Get the Lowest Prices anywhere on Macs, iPads and Apple Watches: Apple Price Guides updated March 19th

Topic: Security

Some versions of Windows 10's facial recognition can be fooled by photos

12/21/2017, 03:12 pm

Although the issue has been patched through Microsoft's Fall Creators Update, outdated versions of Windows 10's Hello facial recognition can be spoofed with a photo, a German security firm said this week.


Developer says now-fixed Apple HomeKit vulnerability was temporarily worsened in iOS 11.2

12/21/2017, 01:12 pm

Though Apple ultimately solved the issue with iOS 11.2.1 and tvOS 11.2.1, a HomeKit vulnerability discovered in October was simply made more severe in iOS 11.2, according to one developer.


'Intentional' event redirects cloud traffic from Apple, Google & others through Russia

12/14/2017, 09:12 am

Internet traffic coming into and out of Apple, Facebook, Google, Microsoft, and other companies was briefly redirected through a Russian provider on Wednesday, in what appears to have been a deliberate move.


Data of 31 million users of iPhone add-on keyboard ai.type potentially leaks

12/06/2017, 10:12 am

Conflicting accounts have emerged about a security breach involving the ai.type add-on keyboard for iOS and Android, with researchers claiming that 31 million people's data has been compromised -- with a user's contacts also potentially included in the leak.


Apple's Cook talks privacy, AI & App Store revenues at China's World Internet Conference

12/03/2017, 05:12 pm

Speaking on Sunday at the World Internet Conference -- organized by the Cybersecurity Administration of China -- Apple CEO Tim Cook addressed a variety of topics, including sensitive ones that risked offending the pro-censorship Chinese government.


Apple explains how to fix macOS High Sierra file sharing after security update breaks feature

11/29/2017, 08:11 pm

Though today's macOS High Sierra security update patched a critical root user bug, it introduced a problem that prevents Mac users from authenticating or connecting to file shares on their Mac.


Apple issues macOS High Sierra update to fix password-less root vulnerability

11/29/2017, 11:11 am

Apple on Wednesday released a special security update for macOS High Sierra, solving a recently uncovered flaw which would let people gain root access without entering a password.


Major vulnerability in Apple's macOS provides System Administrator access with few instructions [u]

11/28/2017, 04:11 pm

A new security flaw in macOS High Sierra has been discovered by researchers -- one that can grant users access to the system administrator account on a target machine, enabling access to the account without requiring a password.


Google engineer proves any iPhone app with permission to access the camera is capable of spying

10/26/2017, 09:10 am

A Google engineer has demonstrated it is possible for a malicious iOS app to spy on a user, with a proof of concept app capable of photographing or recording from both iPhone cameras without the user's knowledge, all by exploiting the permissions granted by the user allowing access to the cameras.


Alleged 'KRACK Attack' vulnerability threatens to lay bare Wi-Fi WPA-2 security

10/16/2017, 09:10 am

A set of six collegiate researchers are set to unveil details on a Key Reinstallation Attack (KRACK Attack) for WPA-2 Wi-Fi security, which if legitimate can allow attackers to undermine encryption on any wi-fi connection utilizing the security method -- including Apple hardware connecting to Airport Extreme and Airport Express routers. AppleInsider explains what it is, and how to cut down on the potential for attack until patches are rolled out.


OnePlus' OxygenOS found to be linking device IDs to collected analytics data

10/11/2017, 12:10 pm

Smartphone maker OnePlus, a competitor against Apple's iPhone, is both collecting a lot of analytics data from users and linking it to personally identifiable information, according to one security researcher.


Proof of concept phishing attack mimics iOS popups to steal user passwords

10/10/2017, 07:10 pm

Demonstrating a potentially glaring iOS security hole, developer Felix Krause created a proof of concept phishing attack that takes advantage of system popups, and the way users interact with these messages, to steal Apple ID credentials.


Apple Supplemental Update for macOS High Sierra fixed Disk Utility, Keychain vulnerabilities

10/06/2017, 01:10 pm

Apple has released more details about its macOS High Sierra 10.13 Supplemental Update released on Thursday, advising it fixed two security issues relating to APFS volume encryption and a potential hack that could allow an attacker to extract a user's keychain passwords.


Yahoo says all 3B accounts impacted by 2013 data breach

10/03/2017, 05:10 pm

Yahoo in a statement on Tuesday said further investigation into a massive 2013 data breach suggests all 3 billion its user accounts were impacted from the incident, tripling the internet firm's initial estimates.


Security study finds old or improperly updated Macs in limited danger from EFI attack vectors

09/29/2017, 10:09 am

A new study postulates that Apple's lack of transparency about firmware updates could be lulling users and system administrators into a false sense of security -- but the situation on Windows computers is far worse, and an attack focusing on EFI modification needs to be highly focused and specifically targeted.


Apple sees dramatic surge in US national security requests, no declassified letters

09/28/2017, 04:09 pm

Between January and the end of June Apple received somewhere between 13,250 and 13,499 national security requests from the U.S. government, including orders under the Foreign Intelligence Surveillance (FISA) Court and national security letters, Apple revealed this week in its latest transparency report.


Apple revamps 'Privacy' site to sell customers on benefits of tech like encryption & differential privacy

09/27/2017, 03:09 pm

Apple on Wednesday updated its "Privacy" minisite, reorganizing it to better communicate what the company does to safeguard personal data on its various hardware and software platforms.


macOS's Keychain vulnerability reported earlier in Sept., Apple patch likely coming soon

09/26/2017, 09:09 am

The Keychain password vulnerability affecting multiple versions of macOS -- including High Sierra -- was reported to Apple on Sept. 7, and will likely be patched by the company in the near future, according to the security researcher who first publicized the issue.


macOS High Sierra vulnerability may let unsigned apps steal Keychain logins in plaintext

09/25/2017, 04:09 pm

Apple's macOS High Sierra contains a vulnerability that lets apps discover Keychain passwords in plaintext, though it requires victims to intentionally override built-in security, a researcher noted on Monday.


Apple's 'differential privacy' still collects too much specific data, study says

09/15/2017, 05:09 pm

Apple's use of "differential privacy" -- a method that inserts random noise into data as it's collected en masse -- doesn't go far enough to protect personal information, a study suggested this week.