Apple Inc.'s services chief, set to testify in Washington Tuesday, plans to defend the lucrative deal that made Google's search engine the default option on the iPhone, saying it was the best choice for consumers.
07.09.2023 - 21:31 / pcmag.com / Ios
UPDATE: Citizen Lab says the vulnerabilities were used in attacks from the notorious Israeli spyware provider NSO Group.
"Last week, while checking the device of an individual employed by a Washington DC-based civil society organization with international offices, Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware," the group says.
Perhaps the most alarming part is that the attack can compromise an iPhone running the latest version of iOS "without any interaction from the victim," Citizen Lab adds. Hence, the watchdog group is urging all users to update their iPhones.
Original story:
Hackers have been spotted exploiting two new vulnerabilities in iOS, prompting Apple to release an emergency patch.
The fix is rolling out via the iOS 16.6.1 and iPadOS 16.6.1 updates, both of which warn: “Apple is aware of a report that this issue may have been actively exploited.”
The first vulnerability, CVE-2023-41064, affects Image I/O, a software framework that helps apps read and write various image formats. According to Apple, a “buffer overflow issue” in Image I/O can be exploited to create a maliciously crafted image, which can trigger iOS to run rogue computer code. This could be abused to download malware to an iPhone.
Apple Macs also use Image I/O, so the company created a patch for macOS Ventura to protect the products from the threat.
The company learned of the flaw from Citizen Lab, a watchdog group that often investigates hacking attacks from commercial spyware dealers. Citizen Lab didn’t immediately respond to a request for comment. But it’s possible the vulnerability was uncovered while the group was trying to protect victims from a new spyware threat.
With Citizen Lab's help, Apple also uncovered the second vulnerability, dubbed CVE-2023-41061, which affects the Apple Wallet app and can be abused to manipulate the Wallet app to run rogue computer code if iOS processes a “malicious crafted attachment.”
Hence, it sounds like both vulnerabilities can allow hackers to remotely attack iPhones by sending malicious files. The company’s fixes for iOS have been designed to protect iPhone 8 models and higher. In addition, Cupertino issued an update for watchOS to address the CVE-2023-41061 vulnerability on Apple Watches.
Users can update their iPhones by going to Settings > General > Software Update. The phone can also patch itself automatically if you’ve toggled on automatic updates.
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and
Apple Inc.'s services chief, set to testify in Washington Tuesday, plans to defend the lucrative deal that made Google's search engine the default option on the iPhone, saying it was the best choice for consumers.
CD Projekt have dropped the launch trailer for Cyberpunk 2077: Phantom Liberty, in great news for fans of driving-combat-cutscene montages and wailing, rain-slicked theme tunes, but less great news, apparently, for mega fans of the male-presenting incarnation of player character V, voiced by Gavin Drea. I haven't touched Cyberpunk since release in 2020, and I'm sort of intrigued to discover that the female-presenting version of the protagonist, voiced by Cherami Leigh, has become the default for marketing purposes.
Resident Evil Village is coming to Apple-flavoured smart devices just in time for Halloween on 30th October, 2023.
John Giannandrea, a former top Google executive who decamped to Apple Inc. to head its artificial intelligence business, pointed out a quiet change in the latest iPhone software update that allows users to select a search engine other than Google's when browsing the internet in private mode.
Thursday’s newly disclosed vulnerabilities in iOS were used to install spyware on an iPhone belonging to an Egyptian politician running for president, according to security researchers.
Apple today released a fix for a trio of iOS vulernabilities that hackers may already be exploiting.
Great stories come in all shapes and forms; while some people would rather watch movies, some others prefer the interactivity that only video games have to offer. For some reason, the practice of turning popular movies into console games has fallen out of fashion in recent years – and that’s terrible news for both film aficionados and gamers alike. It’s a shame, really, because we’ve been getting some of the most game-worthy films in history these days. Things like the entirety of the MCU would make amazing gaming experiences and could help expand the storytelling of movies in ways that no TV show or comic book ever could. That’s why today, we’ve made a list of 10 movies that would make excellent video games.
Is the Russian government using spyware from Israel’s NSO Group? According to researchers, spyware from the notorious Israeli company has been found on an iPhone belonging to an exiled Russian journalist.
Disney Dreamlight Valley has a new update in store for September, complete with patch notes and an official release date. While last June saw the introduction of DreamSnaps, the game was lacking in fresh characters and realms. But now, DDV’s next update is bursting with musical furniture, a duo of new characters, and a selection of premium items — all neatly bundled with the addition of a brand-new realm.
It looks like a spyware attack that’s been targeting Apple iPhones can also compromise Google’s Chrome browser.
For the first time, the new iPhone model you buy on the launch day could be made in India. Apple Inc. plans to make the India-built iPhone 15 available in the South Asian country and some other regions on the global sales debut day, people familiar with the matter said. While the vast majority of iPhone 15s will come from China, that would be the first time a latest generation, India-assembled device is available on the first day of sale, they said, asking not to be identified as the matter is private.
Apple Wonderlust event: After months of anticipation, the Apple event is almost here and the tech titan will unveil its next generation of iPhones today. The Cupertino-based tech giant is expected to showcase four iPhones - iPhone 15, iPhone 15 Plus, iPhone 15 Pro, and iPhone 15 Pro Max, alongside other products such as Apple Watch Series 9, Watch Ultra 2, and even AirPods Pro 2nd Generation with a new USB Type-C port. While rumours claimed that Apple would be launching a handful of other products too, it isn't likely to be the case.