Apple Public Beta available 30-Mar-2023

  Public beta releases for macOS 13.4, iOS 16.5, iPadOS 16.5, and Safari 16.5 available 30-Mar-2023.

Apple Updates Everything March 27, 2023

  Apple released updates March 27, 2023

iOS 15.7.4  iPadOS 15.7.4

iOS 16.4  iPadOS 16.4

watchOS 9.4

tvOS 16.4

macOS Big Sur 11.7.5

macOS Monterey 12.6.4

macOS Ventura 13.3

Safari 16.4

Studio Display Firmware 16.4

Some feature updates. AND Important Security fixes.

Microsoft Windows 11 Snipping Tool and Windows 10 Snip & Sketch tool vulnerability and Update available

  The vulnerability (similar to Google Pixel snipping tools(s)) . The vulnerability could allow attackers to access data that users had cropped from an image.

 Visit the Microsoft Store. Access the Library then Updates available.

 After the updates you should have Windows 11 snipping tool version 10.2008.3001.0 and Windows 10 Snip & Sketch tool version 11.2302.20.0.

 This is an example of keeping everything up-to-date, even Apps from the App store.

Ring hit with ransomware 14-mar-2023

 Reports are Ring has been a victim of the ALPHV ransomware.

Ring denies this report. This blog will be updated as events develop.

March Security updates for Android 13-Mar-2023

  The March 2023 Android Security Bulletin includes fixes for two critical remote code execution vulnerabilities. The vulnerabilities affect Android versions 11,12, 12L, and 13.

 Google has advised Android partners at least a month ago.

 Check your Android device for security patch level 2023-03-05 or later. 

 Android devices, so phones, tablets, streamers, SmartTVs, etc.

Google Chrome and ChromeOS updated today 3-11-2023

  Some feature updates AND 40 security patches.

ChromeOS on Chromebooks also updated.  Other chromium browsers should be updating soon as well

Bitwarden Vulnerability

  Disclosed today, March 9, 2023

If the autofill feature is turned on (this feature if off by default) an attacker using a specially crafted web page with an iframe in the HTML code the credentials are automatically filled out in the parent web page.

Bitwarden was aware, but claimed the vulnerability was hard to exploit and many popular web sites ised iframes.

Now that the vulnerability is known Bitwarden users should be more aware and check the option autofill is disabled.

Bitwarden does issue a warning when you go to turn on its autofill feature, stating that "compromised or untrusted websites could take advantage of this to steal credentials."

Apple releases Rapid Security Response for iOS 16.4(b) and iPadOS 16.4(b) and tvOS 16.3.3 March 7, 2023

 The tvOS update is for Apple TV 4k 3rd generation and Apple TV HD.

The iOS and iPadOS Rapid Security Responses are for those in the 16.4 Beta testing channels.

Apple released Rapid Security Response update for iOS & iPadOS 2-March-2023

  Rapid Security Response issued for:

iOS Security Response 16.4(a)

iPadOS Security Response 16.4(a)

macOS Rapid Security Response 13.3(a)

ALL OF THESE Rapid Security Responses are for Beta releases

If you are NOT running any current Beta tests of any Apple hardware you may not see these Security Responses.

This Cyber Security News item will be updated as this develops