Get the lowest prices anywhere on Macs & iPads with exclusive discounts: Apple Price Guides updated Jan 30th

Topic: Security

OS X 10.10.2 will fix years-old Thunderbolt hardware vulnerability

01/26/2015, 01:01 pm

A Mac hardware vulnerability that has yet to be exploited on a wide scale will reportedly be fixed with Apple's forthcoming OS X 10.10.2 update for Yosemite, preventing any future attacks.

16 comments

Google's Project Zero reveals three new zero-day exploits in Apple's OS X [u]

01/23/2015, 10:01 am

An internal software security research team at Google has publicly revealed three of recently-discovered zero-day exploits in Apple's Mac OS X desktop operating system, though the severity of each vulnerability is unknown.

70 comments

Apple agrees to subject products to Chinese government security audits - report

01/22/2015, 11:01 am

China's State Internet Information Office will reportedly be allowed to conduct network security inspections of Apple products offered for sale in China as the company seeks to assuage fears that its devices can be used for intelligence gathering purposes by foreign governments.

31 comments

NSA leaker Edward Snowden refuses to use Apple's iPhone over spying concerns - report

01/21/2015, 11:01 am

Infamous former National Security Agency contractor Edward Snowden, responsible for leaking thousands of pages of classified intelligence documents from the secretive spy organization, reportedly believes that the iPhone contains "special software" that can be remotely activated by authorities for intelligence gathering purposes.

173 comments

Apple's OS X Spotlight found to ignore e-mail privacy settings

01/09/2015, 12:01 pm

Mac owners who regularly make use of OS X's built-in Mail application and Spotlight search should take care when searching through e-mail messages, as Spotlight's preview functionality has been shown to ignore Mail's remote content settings and could inadvertently transmit unintended data to email senders.

34 comments

Apple's Mac EFI found vulnerable to bootkit attack via rogue Thunderbolt devices

12/22/2014, 02:12 pm

At next week's Chaos Communication Congress in Germany, a researcher will demonstrate a method in which a malicious actor could use a specially-crafted Thunderbolt device to inject a bootkit -- which could survive nearly any attempt to remove it -- into the EFI boot ROM of any Mac with a Thunderbolt port.

20 comments

Massive, sophisticated "Inception - Cloud Atlas" malware infects Windows and Android but can't exploit Apple's iOS without jailbreak

12/11/2014, 03:12 pm

A vast and sophisticated new espionage campaign targeting "military, diplomats, and business execs," discovered by Blue Coat Labs and confirmed by Kaspersky Labs, exploits flaws in Microsoft Windows and seeks to infect Android, Blackberry and iOS devices, but is limited to only infecting iPhones and iPads that are jailbroken.

52 comments

US DOJ fines StealthGenie for selling Android, iOS spyware, demands source code

11/26/2014, 12:11 am

The United States Department of Justice has fined the CEO of spyware vendor StealthGenie $500,000 and demanded the firm turn over the source code for software designed to remotely monitor calls, texts and other activity on Android and jailbroken iOS devices.

44 comments

Apple responds to Masque Attack concerns, says unaware of affected users

11/13/2014, 11:11 pm

Coming days after the discovery of an iOS vulnerability called "Masque Attack" was made public, Apple late Thursday issued a statement regarding the potentially malicious software, saying default OS X and iOS security settings are enough to thwart attacks.

51 comments

WireLurker, Masque Attack malware only a threat for users who disable Apple's iOS, OS X security

11/10/2014, 05:11 pm

Despite headlines fretting of a "new era in OS X and iOS malware," Apple's security systems for iOS and OS X are working as intended to protect users from exposure to the ubiquitous malware affecting open platforms including Android and Windows. Here's the realistic, non-sensationalized facts about how safe Apple's users actually are and how users can remain protected from threats that arise.

46 comments

'Masque' attack for iOS could let hackers replace legitimate apps with malicious copies

11/10/2014, 03:11 pm

A recently-discovered vulnerability in Apple's mobile operating system could allow attackers to trick users into replacing legitimate apps that have access to a variety of personal information -- such as banking apps -- with hacked versions that relay that information to malicious actors.

24 comments

Apple now blocking 'WireLurker' malware targeting Chinese iOS & Mac users

11/06/2014, 01:11 pm

Apple on Thursday announced it has begun taking measures to block apps that contain the so-called "WireLurker" malware, which transmits from a Mac to iOS devices over USB, by preventing the infected applications from launching.

30 comments

New 'WireLurker' malware targets Chinese Apple users, hops from OS X to iOS via USB

11/05/2014, 06:11 pm

Coming less than one week following the discovery of an OS X vulnerability called "Rootpipe," computer security researchers have found a new form of malware dubbed "WireLurker," which infects well-protected iOS devices through OS X.

67 comments

TrueSec outlines "Rootpipe" privilege escalation vulnerability in Mac OS X Yosemite

11/04/2014, 01:11 pm

Speaking at the Øredev Developer Conference in Malmö, Sweeden, Emil Kvarnhammar of security firm TrueSec demonstrated a privilege escalation vulnerability affecting OS X 10.8.5 through the newest 10.10 Yosemite.

45 comments

Apple CEO Tim Cook says privacy talks with Chinese government were 'very open'

10/24/2014, 08:10 am

Tim Cook's tour of China continues with another interview with local media, this time with the Apple CEO telling users in the country that he had "very open" discussions on privacy and security with the Chinese government, following a series of attacks in the country targeting Apple users.

12 comments

After gaining U.S. government approval, Samsung Knox security for Android found to be "completely compromised" [u]

10/23/2014, 06:10 pm

Samsung's Knox security layer for Android generates weak encryption keys, stores passwords locally and gives users login hints in a fatal "security by obscurity" design "compromising the security of the product completely," a researcher has detailed.

70 comments

Hacks targeting Chinese iCloud users prompt Apple CEO Tim Cook to meet China's vice premier

10/22/2014, 09:10 am

Apple Chief Executive Tim Cook has reportedly traveled to Beijing to meet with the vice premier of China to discuss protecting user data, a meeting prompted by recent hacks targeting iCloud users in the country.

74 comments

Hackers targeting Apple iCloud users in mainland China with 'massive' attack

10/21/2014, 12:10 pm

Hackers have reportedly begun targeting iCloud users in mainland China, utilizing a so-called "man-in-the-middle" approach in an attempt to steal user information, with one group accusing the Chinese government itself of perpetrating the attack.

33 comments

FBI director continues crusade against Apple's encryption of iPhone data

10/13/2014, 10:10 am

James Comey, director of the U.S. Federal Bureau of Investigation, has once again slammed Apple's iPhone and devices running Android that can hold secure, encrypted data that is inaccessible by law enforcement, saying that such capabilities allow users to "place themselves beyond the law."

176 comments

Apple says most customers not vulnerable to 'shellshock,' patch coming for advanced users

09/26/2014, 09:09 am

Apple on Friday sought to calm OS X users who feared their computers may be at risk from a widespread vulnerability in popular UNIX command interpreter bash -- which is included in Apple's UNIX-based desktop operating system -- saying that most consumers are not at risk, while advanced users will receive a patch in the coming days.

57 comments