Apple on Tuesday published 10 new advisories describing vulnerabilities affecting its products, including a zero-day that has been exploited against iPhone users.
Apple Patches Zero-Day Vulnerability Exploited Against iPhones
LF Electromagnetic Radiation Used for Stealthy Data Theft From Air-Gapped Systems
Mordechai Guri, a cybersecurity researcher from the Ben-Gurion University of the Negev in Israel who specializes in air gap jumping, has released a paper detailing yet another method that can be used to stealthily exfiltrate data from systems isolated from the internet and local networks.
TikTok Hit by US Lawsuits Over Child Safety, Security Fears
TikTok was hit Wednesday with a pair of lawsuits from the US state of Indiana, which accused it of making false claims about the Chinese-owned app’s safety for children.
Over 75 Vulnerabilities Patched in Android With December 2022 Security Updates
Google this week announced the December 2022 Android updates with patches for over 75 vulnerabilities, including multiple critical remote code execution (RCE) flaws.
The most severe of the RCE bugs is CVE-2022-20411, an issue in Android’s System component that could be exploited over Bluetooth.
‘Scattered Spider’ Cybercrime Group Targets Mobile Carriers via Telecom, BPO Firms
A threat actor tracked as ‘Scattered Spider’ is targeting telecommunications and business process outsourcing (BPO) companies in an effort to gain access to mobile carrier networks and perform SIM swapping, cybersecurity firm CrowdStrike warns.
Google Migrating Android to Memory-Safe Programming Languages
Google is seeing a significant decrease in memory safety issues in Android due to the progressive migration to memory-safe programming languages, such as Rust.
‘Schoolyard Bully’ Android Trojan Targeted Facebook Credentials of 300,000 Users
Mobile security firm Zimperium is warning of an Android trojan that may have stolen Facebook credentials from a large number of users.
Hack-for-Hire Group Targets Android Users With Malicious VPN Apps
A hack-for-hire group known as Bahamut has been targeting Android users with trojanized versions of legitimate VPN applications, ESET reports.
US Bans Huawei, ZTE Telecoms Gear Over Security Risk
US authorities announced a ban Friday on the import or sale of communications equipment deemed “an unacceptable risk to national security” — including gear from Chinese giants Huawei Technologies and ZTE.
Google Ready to Roll Out Android Privacy Sandbox in Beta
Google this week announced plans to roll out Android Privacy Sandbox in beta starting early next year, delivering a more private advertising experience to mobile users.
