Black Friday Is Here. Get the Lowest Prices ANYWHERE on Macs, iPads and Apple Watches: Apple Price Guides updated Nov 27th

Topic: Security

Google's initial Android Stagefright patch inadequate, forced to issue second fix

08/14/2015, 10:08 am

The first software patch designed to mitigate the high-profile Stagefright vulnerability in Google's Android mobile operating system was insufficient, one security researcher discovered, leading to the issuance of yet another update.


Prosecutors press on with 'think of the children' campaign against encryption in iOS, Android

08/12/2015, 09:08 am

Law enforcement officials have continued to make their caseagainst the new, heftier encryption introduced last year by Apple and Google for their respective mobile operating systems, charging once again that the changes are standing in the way of capturing murderers, pedophiles, sex traffickers, and terrorists.


Apple to patch actively exploited privilege escalation bug in OS X 10.10.5 - report

08/05/2015, 09:08 am

A recently-discovered flaw in Apple's desktop operating system that allows attackers to gain root-level access without requiring users' passwords will be reportedly be fixed in the final release of OS X 10.10.5, which is already in beta.


Active OS X 10.10 zero-day exploit installs malware without need for system passwords

08/03/2015, 09:08 pm

A week after researchers discovered a new privilege escalation zero-day vulnerability in Apple's latest version of OS X 10.10.4, an exploit has appeared allowing nefarious hackers to install adware and malware onto a target Mac without requiring system passwords.


Macs vulnerable to same remote firmware exploits as Windows PCs, researchers find

08/03/2015, 02:08 pm

Macs can still be successfully attacked using some of the same firmware vulnerabilities affecting many Windows PCs, a new proof-of-concept worm is said to demonstrate.


Latest Android security exploit could leave more than half of current devices 'dead' & unusable

07/30/2015, 09:07 am

Yet another serious Android security issue was publicized this week, with the latest exploit rendering devices "lifeless," and said to affect more than half of units currently on the market.


'Stagefright' vulnerability compromises Android phones with 1 text message, may affect 950M devices

07/28/2015, 03:07 pm

A newly discovered security issue in the Android mobile operating system dubbed "Stagefright" has been called one of the worst vulnerabilities to date, and could present a critical issue for some 95 percent of devices in users' hands.


Mozilla adds every version of Flash to default Firefox blocklist

07/14/2015, 01:07 pm

Firefox users awoke Tuesday to an update that blocks every version of Adobe's Flash Player from running in the popular open-source browser, a victory for information security efforts following the unprecedented disclosure of numerous critical Flash vulnerabilities.


It's time to uninstall Adobe's Flash from your Mac - here's how

07/13/2015, 09:07 am

The recent tidal wave of critical vulnerabilities in Adobe's Flash Player has prompted many security professionals to call for the much-maligned software's demise, and we agree. AppleInsider shows you how to uninstall Flash from your Mac, and what to do if you can't live without it.


Apple to remove Recovery Key from iOS 9, OS X 10.11 two-factor authentication process

07/08/2015, 08:07 pm

Apple on Wednesday confirmed that the removal of a pesky Recovery Key security mechanism will be one of the changes coming to its two-factor authentication solution when iOS 9 and OS X 10.11 El Capitan are released this fall.


US law enforcement officials to argue for encryption backdoors before Congress

07/08/2015, 09:07 am

Later on Wednesday, two key U.S. law enforcement officials will testify in front of the Senate Judiciary Committee to argue in support of backdoors in various consumer encryption platforms, a report said.


Apple expanding user privacy, will prevent iOS apps from seeing other installed apps

06/24/2015, 01:06 pm

As part of a continued focus on protecting user privacy, Apple is reportedly planning to change a policy on third-party applications and prevent them from finding out what other apps are installed on an iPhone or iPad.


Adobe addresses new 'actively exploited' critical vulnerability in Flash, users urged to update

06/24/2015, 09:06 am

Yet another severe flaw in Adobe's much-maligned Flash Player has been discovered and is being "actively exploited," the company said on Tuesday, and users with Flash installed are being urged to upgrade to the latest version as soon as possible.


Apple addresses XARA vulnerabilities, says fixes on the way

06/19/2015, 07:06 pm

Apple on Friday commented on the discovery of so-called cross-app resource access (XARA) exploits, saying it rolled out a server-side security update earlier this week and is currently working with researchers on additional fixes.


Serious iOS, OS X flaws lead to password theft in wide ranging security study

06/17/2015, 09:06 am

Three serious vulnerabilities in cross-app resource sharing protocols on Apple's desktop and mobile platforms have been discovered and used successfully to steal data --like passwords and secret authentication keys --including one that lays Keychain open to attackers.


Edward Snowden hails Apple as 'pioneering' for iOS 8 security measures

06/05/2015, 10:06 am

Whistleblower and former National Security Agency contractor Edward Snowden lauded Apple for enabling measures like default full-disk encryption in iOS 8, in a rare editorial published on Friday.


Appeals court deals blow to NSA bulk data program, but collection continues

05/07/2015, 11:05 am

The National Security Agency's controversial metadata collection program --which indiscriminately siphons up billions of phone records -- was not authorized by the Patriot Act, a federal appeals court ruled Thursday, though the court stopped short of ordering the program to be suspended.


Researchers leverage SSL bug to crash Apple devices over Wi-Fi in 'No iOS Zone' attack

04/22/2015, 10:04 am

A bug in iOS's secure sockets layer (SSL) library could allow an attacker to force apps --or in some cases, the entire device --to crash if users connect to a malicious Wi-Fi hotspot, security researchers demonstrated this week.


Some 1,500 iOS apps exposed to serious HTTPS vulnerability, analytics firm says

04/21/2015, 10:04 am

Approximately 1,500 iOS apps are exposed to a vulnerability that could let a hacker bypass HTTPS security and steal passwords and other sensitive data, according to research released on Monday.


Update your Mac: Apple fixes major flaw in OS X Yosemite, but won't patch Lion, Mountain Lion or Mavericks

04/09/2015, 03:04 pm

A serious vulnerability present in every iteration of Apple's desktop operating system since OS X 10.7 --one which allows any user process to gain root privileges --was disclosed to the public on Thursday following the release of OS X 10.10.3, which addresses the issue, and users are urged to update as older OS X versions will remain susceptible to attack.