Apple
![Apple CEO Tim Cook, looking grim](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE
Richi Jennings | | App Sec & Supply Chain Security, Apple, Apple iOS, AppSec & Supply Chain Security, CocoaPods, CVE-2024-38366, CVE-2024-38368, dependencies, dependency injection, Dependency Management, macos, macOS Security, Modern Software Supply Chains, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, SB Blogwatch, software dependencies, Supply-Chain Insecurity, third-party dependencies, trust dependencies
Tim looks grim: 10 year old vulnerabilities in widely used dev tool include a CVSS 10.0 remote code execution bug ...
Security Boulevard
![app, sideloading, MDM, Apple, IoS, SEC SIM swap X account](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
EU Opens the App Store Gates: A Call to Arms for MDM Implementation
By introducing a mobile device management (MDM) platform into the existing infrastructure, administrators gain the ability to restrict sideloading on managed devices ...
Security Boulevard
![Citizen Lab vs. NSO Group: The Fight for Privacy](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Citizen Lab vs. NSO Group, Apple AI and Privacy
Tom Eston | | AI, Apple, Apple AI, Apple Intelligence, canada, Citizen Lab, court, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, Human Rights, Information Security, Infosec, lawsuit, NSO Group, Pegasus, Podcast, Podcasts, Privacy, security, spyware, technology, Weekly Edition
In episode 334, hosts Tom Eston, Scott Wright, and Kevin Johnson discuss two major topics. First, they explore the ongoing legal battle between Citizen Lab and the Israeli spyware company NSO Group ...
![A T-shirt, reading “You are here”](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Apple API Allows Wi-Fi AP Location Tracking
Richi Jennings | | Apple, apple bug, customer location, geofencing and location tracking, geolocation, GPS location, Location, location access risks, location data, Location data privacy, location privacy, location services, location sharing location tracking, SB Blogwatch, Skyhook, Starlink, Tibro, Wi-Fi, wi-fi security
Privacy FAIL: Apple location service returns far more data than it should—to people who have no business knowing it—and without your permission ...
Security Boulevard
![New Tracker Warning Features on iPhones & Androids!](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
New Tracker Warning Features on iPhones & Androids, 2024 Verizon Data Breach Investigations Report
Tom Eston | | AI, AI Hype, AirTag, Android 6, Apple, bluetooth, Cyber Security, Cybersecurity, Data breaches, Data Privacy, Digital Privacy, Episodes, Exploits, google, Information Security, Infosec, ios, Malware, Phishing, Podcast, Podcasts, Privacy, Secret Trackers, security, social engineering, Stalking, technology, trackers, verizon, Verizon DBIR, Vulnerabilities, Weekly Edition
In episode 330 Tom, Scott, and Kevin discuss the new features for iPhones and Android phones designed to warn users about secret trackers, possibly aiding in identifying stalkers. The hosts discuss Apple ...
![Three South Korean soldiers stand guard at the DMZ between North and South Korea](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
South Korean iPhone Ban: MDM DMZ PDQ
Richi Jennings | | android, Apple, Apple iOS, Apple iPhone, bring your own device, byod, byod challenges, BYOD policy, BYOD Security, clandestine iPhone tracking, iPhone, iPhone and iPad, iphone security, Korea, Korean military, MDM, military, military grade security, Military Security, Mobile Device Management (MDM), North Korea, northkorea, Noth Korea, Operational military strategy, opsec, Samsung, Samsung Galaxy, SB Blogwatch, South Korea, southkorea
MDM Hindered: Android phones are still OK; this is Samsung’s home, after all ...
Security Boulevard
Dracula Phishing Platform Targets Organizations Worldwide
Wajahat Raja | | Advanced phishing techniques, Apple, countermeasures, Cyber Threats, cybercriminals, Cybersecurity, Cybersecurity News, Domain registration, Dracula phishing platform, Email spoofing, imessage, Malicious intent, Netcraft, online safety, Password reset protection, RCS protocol, security measures, SMS filters, User Awareness
In light of recent cyber threats, the Dracula phishing platform has prevailed, targeting organizations in over 100 countries. The Dracula phishing attacks are centered on leveraging an immense network of over 20,000 ...
![Multiple, unskippable notifications](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones
Richi Jennings | | 2fa, 2FA bypass, 2FA Flaws, 2FA phishing, 2FA solution, 2FA/MFA, Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iCloud, Apple ID, Apple ID failure, Apple iOS, Apple iPad, Apple iPhone, bypass 2FA, MFA, MFA Bombing, mfa fatigue, MFA hacks, mfa protection, mfasecurity, Multi-Factor Authentication (MFA), OTP, OTP circumvention bot, OTP interception bot, phishing-resistant MFA, push otp, SB Blogwatch, TOTP, two-factor-authentication.2fa
Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support ...
Security Boulevard
Hardware Vulnerability in Apple’s M-Series Chips
It’s yet another hardware side-channel attack: The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access ...
![A green worm on a juicy red apple](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys
Richi Jennings | | Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iOS, Apple iPad, ARM, cache, dmp, GoFetch, iPad, M1, M2, M3, Macintosh, macos, SB Blogwatch
GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads ...
Security Boulevard