Microsoft Releases PoC Exploit to Escape MacOS Sandbox

Microsoft has detailed a recently patched vulnerability affecting Apple operating systems and published a PoC exploit to escape the macOS sandbox. If successfully exploited, this bug allows to leavei the sandbox, elevate privileges on the device and deploy malware. Let me remind you that they also wrote that Vulnerability in macOS Leads to Data Leakage,… Continue reading Microsoft Releases PoC Exploit to Escape MacOS Sandbox

Privacy Access Tokens to Replace CAPTCHA Real Soon

CAPTCHA, a well-known test for website visitors to prove they are humans, not robots, rapidly grows obsolete. There are ways to break or bypass CAPTCHA, and there are obvious inconveniences these tests bring to clients when deployed on websites. Luckily, the progress won’t cease, and the replacement is coming. We’re talking about Privacy Pass –… Continue reading Privacy Access Tokens to Replace CAPTCHA Real Soon

Apple paid $100,000 for macOS camera and microphone hack

Information security researcher Ryan Pickren told how he received a large reward from Apple for hacking the camera and microphone in macOS. He also discovered vulnerabilities in Safari and macOS that could be used to hack into a user’s online accounts. Back in 2020, Ryan Pickren received a $75,000 bug bounty from Apple because he… Continue reading Apple paid $100,000 for macOS camera and microphone hack

Vulnerability in macOS Leads to Data Leakage

Microsoft said that attackers could use a macOS vulnerability to bypass Transparency, Consent, and Control (TCC) technology and gain access to protected user data. Back in the summer of 2021, a research group informed Apple developers about a vulnerability dubbed powerdir (CVE-2021-30970). The bug is related to the TCC technology, which is designed to block… Continue reading Vulnerability in macOS Leads to Data Leakage

Spy method NoReboot allows simulating iPhone shutdown and prying through the camera

The NoReboot spy method allows intercepting the iPhone restart and shutdown process and prevent them from ever happening. ZecOps has developed a new method to simulate restarting or shutting down the iPhone and thereby prevent the removal of malware from it, with which hackers can secretly track the victim through the microphone and phone camera.… Continue reading Spy method NoReboot allows simulating iPhone shutdown and prying through the camera

Vulnerability in Apple iCloud puts billion users at risk

Security of over a billion iPhone owners and users of popular instant messengers is at risk due to a vulnerability in Apple iCloud. As the Forbes reports, private messages sent via iMessage and WhatsApp on iPhone are not secure when using factory settings. While encrypted apps like iMessage and WhatsApp keep messages on the device… Continue reading Vulnerability in Apple iCloud puts billion users at risk

Users can be lured to a malicious site through a vulnerability in Apple AirTag

Security researcher Bobby Rauch discovered a vulnerability in AirTag key fobs, which Apple advertises as a convenient solution for tracking personal belongings (for example, laptops, phones, car keys, backpacks, and so on). Gadgets are susceptible to a stored XSS vulnerability. Rauch has revealed the issue, although the patch is not yet available, as he was… Continue reading Users can be lured to a malicious site through a vulnerability in Apple AirTag

Experts showed fraudulent payments from a locked iPhone with Apple Pay and a Visa card

Scientists talked about how to make fraudulent payments using Apple Pay with a Visa card on a locked iPhone. This scam works over the air, even if the iPhone is in your bag or pocket, and has no limit on the number of transactions. A report on this issue [PDF] will be presented at the… Continue reading Experts showed fraudulent payments from a locked iPhone with Apple Pay and a Visa card

Criminals threaten to leak new Apple logo, if the company doesn’t pay the ransom

Last week it became known that the operators of the ransomware REvil are trying to blackmail Apple, and now the criminals threaten to leak the company’s new logo into the network, if the company doesn’t pay the ransom. The hackers claim to have obtained data on Apple products after the Taiwanese company Quanta Computer was… Continue reading Criminals threaten to leak new Apple logo, if the company doesn’t pay the ransom

REvil operators are blackmailing Apple

Media reported that REvil ransomware operators are blackmailing Apple and demand a ransom. Otherwise, they threaten to arrange a leak of company’s confidential information. The hackers claim to have obtained data on Apple products after the Taiwanese company Quanta Computer was hacked. It is the world’s largest laptop manufacturer and also one of the few… Continue reading REvil operators are blackmailing Apple