Apple has been focusing on the security of its devices. One of the most critical actions to keep your Apple product secure is to keep its software up-to-date. Apple has rolled out security updates to older iPhones, iPads, Apple TV, and Watch series. The update consists of: tvOS is 15.1. watchOS is 8.1. macOS is 12.0.1. iOS and iPadOS is 15.1. iOS 14.8.1 and iPadOS 14.8.1 Apple published iOS … Continue reading “Update your devices with Apple’s latest security patches”
Tag: iOS
Apple releases emergency update to address the arbitrary code execution zero-day vulnerability (CVE-2021-30883)
On Monday, Apple released an iPhone security update to fix a major vulnerability that is being exploited in the wild. With the latest patch, the corporation has now resolved a total of 17 zero-days in 2021 – a new high. The vulnerability CVE-2021-30883 involves a memory corruption flaw in the IOMobileFrameBuffer component. This flaw allows an application to run arbitrary … Continue reading “Apple releases emergency update to address the arbitrary code execution zero-day vulnerability (CVE-2021-30883)”
Apple Arbitrary Code Injection Vulnerability (CVE-2021-30869)
Apple provided security fixes to address a zero-day vulnerability on Thursday. The attackers have used it in the wild to break into iPhones and Macs running older versions of iOS and macOS. Apple has also provided patches for a previously patched security flaw exploited by NSO Group’s Pegasus surveillance tool to target iPhone users. CVE-2021-30869 is a zero-day vulnerability. This is a type-confusion hole in Apple’s … Continue reading “Apple Arbitrary Code Injection Vulnerability (CVE-2021-30869)”
Apple Devices Critical Vulnerabilities (CVE-2020-27930, CVE-2020-27950, CVE-2020-27932)
Overview On November 5th, 2020, three iOS zero-day vulnerabilities were patched by Apple, which were exploited in the wild affecting Apple devices such as iPhone, iPad, and iPod. Ben Hawkes from Google Project Zero discovered these flaws that were affecting variants of Apple devices. CVE-2020-27930 (RCE) – An RCE in FontParser library that was triggered … Continue reading “Apple Devices Critical Vulnerabilities (CVE-2020-27930, CVE-2020-27950, CVE-2020-27932)”
Cisco IOS and IOS XE Multiple Vulnerabilities
Multiple vulnerabilities including authorization bypass, DoS, arbitrary code execution and such other critical vulnerabilities were observed in various Cisco IOS and IOS XE devices in September 2020. To this, Cisco published a collated report of all 34 vulnerabilities as an advisory – ERP-74268. In its semi-annual report, published on Sept 24, 2020, Cisco released bundles … Continue reading “Cisco IOS and IOS XE Multiple Vulnerabilities”
Kr00k Wi-Fi Vulnerability (CVE-2019-15126)
Summary: In last week of February,2020, after MSPT, a serious vulnerability in Wi-Fi chips, formally known as CVE-2019-15126., very well known as Kr00K in the wild. Krook was hot topic to be discussed in RSA conference 2020. Description: What is Kr00k? Krook is a vulnerability of the wireless egress packet implementation and processing of certain … Continue reading “Kr00k Wi-Fi Vulnerability (CVE-2019-15126)”
BlueBorne: Bluetooth Attack Vector
A new attack vector called ‘BlueBorne‘ has been discovered. The name is a play on the word ‘airborne’ as it allows attackers to take over devices on air-gapped networks. This attack was disclosed by Armis Lab. The vulnerabilities exploited by this attack affects Android, Linux, Windows, and iOS version less than 10. Targets can be compromised regardless of the … Continue reading “BlueBorne: Bluetooth Attack Vector”