November 30, 2023 at 01:42PM Apple addressed two WebKit vulnerabilities (CVE-2023-42916 and CVE-2023-42917) that potentially leaked information and allowed code execution on older iOS versions. Updates for iPhones starting from XS and various iPad models are available to mitigate these issues. Reported exploitation exists against iOS versions before 16.7.1. Meeting Takeaways: 1. Apple has addressed … Read more
November 30, 2023 at 01:42PM Apple fixed two WebKit vulnerabilities (CVE-2023-42916, CVE-2023-42917) affecting macOS Sonoma that could disclose sensitive info or execute arbitrary code; possibly exploited in iOS pre-16.7.1. Release on 2023-11-30, addressed via improved input validation and locking. Meeting Takeaways: 1. A recent Apple security document with ID HT214032 was discussed. 2. Two vulnerabilities … Read more
October 26, 2023 at 02:06PM A group of academics has discovered a new side-channel attack called iLeakage that targets Apple’s A- and M-series CPUs on iOS, iPadOS, and macOS devices. By exploiting a weakness in Safari, sensitive information can be extracted. The attack could be used to retrieve Gmail inbox content and autofilled passwords from … Read more
October 26, 2023 at 01:47PM University researchers have developed a new exploit called iLeakage that can steal information from Apple Macs, iPhones, and iPads. The exploit targets Apple’s Safari browser and can steal secrets such as Gmail inbox data, text messages, and watch histories from YouTube. It can be launched against devices running Apple’s A-series … Read more
October 26, 2023 at 07:32AM Researchers have developed a new side-channel attack called iLeakage that can extract sensitive information from Safari on Apple devices. It bypasses standard side-channel protections and can retrieve data from Safari, Firefox, Tor, and Edge on iOS with near-perfect accuracy. The attack exploits speculative execution in Apple Silicon CPUs and requires … Read more
October 25, 2023 at 03:57PM Apple released major security updates for macOS and iOS, addressing numerous vulnerabilities that could potentially lead to hacker attacks. The updates address a total of 21 iOS security vulnerabilities and 44 macOS flaws, including code execution and data exposure issues. Apple also patched an already-exploited vulnerability reported by Kaspersky. The … Read more