#1 Trusted Cybersecurity News Platform
The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: Apple

Apple iOS and macOS Flaw Could've Let Apps Eavesdrop on Your Conversations with Siri

Apple iOS and macOS Flaw Could've Let Apps Eavesdrop on Your Conversations with Siri
October 27, 2022Ravie Lakshmanan
A now-patched security flaw in Apple's iOS and macOS operating systems could have potentially enabled apps with Bluetooth access to eavesdrop on conversations with Siri. Apple said "an app may be able to record audio using a pair of connected AirPods," adding it addressed the Core Bluetooth issue in iOS 16.1 with improved entitlements. Credited with discovering and reporting the bug in August 2022 is app developer Guilherme Rambo. The bug, dubbed  SiriSpy , has been assigned the identifier CVE-2022-32946. "Any app with access to Bluetooth could record your conversations with Siri and audio from the iOS keyboard dictation feature when using AirPods or Beats headsets," Rambo  said  in a write-up. "This would happen without the app requesting microphone access permission and without the app leaving any trace that it was listening to the microphone." The vulnerability, according to Rambo, relates to a service called DoAP that's included in AirPo

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
October 25, 2022Ravie Lakshmanan
Tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the identifier CVE-2022-42827 , has been described as an out-of-bounds write issue in the Kernel, which could be abused by a rogue application to execute arbitrary code with the highest privileges. Successful exploitation of out-of-bounds write flaws, which typically occur when a program attempts to write data to a memory location that's outside of the bounds of what it is allowed to access, can result in corruption of data, a crash, or execution of unauthorized code. The iPhone maker said it addressed the bug with improved bounds checking, while crediting an anonymous researcher for reporting the vulnerability. As is usually the case with actively exploited zero-day flaws, Apple refrained from sharing more specifics about the shortcoming other than acknowledging that it's "aware of a report that this i

Details Released for Recently Patched new macOS Archive Utility Vulnerability

Details Released for Recently Patched new macOS Archive Utility Vulnerability
October 06, 2022Ravie Lakshmanan
Security researchers have shared details about a now-addressed security flaw in Apple's macOS operating system that could be potentially exploited to run malicious applications in a manner that can bypass Apple's security measures. The vulnerability, tracked as  CVE-2022-32910 , is rooted in the built-in Archive Utility and "could lead to the execution of an unsigned and unnotarized application without displaying security prompts to the user, by using a specially crafted archive," Apple device management firm Jamf said in an analysis. Following responsible disclosure on May 31, 2022, Apple addressed the issue as part of  macOS Big Sur 11.6.8  and  Monterey 12.5  released on July 20, 2022. The tech giant, for its part, also revised the earlier-issued advisories as of October 4 to add an entry for the flaw. Apple described the bug as a logic issue that could allow an archive file to get around Gatekeeper checks, which is designed so as to ascertain that only trust

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw
September 13, 2022Ravie Lakshmanan
Apple has released another round of security updates to address multiple vulnerabilities in iOS and macOS, including a new zero-day flaw that has been used in attacks in the wild. The issue, assigned the identifier  CVE-2022-32917 , is rooted in the Kernel component and could enable a malicious app to execute arbitrary code with kernel privileges. "Apple is aware of a report that this issue may have been actively exploited," the iPhone maker acknowledged in a brief statement, adding it resolved the bug with improved bound checks. An anonymous researcher has been credited with reporting the shortcoming. It's worth noting that CVE-2022-32917 is also the  second Kernel related zero-day flaw  that Apple has remediated in less than a month. Patches are available in versions  iOS 15.7, iPadOS 15.7 ,  iOS 16 ,  macOS Big Sur 11.7 , and  macOS Monterey 12.6 . The iOS and iPadOS updates cover iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generati

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability
September 01, 2022Ravie Lakshmanan
Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a  critical security flaw  that has been actively exploited in the wild. The shortcoming, tracked as  CVE-2022-32893  (CVSS score: 8.8), is an out-of-bounds write issue affecting WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. WebKit is the browser engine that powers Safari and every other third-party browser available on iOS and iPadOS, meaning a flaw uncovered in the platform poses a security risk to users of Google Chrome, Mozilla Firefox, and Microsoft Edge as well. The tech giant said it fixed the bug with improved bounds checking. An anonymous researcher has been credited for reporting the vulnerability. The iOS 12.5.6 update is available for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation). "iOS 12 is not impacted by CVE-2022-32894," Apple  noted  in it

XCSSET Malware Updates with Python 3 to Target macOS Monterey Users

XCSSET Malware Updates with Python 3 to Target macOS Monterey Users
August 23, 2022Ravie Lakshmanan
The operators of the XCSSET macOS malware have upped the stakes by making iterative improvements that add support for macOS Monterey by upgrading its source code components to Python 3. "The malware authors have changed from hiding the primary executable in a fake Xcode.app in the initial versions in 2020 to a fake Mail.app in 2021 and now to a fake Notes.app in 2022," SentinelOne researchers Phil Stokes and Dinesh Devadoss  said  in a report. XCSSET, first  documented  by Trend Micro in 2020, has many moving parts that allow it to  harvest sensitive information  from Apple Notes, WeChat, Skype, and Telegram; inject malicious JavaScript code into various websites; and dump cookies from Safari web browser. Infection chains entail using a dropper to compromise users' Xcode projects with the backdoor, with the latter also taking steps to evade detection by masquerading as either system software or the Google Chrome web browser application. The primary executable is an

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities
August 18, 2022Ravie Lakshmanan
Apple on Wednesday released security updates for  iOS, iPadOS , and  macOS  platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below - CVE-2022-32893  - An out-of-bounds write issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web content CVE-2022-32894  - An out-of-bounds write issue in the operating system's Kernel that could be abused by a malicious application to execute arbitrary code with the highest privileges Apple said it addressed both the issues with improved bounds checking, adding it's aware the vulnerabilities "may have been actively exploited." The company did not disclose any additional information regarding these attacks or the identities of the threat actors perpetrating them, although it's likely that they were abused as part of highly-targeted intrusions. The latest update brings the total number o

Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities

Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities
July 21, 2022Ravie Lakshmanan
Apple on Wednesday rolled out  software fixes  for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is CVE-2022-2294, a memory corruption flaw in the WebRTC component that Google  disclosed  earlier this month as having been exploited in real-world attacks aimed at users of the Chrome browser. There is, however, no evidence of in-the-wild zero-day exploitation of the flaw targeting iOS, macOS, and Safari. Besides CVE-2022-2294, the updates also address several arbitrary code execution flaws impacting Apple Neural Engine (CVE-2022-32810, CVE-2022-32829, and CVE-2022-32840), Audio (CVE-2022-32820), GPU Drivers (CVE-2022-32821), ImageIO (CVE-2022-32802), IOMobileFrameBuffer (CVE-2022-26768), Kernel (CVE-2022-32813

Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users

Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users
July 19, 2022Ravie Lakshmanan
Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system. The malware, codenamed  CloudMensis  by Slovak cybersecurity firm ESET, is said to exclusively use public cloud storage services such as pCloud, Yandex Disk, and Dropbox for receiving attacker commands and exfiltrating files. "Its capabilities clearly show that the intent of its operators is to gather information from the victims' Macs by exfiltrating documents, keystrokes, and screen captures," ESET researcher Marc-Etienne M.Léveillé  said  in a report published today. CloudMensis, written in Objective-C, was first discovered in April 2022 and is designed to strike both Intel and Apple silicon architectures. The initial infection vector for the attacks and the targets remain unknown as yet. But its very limited distribution is an indication that the malware is being used as part of a highly targeted operation directed against entities of i

Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices

Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices
July 14, 2022Ravie Lakshmanan
Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple's operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. "An attacker could take advantage of this sandbox escape vulnerability to gain elevated privileges on the affected device or execute malicious commands like installing additional payloads," Jonathan Bar Or of the Microsoft 365 Defender Research Team  said  in a write-up. Tracked as  CVE-2022-26706  (CVSS score: 5.5), the security vulnerability impacts iOS, iPadOS, macOS, tvOS, and watchOS and was fixed by Apple in May 2022. Calling it an access issue affecting the LaunchServices (launchd) component, the iPhone maker noted that "A sandboxed process may be able to circumvent sandbox restrictions," adding it mitigated the issue with additional restrictions. While Apple's  App Sandbox  is designed to tightly regulate a third-party app's acce

Apple's New "Lockdown Mode" Protects iPhone, iPad, and Mac Against Spyware

Apple's New "Lockdown Mode" Protects iPhone, iPad, and Mac Against Spyware
July 07, 2022Ravie Lakshmanan
Apple on Wednesday announced it plans to introduce an enhanced security setting called  Lockdown Mode  in iOS 16, iPadOS 16, and macOS Ventura to safeguard high-risk users against "highly targeted cyberattacks." The "extreme, optional protection" feature, now available for preview in beta versions of its upcoming software, is designed to counter a surge in threats posed by private companies developing state-sponsored surveillanceware such as  Pegasus ,  DevilsTongue ,  Predator , and  Hermit . Lockdown Mode, when enabled, "hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware," Apple  said  in a statement. This includes blocking most message attachment types other than images and disabling link previews in Messages; rendering inoperative just-in-time ( JIT ) JavaScript compilation; removing support for shared albums in Photos; a

U.S. FCC Commissioner Asks Apple and Google to Remove TikTok from App Stores

U.S. FCC Commissioner Asks Apple and Google to Remove TikTok from App Stores
June 30, 2022Ravie Lakshmanan
One of the commissioners of the U.S. Federal Communications Commission (FCC) has renewed calls asking for Apple and Google to boot the popular video-sharing platform TikTok from their app stores citing "its pattern of surreptitious data practices." "It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing's apparently unchecked access to that sensitive data," Brendan Carr, a Republican member of the FCC,  wrote  in a letter to Apple and Google's chief executives. TikTok, in September 2021,  disclosed  that there are one billion people who use its app every month, making it one of the largest social media platforms after Facebook, YouTube, WhatsApp, Instagram, and WeChat. Carr further emphasized that the short-form video service is far from just an app for sharing funny videos or memes, calling out its features as "sheep's clothing" intended to mask its core funct

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched
June 11, 2022Ravie Lakshmanan
A novel hardware attack dubbed  PACMAN  has been demonstrated against Apple's M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems. It leverages "speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity," MIT researchers Joseph Ravichandran, Weon Taek Na, Jay Lang, and Mengjia Yan  said  in a new paper. What's more concerning is that "while the hardware mechanisms used by PACMAN cannot be patched with software features, memory corruption bugs can be," the researchers added. The vulnerability is rooted in pointer authentication codes ( PACs ), a line of defense introduced in arm64e architecture that aims to detect and secure against unexpected changes to  pointers  — objects that reference an address location in memory. PACs aim to solve a common problem in software

Apple's New Feature Will Install Security Updates Automatically Without Full OS Update

Apple's New Feature Will Install Security Updates Automatically Without Full OS Update
June 07, 2022Ravie Lakshmanan
Apple has introduced a Rapid Security Response feature in iOS 16 and macOS Ventura that's designed to deploy security fixes without the need for a full operating system version update. "macOS security gets even stronger with new tools that make the Mac more resistant to attack, including Rapid Security Response that works in between normal updates to easily keep security up to date without a reboot," the company  said  in a statement on Monday. The feature, which also works on iOS , aims to separate regular software updates from critical security improvements and are applied automatically so that users are quickly protected against in-the-wild attacks and unexpected threats. It's worth noting that Apple tested an analogous option in iOS 14.5. Rapid Security Response, viewed in that light, mirrors a similar approach taken by Google through Play Services and Play Protect to secure Android devices from malware and other kinds of fraud. Another key security fea

UpdateAgent Returns with New macOS Malware Dropper Written in Swift

UpdateAgent Returns with New macOS Malware Dropper Written in Swift
May 17, 2022Ravie Lakshmanan
A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. "Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure to host its various payloads and perform its infection status updates to the server," researchers from Jamf Threat Labs  said  in a report. UpdateAgent, first detected in late 2020, has since  evolved  into a malware dropper, facilitating the distribution of second-stage payloads such as adware while also bypassing macOS  Gatekeeper  protections. The newly discovered Swift-based dropper masquerades as Mach-O binaries named " PDFCreator " and " ActiveDirectory " that, upon execution, establish a connection to a remote server and retrieve a bash script to be executed. "The primary difference [between the two executables] is that it reaches out to a different URL from wh

Experts Uncover Spyware Attacks Against Catalan Politicians and Activists

Experts Uncover Spyware Attacks Against Catalan Politicians and Activists
April 19, 2022Ravie Lakshmanan
A previously unknown zero-click exploit in Apple's iMessage was used to install mercenary spyware from  NSO Group  and  Candiru  against at least 65 individuals as part of a "multi-year clandestine operation." "Victims included Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organizations," the University of Toronto's Citizen Lab  said  in a new report. "Family members were also infected in some cases." Of the 65 individuals, 63 were targeted with Pegasus and four others were infected with Candiru, with iPhones belonging to at least two compromised with both. The incidents are said to have mostly occurred between 2017 and 2020. The attacks involved the weaponization of an iOS exploit dubbed HOMAGE that made it possible to penetrate the devices running versions prior to iOS 13.2, which was released on October 28, 2019. It's worth noting that the latest version of iOS is iOS 15.4.1.

New Variant of Chinese Gimmick Malware Targeting macOS Users

New Variant of Chinese Gimmick Malware Targeting macOS Users
March 23, 2022Ravie Lakshmanan
Researchers have disclosed details of a newly discovered macOS variant of a malware implant developed by a Chinese espionage threat actor known to strike attack organizations across Asia. Attributing the attacks to a group tracked as  Storm Cloud , cybersecurity firm Volexity characterized the new malware, dubbed Gimmick, as a "feature-rich, multi-platform malware family that uses public cloud hosting services (such as Google Drive) for command-and-control (C2) channels." The cybersecurity firm said it recovered the sample through memory analysis of a compromised MacBook Pro running macOS 11.6 (Big Sur) as part of an intrusion campaign that took place in late 2021. "Storm Cloud is an advanced and versatile threat actor, adapting its tool set to match different operating systems used by its targets," Volexity researchers Damien Cash, Steven Adair, and Thomas Lancaster  said  in a report. "They make use of built-in operating system utilities, open-source to

Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures

Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures
February 28, 2022Ravie Lakshmanan
Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol. The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security's co-founder Fabian Bräunlein  said  in a deep-dive published last week. Find My is Apple's asset tracking app that allows users to track the GPS location of iOS, iPadOS, macOS, watchOS devices, AirPods, AirTags as well as other supported third-party accessories through a connected iCloud account. It also enables users to view the location of others who have opted to share their location. This is far from the first time weaknesses have been uncovered in Apple's Find My system. In March 2021, the Secure Mobile Networking Lab at the Technical University of Darmstadt, Germany (SEEMO)  disclosed  design and implementation flaws in the pr

Apple Releases iOS, iPadOS, macOS Updates to Patch Actively Exploited Zero-Day Flaw

Apple Releases iOS, iPadOS, macOS Updates to Patch Actively Exploited Zero-Day Flaw
February 11, 2022Ravie Lakshmanan
Apple on Thursday released security updates for  iOS, iPadOS ,  macOS , and  Safari  to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company's third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component that powers the Safari web browser and could be exploited by a piece of specially crafted web content to gain arbitrary code execution.  "Apple is aware of a report that this issue may have been actively exploited," the company said in a terse statement acknowledging in-the-wild attacks leveraging the flaw. The iPhone maker credited an anonymous researcher for discovering and reporting the flaw, adding it remediated the issue with improved memory management. The updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th

Apple Pays $100,500 Bounty to Hacker Who Found Way to Hack MacBook Webcam

Apple Pays $100,500 Bounty to Hacker Who Found Way to Hack MacBook Webcam
January 31, 2022Ravie Lakshmanan
Apple last year fixed a new set of macOS vulnerabilities that exposed Safari browser to attack, potentially allowing malicious actors to access users' online accounts, microphone, and webcam. Security researcher Ryan Pickren, who discovered and reported the bugs to the iPhone maker, was compensated with a $100,500 bug bounty, underscoring the severity of the issues. By exploiting a chain of security issues with iCloud Sharing and Safari 15, it enables the attacker to hijack the multimedia permission and gain "full access to every website ever visited by the victim" in Safari, including Gmail, iCloud, Facebook, and PayPal accounts. The  issues  specifically concern ShareBear, an iCloud file-sharing mechanism that prompts users upon attempting to open a shared document for the first time. Taking advantage of the fact that users are never displayed the prompt again once they accept to open the file, Pickren found that it's possible to alter the file's content to
Deals — IT Courses and Software

Sign up for our cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.