HackDig : Dig high-quality web security articles for hackers

With iOS's Privacy Nutrition Label, Apple Upstages Regulators

New iOS privacy features require developers to disclose what data they're collecting, how they're using it, and with whom they share it.In 2012, the National Telecommunications and Information Administration (NTIA) convened a series of meetings that were intended to develop a legally enforceable code of conduct to provide transparency in how companies provid
Publish At:2020-08-13 11:10 | Read:67 | Comments:0 | Tags: IOS

RTSP For iOS 1.0 Denial Of Service

# Exploit Title: RTSP for iOS 1.0 - 'IP Address' Denial of Service (PoC)# Author: Luis Martinez# Discovery Date: 2020-08-03# Vendor Homepage: https://appadvice.com/app/rtsp-viewer/1056996189# Software Link: App Store for iOS devices# Tested Version: 1.0# Vulnerability Type: Denial of Service (DoS) Local# Tested on OS: iPhone 7 iOS 13.5.1# Steps to
Publish At:2020-08-04 18:34 | Read:130 | Comments:0 | Tags: IOS

Mocha Telnet Lite For iOS 4.2 Denial Of Service

# Exploit Title: Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service (PoC)# Discovery by: Luis Martinez# Discovery Date: 2020-08-03# Vendor Homepage: https://apps.apple.com/us/app/telnet-lite/id286893976# Software Link: App Store for iOS devices# Tested Version: 4.2# Vulnerability Type: Denial of Service (DoS) Local# Tested on OS: iPhone 7 iOS
Publish At:2020-08-04 14:42 | Read:73 | Comments:0 | Tags: IOS

Security Advisories for Nagios XI

In June 2020 we reported three vulnerabilities in Nagios XI 5.7.1 to the vendor. The following CVE IDs were assigned to the issues :  CVE-2020-15901: Command Injection in Nagios XI web interface (RCE)  CVE-2020-15902: Cross Site Scripting (XSS)  CVE-2020-15903: Reserved, details will be given on vendor fix CVE-2020-15901 and CVE-2020-15902 have meanwhile b
Publish At:2020-07-30 16:29 | Read:63 | Comments:0 | Tags:Misc IOS

Apple releases macOS Catalina 10.15.6, iOS 13.6, and more

This week Apple released updates to all of its operating systems and Safari browser. Here’s a brief rundown of new features and security-related fixes included with each update.iOS 13.6 and iPadOS 13.6Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generationApple describes these updates’ new fe
Publish At:2020-07-17 17:15 | Read:173 | Comments:0 | Tags:Software & Apps Security Updates IOS

Apple’s latest updates are out for iPhones and Macs – get them now!

byPaul DucklinWhen it comes to updates, Apple doesn’t do “predictable”.Other organisations such as Microsoft, Mozilla and Adobe are well-known for publishing updates not only frequently but also regularly.Indeed, with those companies, you don’t just get updates at least once a month (or once every four weeks for Mozilla), but the pre-
Publish At:2020-07-17 15:55 | Read:155 | Comments:0 | Tags:Apple Apple Safari iOS OS X Exploit ios iPhone macOS Patches

APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6iOS 13.6 and iPadOS 13.6 are now available and address the following:AudioAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4and later, and iPod touch 7th generationImpact: Processing a maliciously crafted audio file may lead toarbitrary code executi
Publish At:2020-07-17 14:49 | Read:264 | Comments:0 | Tags: IOS

TikTok… TikTok… It’s Time to Address the Privacy and Security Risks of All Mobile Apps

The U.S. is “looking at” banning TikTok and other Chinese social media apps, Secretary of State Mike Pompeo told Fox News on Monday. This comes on the heels of TikTok and other “questionable” apps being taken down from Apple’s App Store and Google Play in India. The India Ministry of Information Technology said in a release that it has decided to block 59 a
Publish At:2020-07-08 10:45 | Read:238 | Comments:0 | Tags:App Security Android iOS TikTok zDefend zScan zShield

iOS 14 Beta Goes Public – Should You Install It?

When Apple unveiled iOS 14 at their annual WWDC developer conference, there was a lot to be excited about. iOS, the operating system that powers iPhones and iPads, is about to get a load of new functions and features to improve the user experience. Android owners will have been amused to see home screen widgets finally appear on Apple devices many years afte
Publish At:2020-07-07 09:40 | Read:136 | Comments:0 | Tags:Mobile News Mobile Security Apple iOS iPhone IOS

[SYSS-2020-011] Apple iOS - Exposure of Resource to Wrong Sphere (CWE-668)

Advisory ID: SYSS-2020-011Product: Apple iOSManufacturer: Apple Inc.Affected Version(s): 13.3.1, 13.5.1Tested Version(s): 13.3.1, 13.5.1Vulnerability Type: Exposure of Resource to Wrong Sphere (CWE-668)Risk Level: MediumSolution Status: OpenManufacturer Notification: 2020-03-23Solution Date: -Public Disclosure: 2020-07-02CVE Reference: Not yet assignedAuthor
Publish At:2020-07-03 13:50 | Read:163 | Comments:0 | Tags: IOS

What’s Coming in macOS Big Sur and iOS 14 – Intego Mac Podcast Episode 141

This week, Apple announced the new features for its coming operating system updates: macOS Big Sur, and iOS 14. They also announced a big change to Mac hardware. Josh and Kirk discuss the changes coming, and take a close look at security and privacy features in these operating systems. Apple’s New Plans for the iPhone, iPad, and Mac Unveiled at WWDC 2020Univ
Publish At:2020-06-26 13:26 | Read:173 | Comments:0 | Tags:Intego Mac Security Podcast IOS

An Apple a Day: Treating BYOD Pains with Apple User Enrollment

Even with workers returning to the office—it might be a trickle or a flood depending on the organization—the shift towards remote work is moving from just a short-term necessity to a long-term reality. That shift has changed the face of business worldwide. This change makes it more important than ever for IT and Security teams to prioritize endpoint manageme
Publish At:2020-06-24 11:06 | Read:229 | Comments:0 | Tags:Application Security Endpoint Mobile Security user enrollmen

macOS 11 and iOS 14 – New security and privacy features

In a socially-distanced keynote address to open Apple’s Worldwide Developer Conference yesterday, the company presented new features for the next versions of all of its operating systems. Apple announced new features for macOS, iOS, iPadOS, watchOS, and tvOS, and security and privacy features were prominent across the various operating systems. In this
Publish At:2020-06-24 09:27 | Read:180 | Comments:0 | Tags:Security & Privacy IOS

A survey of recent iOS kernel exploits

Posted by Brandon Azad, Project ZeroI recently found myself wishing for a single online reference providing a brief summary of the high-level exploit flow of every public iOS kernel exploit in recent years; since no such document existed, I decided to create it here.This post summarizes original iOS kernel exploits from local app context targeting iOS 10 thr
Publish At:2020-06-22 11:43 | Read:240 | Comments:0 | Tags: IOS exploit

The Pros and Cons of Apple’s iOS App Store

If you use apps on your iPhone or iPad, other than those included in iOS, you get them from Apple’s App Store. Since Apple’s App Store is the only way to install apps on iOS devices (unlike with macOS where you can obtain apps from the Mac App Store or from developers) you have to use Apple to provide these apps. The App Store has lots of advanta
Publish At:2020-06-19 13:37 | Read:286 | Comments:0 | Tags:Apple App Store IOS

Tools

Tag Cloud