News
New Malware Could Mean Trouble For iOS & macOS Security
Security researchers discovered an attack vector that, if exploited, would allow hackers to access messages, photos, and more.
Although Apple’s products are renowned for their robust security, no company is completely immune to hackers and malware. New research has recently revealed an attack vector that can affect Apple’s iPhone and Mac operating systems, allowing criminals to sweep messages, photos, and call history for exploitable data and — even more worryingly — access location data, photos, and the main camera.
The research comes from security firm Trellix, which says that the security flaws rank as “medium to high severity” and bypass the protections Apple puts in place to protect its users.
“The key thing here is the vulnerabilities break Apple’s security model at a fundamental level,” notes Doug McKee, director of vulnerability research at Trellix. McKee thinks his company’s findings could potentially lead to similar bugs being uncovered. However, it’s important to point out that Apple has so far plugged all of the security holes found by Trellix, and there’s no evidence they were ever exploited.
Trellix’s findings build on previous work by Google and Citizen Lab, who jointly discovered malware known as “ForcedEntry”, a zero-click, zero-day iOS exploit linked to Israeli spyware maker NSO Group and found initially on the iPhone of a Saudi activist.
Also Read: Facebook & Instagram Are Testing Twitter-Style Blue Checks
Analysis of ForcedEntry showed that it worked by fooling an iPhone into opening a malicious PDF disguised as a GIF, ultimately bypassing Apple’s sandbox — a protocol that keeps apps from accessing the data stored by other programs and areas of the device.
While Trellix’s findings are worrisome, it’s important to remember that attackers would need to gain a foothold into a device before being able to install any malware, and Apple has been very efficient at issuing security updates. The initial findings relate to macOS 13.2 and iOS 16.3, which were released in January, so it’s vital that readers ensure their devices are fully up to date!
News
Lebanon Ministers Meet Visa Over National Digital Payment Platform
Finance and technology ministers say a comparative study and roadmap will follow before any decision on adopting a model.
Lebanon’s finance and technology ministers met representatives from Visa last week to discuss a proposed unified national digital payment platform for government services, according to a readout from the Ministry of Finance.
The meeting brought together Finance Minister Yassin Jaber, Minister of State for Technology and Artificial Intelligence Kamal Shehadeh, a Visa delegation, and experts from both ministries. Discussion focused on whether Lebanon could establish a single platform through which citizens and institutions would pay taxes, fees, fines and other official transactions electronically, using mobile phones and other digital channels.
The Visa delegation presented examples from countries that have adopted unified government payment platforms, including the United Arab Emirates, Singapore, Estonia and Jordan. According to the readout, the examples were presented as having increased collection rates and expanded financial inclusion.
Talks covered settlement mechanisms, direct transfer to the treasury account, financial reconciliation, risk management, cybersecurity, fees, and an operational model that would involve the private sector. The parties agreed to continue technical and institutional consultations, prepare a comparative study, and develop an implementation roadmap before any decision on adopting a model for Lebanon.
Jaber said the Ministry of Finance had already enabled citizens to pay using credit cards and e-wallets through transfer companies, but described the proposed platform as a further step. He framed the development of electronic payment and collection systems as a priority within the ministry’s modernization plan.
Also Read: Deezer Says AI Tracks Now Make Up 44% Of Uploads
Shehadeh outlined the citizen-facing concept as a single mobile application through which users could settle obligations to ministries, government institutions and other bodies.
“The idea, in short, is that any citizen downloads an application on their mobile phone, through which they can pay all service obligations for all ministries, government institutions, or those owned by the Lebanese state, and others as well, as the platform is not limited only to state institutions,” he said.
Shehadeh added that the platform would not displace banks and money transfer companies that currently provide collection services to the state, calling it complementary to their work.
Lebanon Ministers Meet Visa Over National Digital Payment Platform
AltoVolo Releases Sigma Footage & Sets Date For Demonstrator
Careem Launches Lebanon Aid Drive With WFP
United Arab Emirates To Quit OPEC After 59 Years
YouTube Tests Conversational AI Search Tool
Yango Ride Introduces In-Chat Trip Planning In ChatGPT
Deezer Says AI Tracks Now Make Up 44% Of Uploads
NVIDIA Puts GPT-5.5 Codex In Hands Of 10,000 Staff
United Arab Emirates To Quit OPEC After 59 Years
