Software

iOS Update Available – Version 7.0.4 is Here

This week, Apple has released a small but very important update to their popular mobile operating system – iOS 7.0.4. According to the details provided, by Apple, the update comes with several bug fixes and improvements, including a fix for an issue that causes FaceTime calls to fail in some cases.

But the latest iOS update also comes with an important security fix for CVE-2013-5193, a vulnerability allowing App and In-App purchases to be completed with insufficient authorization – meaning that the password prompt presented to a signed in user before making an App purchase could have been bypassed and the transaction completed without providing a password.

Why are updates so important?

This software update for iOS, just like many other software updates for any platform, shows once again the importance of updating. Updates don’t just fix innocent bugs, they don’t just improve the user’s experience. They do that, yes, but most of the times updates also fix security vulnerabilities which can be exploited in-the-wild.

How to update your iOS device?

The quickest way to update your iPhone, iPad or iPod touch is to do it directly from the device. Just make sure you have everything backed up before you proceed, that you are connected to a WiFi network and the device has enough power, then just go to Settings ‘ General ‘ Software Update. If an update is available, tap Download, then Install.

You can also update your device through iTunes, while it’s connected through a cable. For more details and tips, Apple has a complete step-by-step guide available here: http://support.apple.com/kb/HT4623

iOS Update Available – Version 7.0.4 is Here

Your email address will not be published.

 

Reports

APT trends report Q1 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022.

Lazarus Trojanized DeFi app for delivering malware

We recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a full-featured backdoor.

MoonBounce: the dark side of UEFI firmware

At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.

Subscribe to our weekly e-mails

The hottest research right in your inbox