Apple’s product security response team on Monday rolled out patches to cover numerous serious security vulnerabilities affecting users of its flagship iOS and macOS platforms.
Apple Patches WebKit Code Execution Flaws
Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution
Cybersecurity firm NCC Group has shared details on two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.
Justices Turn Away Israeli Spyware Maker in WhatsApp Suit
The Supreme Court on Monday rejected an Israeli spyware maker’s bid to derail a high-profile lawsuit filed by the WhatsApp messaging service.
The justices left in place lower court rulings against the Israeli firm, NSO Group. WhatsApp claims that NSO targeted some 1,400 users of the encrypted messaging service with highly sophisticated spyware.
FCC Proposes Tighter Data Breach Reporting Rules for Wireless Carriers
The Federal Communications Commission (FCC) is proposing tighter rules on the reporting of data breaches by wireless carriers.
The updated rules, the FCC says, will fall in line with recent changes in federal and state laws regarding data breaches in other sectors.
Nearly 300 Vulnerabilities Patched in Huawei’s HarmonyOS in 2022
Chinese tech giant Huawei patched nearly 300 vulnerabilities in its HarmonyOS operating system in 2022.
EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer
As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States.
Godfather Android Banking Trojan Targeting Over 400 Applications
The Godfather Android banking trojan has been observed targeting over 400 banking and crypto applications in 16 countries, threat intelligence firm Group-IB warns.
US Government Agencies Issue Guidance on Threats to 5G Network Slicing
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have released guidance on the security risks associated with 5G network slicing and mitigation strategies.
Apple Patches Zero-Day Vulnerability Exploited Against iPhones
Apple on Tuesday published 10 new advisories describing vulnerabilities affecting its products, including a zero-day that has been exploited against iPhone users.
Adobe Patches 38 Flaws in Enterprise Software Products
After skipping last month, Adobe returned to its scheduled Patch Tuesday cadence with the release of fixes for at least 38 vulnerabilities in multiple enterprise-facing products.
The San Jose, California software maker said the flaws could expose users to code execution and privilege escalation attacks across all computer platforms.