12" MacBooks In Stock; Get the Lowest Prices Anywhere: Apple Price Guides updated July 6th

Topic: Security

Apple expanding user privacy, will prevent iOS apps from seeing other installed apps

06/24/2015, 01:06 pm

As part of a continued focus on protecting user privacy, Apple is reportedly planning to change a policy on third-party applications and prevent them from finding out what other apps are installed on an iPhone or iPad.

15 comments

Adobe addresses new 'actively exploited' critical vulnerability in Flash, users urged to update

06/24/2015, 09:06 am

Yet another severe flaw in Adobe's much-maligned Flash Player has been discovered and is being "actively exploited," the company said on Tuesday, and users with Flash installed are being urged to upgrade to the latest version as soon as possible.

53 comments

Apple addresses XARA vulnerabilities, says fixes on the way

06/19/2015, 07:06 pm

Apple on Friday commented on the discovery of so-called cross-app resource access (XARA) exploits, saying it rolled out a server-side security update earlier this week and is currently working with researchers on additional fixes.

30 comments

Serious iOS, OS X flaws lead to password theft in wide ranging security study

06/17/2015, 09:06 am

Three serious vulnerabilities in cross-app resource sharing protocols on Apple's desktop and mobile platforms have been discovered and used successfully to steal data --like passwords and secret authentication keys --including one that lays Keychain open to attackers.

67 comments

Edward Snowden hails Apple as 'pioneering' for iOS 8 security measures

06/05/2015, 10:06 am

Whistleblower and former National Security Agency contractor Edward Snowden lauded Apple for enabling measures like default full-disk encryption in iOS 8, in a rare editorial published on Friday.

124 comments

Appeals court deals blow to NSA bulk data program, but collection continues

05/07/2015, 11:05 am

The National Security Agency's controversial metadata collection program --which indiscriminately siphons up billions of phone records -- was not authorized by the Patriot Act, a federal appeals court ruled Thursday, though the court stopped short of ordering the program to be suspended.

14 comments

Researchers leverage SSL bug to crash Apple devices over Wi-Fi in 'No iOS Zone' attack

04/22/2015, 10:04 am

A bug in iOS's secure sockets layer (SSL) library could allow an attacker to force apps --or in some cases, the entire device --to crash if users connect to a malicious Wi-Fi hotspot, security researchers demonstrated this week.

17 comments

Some 1,500 iOS apps exposed to serious HTTPS vulnerability, analytics firm says

04/21/2015, 10:04 am

Approximately 1,500 iOS apps are exposed to a vulnerability that could let a hacker bypass HTTPS security and steal passwords and other sensitive data, according to research released on Monday.

29 comments

Update your Mac: Apple fixes major flaw in OS X Yosemite, but won't patch Lion, Mountain Lion or Mavericks

04/09/2015, 03:04 pm

A serious vulnerability present in every iteration of Apple's desktop operating system since OS X 10.7 --one which allows any user process to gain root privileges --was disclosed to the public on Thursday following the release of OS X 10.10.3, which addresses the issue, and users are urged to update as older OS X versions will remain susceptible to attack.

99 comments

Apple's resistance to hiring felons for Campus 2 construction is unusual, but not unprecedented

04/07/2015, 03:04 pm

Apple has found itself in the midst of an unexpected controversy this week after it was revealed that the iPhone maker bars laborers with recent felony convictions from working on its new corporate campus, a practice that may be unusual among private companies, but is not without precedent.

73 comments

Apple, U.S. tech giants call for government spying reform in open letter to Congress

03/25/2015, 07:03 pm

A number of powerful tech companies sent an open letter to Congress, President Barack Obama and other government agencies on Wednesday, arguing for drastic change in the nation's surveillance laws that currently allow for bulk consumer data collection.

9 comments

Apple's Safari among browsers taken down at Pwn2Own day 2

03/20/2015, 02:03 pm

Safari, Chrome, Firefox, and Internet Explorer were all successfully exploited during the second day of the annual Pwn2Own hacking contest in Vancouver.

19 comments

New 'IP Box' tool bypasses 10-try limit for PINs on older iOS versions, automates brute force attacks

03/18/2015, 09:03 am

A relatively new $300 device could allow attackers to crack the PIN codes on out-of-date iPhones or iPads, taking advantage of a flaw in iOS versions older than 8.1.1 that allows unlimited attempts at PIN entry, even when users enable Apple's 10-try limit.

17 comments

CIA has waged 'secret campaign' to crack Apple's iOS security - report

03/10/2015, 07:03 am

Classified documents released by whistleblower Edward Snowden reveal that the Central Intelligence Agency has been engaged in a multi-year coordinated effort to crack the security of Apple's iOS platform, which powers and protects the iPhone and iPad.

130 comments

New SSL/TLS flaw leaves Safari vulnerable to man-in-the-middle attack, Apple promises fix

03/03/2015, 03:03 pm

A newly-discovered flaw in some implementations of cryptographic protocols SSL and TLS -- including those used by Apple's Safari and Google's Android AOSP browsers -- could allow an attacker to force clients to use older, weaker encryption that would make it significantly easier to intercept secure communications.

11 comments

Stanford researchers develop method for tracking mobile devices using battery charge data

02/23/2015, 12:02 pm

Privacy advocates have long tried to educate consumers on the perils of giving apps access to GPS data, but a group of Stanford researchers has developed a method to infer a device's location from a seemingly much more innocuous source -- battery charge information.

14 comments

Lenovo bundled adware on some laptops, leaves users with staggering security vulnerabilities

02/19/2015, 02:02 pm

Chinese PC maker Lenovo has found itself in the middle of a public relations disaster, following revelations that it sold a number of notebook computers with pre-installed software that hijacks users' browser sessions to inject customized advertisements and seriously degrades the security of encrypted connections.

45 comments

Apple signs on to Obama's cybersecurity framework as Tim Cook calls privacy 'life and death' issue

02/13/2015, 05:02 pm

Apple is among more than a half-dozen major U.S. corporations that have agreed to integrate the White House's Cybersecurity Framework into their operations, but the iPhone maker will not share security information with the federal government.

71 comments

US government to accept Apple Pay for 'many' transactions starting in September

02/13/2015, 02:02 pm

Speaking at the White House Summit on Cybersecurity and Consumer Protection on Friday, Apple Chief Executive Tim Cook revealed that the U.S. government plans to begin accepting Apple Pay for a number of transactions, starting with admission to U.S. national parks.

36 comments

Apple's iMessage, FaceTime now protected by two-step verification

02/12/2015, 05:02 pm

Apple continues to expand the range of offerings covered by its two-step verification scheme, with security-conscious users now able to count iMessage and FaceTime among those features protected by the service.

16 comments