Apple has just released iOS 12.5.5, a security-only update for iOS 12.Some in the security industry had wondered whether iOS 12 would continue to get occasional security updates. At the announcement of iOS 15, Apple stated that iOS 14 would continue to get security updates. However, Apple had not made any public statements about iOS 12.Which Apple devices

Apple released iOS 15 and iPadOS 15 on Monday, September 20, and, as usual, many people updated their iPhones, iPads, and iPod touches to the new operating systems. But unlike in the past, Apple is not pushing people to make the upgrade. For the first time, Apple is going to maintain the previous operating system for users who don’t want to upgrade.

There’s new Mac malware hiding in a terminal emulator app, an interesting Finder vulnerability, and Apple launches iCloud+. We also wonder why Apple isn’t prompting iOS users to upgrade to iOS 15Made in China: OSX.ZuRuRemotely exploitable “inetloc” zero-day vulnerability hits the MacWhy doesn’t Apple want people to upgrade to iOS 15?N

Apple has deprecated the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in recently launched iOS and macOS versions and plans to remove support in future releases altogether.TLS is a secure communication protocol designed to protect users from eavesdropping, tampering, and message forgery while accessing and exchanging information over an Inte

Researchers found multiple flaws in widely used network management products from Nagios that pose serious risk to organizations. Researchers from industrial cybersecurity firm Claroty have discovered eleven vulnerabilities in widely used network management products from Nagios. Nagios XI provides monitoring of all mission-critical infrastructure compone

Researchers have discovered nearly a dozen vulnerabilities in widely used network management products from Nagios. The flaws could pose a serious risk to organizations as these types of products can be a tempting target for malicious actors.The vulnerabilities were discovered by researchers at industrial cybersecurity firm Claroty as part of a research proje

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2021-09-20-6 Additional information forAPPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8iOS 14.8 and iPadOS 14.8 addresses the following issues.Information about the security content is also available athttps://support.apple.com/HT212807.BluetoothAvailable for: iPhone 6s and later, iPad Pro (all models), iP

One of the blights of the modern world is the notifications we get on our devices. They can interrupt meetings, meals, and movies. It’s possible to pare down the notifications that you get, by turning off this feature for specific apps, but there are apps you may always want notifications from. You probably want to be notified when you receive phone

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8iOS 14.8 and iPadOS 14.8 addresses the following issues. Informationabout the security content is also available athttps://support.apple.com/HT212807.CoreGraphicsAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2and later, iPad 5th generation and la

Apple has released a series of security updates to patch two critical vulnerabilities that the company says were “actively exploited” in the wild.The following updates were released on Monday, September 13, 2021:iOS 14.8iPadOS 14.8macOS Big Sur 11.6Security Update 2021-005 CatalinaSafari 14.1.2 (build 14611.3.10.1.7 for Mojave and 15611.3.10.1.

On September 13, The Citizen Lab revealed new research surrounding the Pegasus spyware campaign, presenting their discovery of a zero-click vulnerability targeting Apple devices across the entire endpoint ecosystem. In response to the disclosure, Apple has released security updates for all their devices from mobile to desktop. With Zimperium’s machine learn

Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. One is known to be used to install the Pegasus spyware on iPhones.The vulnerabilities are tracked as CVE-2021-30860 and CVE-2021-30858, and both allow maliciously crafted documents to execute commands when opened

Cisco fixed multiple high-severity flaws in the IOS XR software that can allow attackers to trigger a DoS condition, elevate privileges, overwrite/read arbitrary files. Cisco released security updates to address multiple high-severity vulnerabilities in the IOS XR software that can be exploited to conduct multiple malicious activities, such as rebooting

Cisco this week released patches for multiple high-severity vulnerabilities in the IOS XR software and warned that attackers could exploit these bugs to reboot devices, elevate privileges, or overwrite and read arbitrary files.The most severe of these issues is CVE-2021-34720 (CVSS score 8.6), a bug that could be exploited remotely without authentication to

ASUS has released BIOS updates for over two hundred motherboard models to automatically enable the built-in TPM 2.0 security process so that users can upgrade to Windows 11.To explain what this means, it is important to give a bit of a background on TPMs and why they are required by Windows 11.The Windows 11 + TPM 2.0 controversyWhen Microsoft first ann