banshee Stealer Uses Apple Encryption Algorithm - 21d
A new version of the Banshee macOS stealer has been identified by Check Point Research. This malware, linked to Russian-speaking cyber criminals, employs a string encryption algorithm identical to that used by Apple’s XProtect antivirus engine. The stealer, which operates as a ‘stealer-as-a-service’, targets macOS users, stealing browser and login credentials, cryptocurrency wallets, and other sensitive information. Its distribution methods include malicious GitHub repositories and phishing websites. This incident highlights the increasing sophistication of macOS malware and the use of legitimate security algorithms for malicious purposes.
Apple Notifies Spyware Victims, Not Analyzing Devices - 10d
Apple is notifying users who are likely targeted by government-sponsored spyware, but is redirecting them to third-party security labs instead of performing forensic analysis. This decision stems from their position that in-depth forensic analysis could inadvertently reveal spyware capabilities to the attackers. This approach is praised by security experts as it balances victim protection and security research.
Impact of iOS 18 Inactivity Reboot on Security - 12d
This news discusses the security implications of iOS 18’s inactivity reboot feature. The automatic reboot after 72 hours of inactivity is intended to enhance security by mitigating the risk of unauthorized access, data theft, and other cyber threats. This feature aligns with U.S. NSA security recommendations, reducing the window of opportunity for malicious actors to exploit inactive devices.