Recent Security News
-
About the security content of watchOS 10.3 – Apple Support
January 22, 2024 at 01:42PM Summary: Release date 2024-01-22. Multiple CVEs with security issues addressed, including memory handling improvements, cryptography enhancements, privacy and access issues. Affected products include Apple Neural Engine, CoreCrypto, Kernel, Mail Search, NSSpellChecker, Safari, Shortcuts, TCC, Time Zone, and WebKit. Update available for Apple Watch Series 4 and later. From the meeting…
-
About the security content of macOS Sonoma 14.3 – Apple Support
January 22, 2024 at 01:42PM Several security issues have been addressed in the Apple Neural Engine, CoreCrypto, Finder, Kernel, LLVM, Mail Search, NSSpellChecker, Safari, Shortcuts, TCC, Time Zone, and WebKit on macOS Sonoma. Improvements include memory handling, handling of sensitive data, and access restrictions. These updates are crucial to prevent potential data breaches and arbitrary…
-
About the security content of iOS 15.8.1 and iPadOS 15.8.1 – Apple Support
January 22, 2024 at 01:42PM Apple has released an update addressing two security vulnerabilities in WebKit, affecting iOS devices before version 16.7.1. The vulnerabilities could lead to sensitive information disclosure and arbitrary code execution when processing web content. The update is available for specific iPhone and iPad models, and iPod touch. Meeting Takeaways: 1. Apple…
-
About the security content of iOS 16.7.5 and iPadOS 16.7.5 – Apple Support
January 22, 2024 at 01:42PM Summary: – Apple released updates addressing multiple CVE issues including privacy, memory handling, and access risks affecting various products like Accessibility, Apple Neural Engine, curl, ImageIO, Safari, and WebKit for specific devices. The updates aim to mitigate potential user data exposure, arbitrary code execution, and web content vulnerabilities. From the…
-
Ivanti: VPN appliances vulnerable if pushing configs after mitigation
January 22, 2024 at 01:27PM Ivanti advises administrators to refrain from pushing new device configurations to appliances after applying mitigations as it renders them defenseless against ongoing attacks exploiting two zero-day vulnerabilities. There have been large-scale attacks targeting Ivanti ICS and IPS appliances, with companies issuing mitigation measures and recovery instructions. Thousands of exposed appliances…