Just days let to get the lowest prices of the year on Macs & iPads: Apple Price Guides updated Dec 22nd (exclusive coupons)

Topic: Security

Apple's Mac EFI found vulnerable to bootkit attack via rogue Thunderbolt devices

12/22/2014, 02:12 pm

At next week's Chaos Communication Congress in Germany, a researcher will demonstrate a method in which a malicious actor could use a specially-crafted Thunderbolt device to inject a bootkit -- which could survive nearly any attempt to remove it -- into the EFI boot ROM of any Mac with a Thunderbolt port.

16 comments

Massive, sophisticated "Inception - Cloud Atlas" malware infects Windows and Android but can't exploit Apple's iOS without jailbreak

12/11/2014, 03:12 pm

A vast and sophisticated new espionage campaign targeting "military, diplomats, and business execs," discovered by Blue Coat Labs and confirmed by Kaspersky Labs, exploits flaws in Microsoft Windows and seeks to infect Android, Blackberry and iOS devices, but is limited to only infecting iPhones and iPads that are jailbroken.

52 comments

US DOJ fines StealthGenie for selling Android, iOS spyware, demands source code

11/26/2014, 12:11 am

The United States Department of Justice has fined the CEO of spyware vendor StealthGenie $500,000 and demanded the firm turn over the source code for software designed to remotely monitor calls, texts and other activity on Android and jailbroken iOS devices.

44 comments

Apple responds to Masque Attack concerns, says unaware of affected users

11/13/2014, 11:11 pm

Coming days after the discovery of an iOS vulnerability called "Masque Attack" was made public, Apple late Thursday issued a statement regarding the potentially malicious software, saying default OS X and iOS security settings are enough to thwart attacks.

51 comments

WireLurker, Masque Attack malware only a threat for users who disable Apple's iOS, OS X security

11/10/2014, 05:11 pm

Despite headlines fretting of a "new era in OS X and iOS malware," Apple's security systems for iOS and OS X are working as intended to protect users from exposure to the ubiquitous malware affecting open platforms including Android and Windows. Here's the realistic, non-sensationalized facts about how safe Apple's users actually are and how users can remain protected from threats that arise.

46 comments

'Masque' attack for iOS could let hackers replace legitimate apps with malicious copies

11/10/2014, 03:11 pm

A recently-discovered vulnerability in Apple's mobile operating system could allow attackers to trick users into replacing legitimate apps that have access to a variety of personal information -- such as banking apps -- with hacked versions that relay that information to malicious actors.

24 comments

Apple now blocking 'WireLurker' malware targeting Chinese iOS & Mac users

11/06/2014, 01:11 pm

Apple on Thursday announced it has begun taking measures to block apps that contain the so-called "WireLurker" malware, which transmits from a Mac to iOS devices over USB, by preventing the infected applications from launching.

30 comments

New 'WireLurker' malware targets Chinese Apple users, hops from OS X to iOS via USB

11/05/2014, 06:11 pm

Coming less than one week following the discovery of an OS X vulnerability called "Rootpipe," computer security researchers have found a new form of malware dubbed "WireLurker," which infects well-protected iOS devices through OS X.

67 comments

TrueSec outlines "Rootpipe" privilege escalation vulnerability in Mac OS X Yosemite

11/04/2014, 01:11 pm

Speaking at the Øredev Developer Conference in Malmö, Sweeden, Emil Kvarnhammar of security firm TrueSec demonstrated a privilege escalation vulnerability affecting OS X 10.8.5 through the newest 10.10 Yosemite.

45 comments

Apple CEO Tim Cook says privacy talks with Chinese government were 'very open'

10/24/2014, 08:10 am

Tim Cook's tour of China continues with another interview with local media, this time with the Apple CEO telling users in the country that he had "very open" discussions on privacy and security with the Chinese government, following a series of attacks in the country targeting Apple users.

12 comments

After gaining U.S. government approval, Samsung Knox security for Android found to be "completely compromised" [u]

10/23/2014, 06:10 pm

Samsung's Knox security layer for Android generates weak encryption keys, stores passwords locally and gives users login hints in a fatal "security by obscurity" design "compromising the security of the product completely," a researcher has detailed.

70 comments

Hacks targeting Chinese iCloud users prompt Apple CEO Tim Cook to meet China's vice premier

10/22/2014, 09:10 am

Apple Chief Executive Tim Cook has reportedly traveled to Beijing to meet with the vice premier of China to discuss protecting user data, a meeting prompted by recent hacks targeting iCloud users in the country.

74 comments

Hackers targeting Apple iCloud users in mainland China with 'massive' attack

10/21/2014, 12:10 pm

Hackers have reportedly begun targeting iCloud users in mainland China, utilizing a so-called "man-in-the-middle" approach in an attempt to steal user information, with one group accusing the Chinese government itself of perpetrating the attack.

33 comments

FBI director continues crusade against Apple's encryption of iPhone data

10/13/2014, 10:10 am

James Comey, director of the U.S. Federal Bureau of Investigation, has once again slammed Apple's iPhone and devices running Android that can hold secure, encrypted data that is inaccessible by law enforcement, saying that such capabilities allow users to "place themselves beyond the law."

176 comments

Apple says most customers not vulnerable to 'shellshock,' patch coming for advanced users

09/26/2014, 09:09 am

Apple on Friday sought to calm OS X users who feared their computers may be at risk from a widespread vulnerability in popular UNIX command interpreter bash -- which is included in Apple's UNIX-based desktop operating system -- saying that most consumers are not at risk, while advanced users will receive a patch in the coming days.

57 comments

Increase the chances of recovering your lost iPhone by enabling 'Send Last Location' in iOS 8

09/25/2014, 11:09 am

A new and potentially crucial feature in iOS 8 allows an iPhone or iPad to send out its last-known location just before the device's battery dies, increasing the chances that a user might be able to recover their lost Apple product.

30 comments

Researcher accuses Apple of ignoring iCloud brute-force attack for 6 months

09/25/2014, 09:09 am

A security researcher who discovered a brute-force attack against Apple's iCloud service in March -- similar to the "iBrute" vulnerability that surfaced in conjunction with the celebrity photo hacking scandal earlier this month -- says that the company refused to address the flaw for months after he reported it.

94 comments

Apple now emails users whenever their iCloud account is accessed through a Web browser

09/08/2014, 11:09 am

As part of its efforts to beef up iCloud security and prevent unauthorized access, Apple now by default sends users an email when someone has logged into their iCloud account through a traditional Web browser.

37 comments

How to enable Apple's secure two-step verification for your iCloud & iTunes accounts

09/07/2014, 11:09 am

Last week's celebrity photo leaks were a stark reminder of what can happen to internet users that fail to follow basic security precautions, like enabling two-factor authentication when it's available. With Apple's own security practices under the microscope, AppleInsider shows you how to enable Cupertino's own implementation.

67 comments

Cook says Apple will roll out new iCloud security alerts, expand 2-step authentication after celebrity photo flap

09/04/2014, 10:09 pm

In response to a recently leaked cache of nude photos apparently stolen from celebrities' iCloud accounts, Apple CEO Tim Cook said the company plans to activate new security measures designed to thwart future attacks.

81 comments