A Fix For That Scary WhatsApp Exploit is Live

· · Link

WhatsApp

An Israeli firm called NSO Group used a WhatsApp exploit to inject spyware on target devices. A fix for the exploit is live.

Given the stealthy way the attack was attempted, it’s impressive that WhatsApp caught it as quickly as they did. Engineers at Facebook have been busy sorting this one out over the weekend…Named CVE-2019-3568…affected versions include…WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51.

Security Researcher Won't Share macOS Keychain Bug

· · Link

Security researcher Linuz Henze found a macOS Keychain bug but won’t share it with Apple out of protest.

Henze has publicly shared legitimate iOS vulnerabilities in the past, so he has a track record of credibility. However, Henze is frustrated that Apple’s bug bounty program only applies to iOS, not macOS, and has decided not to release more information about his latest Keychain invasion.

It is odd that there isn’t a macOS bug bounty but I think withholding security information isn’t the way to go.

Wikileaks Giving CIA's iPhone Spy Code to Apple

· · News

Cellebrite's servers hit with data breach

Apple may have patched most of the security flaws that Wikileaks revealed the CIA is exploiting, but not all of them. Apple has been scrambling trying to learn more about the remaining exploits and it looks like the help it needs is coming directly from Wikileaks. The organization said it plans to share everything it knows about the hacks with Apple, and it’s going to do the same for other tech companies the CIA targeted, too.

Update your iOS 9.x Devices Now!

· · Dr. Mac's Rants & Raves

What kind of

Dr. Mac says he doesn’t  usually write about Apple’s minor operating system updates, but, if you’re using an iPhone, iPad, or iPod touch, you should update to iOS version 9.3.5 without delay. Read all about it in Dr. Mac’s Rants & Raves #190:  Update your iOS 9.x Devices Now!