Saturday, June 28, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

apple

ComputerWorldIndependent
admin

NSO Group returns with triple iOS 15/16 zero-click spyware attack

No matter what US President Joseph R. Biden Jr. said, NSO Group is still around; the privatized spying service produced zero-click exploits against iOS 15 and iOS 16 last year, according to the latest report from Citizen Lab.

It also suggests Lockdown Mode is effective against such attacks.

A trio of exploits used in complex form

The report reflects what Citizen Lab learned from investigating attacks against Mexican human rights defenders. The researchers conclude that NSO Group, called “mercenary hackers” by Apple, has made wide use of at least three zero-click exploits in Apple’s iPhone operating systems against civil society targets worldwide. NSO Group is the infamous firm that created the Pegasus tool used to spy on people.

To read this article in full, please click here

Read More
MalwareBytesSecurity
admin

Update now! April’s Patch Tuesday includes a fix for one zero-day

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Apple

Tags: Google

Tags: Adobe

Tags: Cisco

Tags: SAP

Tags: Mozilla

Tags: CVE-2023-28252

Tags: CVE-2023-28231

Tags: CVE-2023-21554

Tags: Word

Tags: Publisher

Tags: Office

One fixed vulnerability is being actively exploited by a ransomware gang and many others were fixed in this month’s Patch Tuesday updates.

(Read more…)

The post Update now! April’s Patch Tuesday includes a fix for one zero-day appeared first on Malwarebytes Labs.

Read More
ComputerWorldIndependent
admin

Yet more digital spies targeting iPhones exposed by security researchers

Just weeks after President Biden signed an executive order designed to prevent the US government from purchasing commercial spyware used to subvert democracies, researchers have identified yet another shameful zero-click, zero-day exploit that targeted iPhone users. This spy-for-hire ‘solution’ was sold by an Israeli firm called QuaDream.

Making everyone less safe

QuaDream’s attacks have been exposed by security researchers at Microsoft and Citizen Lab. QuaDream is a more secretive entity than NSO Group but shares much of the same pedigree, including being founded by ex-NSO Group employees and having connections to Israeli intelligence. Its attacks were first exposed last year, but the researchers have since found more about how these digital mercenaries worked.

To read this article in full, please click here

Read More
MalwareBytesSecurity
admin

Apple releases emergency updates for two known-to-be-exploited vulnerabilities

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: iOS 16.4.1

Tags: iPadOS 16.4.1

Tags: macOS 13.3.1

Tags: CVE-2023-28206

Tags: CVE-2023-28205

Tags: use-after-free

Tags: out-of-bounds write

Tags: IOSurfaceAccelerator

Apple has released iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 for the iPhone, iPad, and Mac, respectively, and our advice is to install them as soon as possible.

(Read more…)

The post Apple releases emergency updates for two known-to-be-exploited vulnerabilities appeared first on Malwarebytes Labs.

Read More
ComputerWorldIndependent
admin

Samsung shows we need an Apple approach to generative AI

It feels as if practically everyone has been using Open AI’s ChatGPT since the generative AI hit prime time. But many enterprise professionals may be embracing the technology without considering the risk of these large language models (LLMs).

That’s why we need an Apple approach to Generative AI.

What happens at Samsung should stay at Samsung

ChatGPT seems to be a do-everything tool, capable of answering questions, finessing prose, generating suggestions, creating reports, and more. Developers have used the tool to help them write or improve their code and some companies (such as Microsoft) are weaving this machine intelligence into existing products, web browsers, and applications.

To read this article in full, please click here

Read More
MalwareBytesSecurity
admin

New macOS malware steals sensitive info, including a user’s entire Keychain database

Categories: Apple

Categories: News

Tags: MacStealer

Tags: mac infostealer

Tags: information stealer

Tags: Apple

Tags: Thomas Reed

Tags: iCloud Keychain

MacStealer could be an infamous stealer in the making, but right now, it needs improvement, according to Malwarebytes expert.

(Read more…)

The post New macOS malware steals sensitive info, including a user’s entire Keychain database appeared first on Malwarebytes Labs.

Read More
MalwareBytesSecurity
admin

A week in security (March 27 – April 2)

Categories: News

Tags: Lock and Code

Tags: Anna Pobletts

Tags: ChatGPT

Tags: World Backup Day

Tags: GitHub

Tags: accidental breach

Tags: DDoS service

Tags: Instagram scammer

Tags: top cyber threats of 2023

Tags: 3CX

Tags: BingBang

Tags: Apple

Tags: EE phing

Tags: phishing

Tags: ransomware

The most interesting security related news from the week of March 27 to April 2.

(Read more…)

The post A week in security (March 27 – April 2) appeared first on Malwarebytes Labs.

Read More