Get the Lowest Prices anywhere on Macs, iPads and Apple Watches: Apple Price Guides updated December 11th
 

Topic: Security

Complex iOS 12 passcode bypasses grant access to iPhone Contacts and Photos

09/28/2018, 11:09 pm

A pair of extremely involved passcode bypasses discovered in Apple's latest iOS 12 can grant attackers access to Contacts and Photo data on a user's iPhone, including models protected by Face ID.

24 comments

Almost 50M Facebook accounts at risk for theft after latest security breach

09/28/2018, 01:09 pm

Facebook on Friday revealed that it recently uncovered a major security breach impacting close to 50 million users, which could result in the user's account being stolen by the thieves.

21 comments

Apple's Device Enrollment Program vulnerable to attack over device serial authentication

09/27/2018, 08:09 am

Apple's Device Enrollment Program, used by businesses to provision iPhones and iPads with an internal device management server, is claimed to have a weakness in its authentication that could allow an attacker to learn internal information about an organization.

5 comments

Australian teen receives 8 months probation for hacking Apple's corporate network

09/26/2018, 11:09 pm

An Australian teen who gained unauthorized access to Apple's corporate network has been sentenced to eight months probation for his crimes, which included the collection of about one terabyte of sensitive data gleaned from company servers.

16 comments

Zero-day vulnerability in macOS Mojave bypasses system-level privacy permissions

09/24/2018, 07:09 pm

Apple's macOS Mojave, which was released to users around the world on Monday, includes a faulty implementation of security protections that can potentially expose personal user data, according to one security researcher.

14 comments

NSO malware accessed executive's iPhone within minutes

09/20/2018, 04:09 pm

While the Pegasus software accessed the man's iPhone while he was in the company's offices, the attack was not wide, and the entrepreneur had volunteered his phone.

24 comments

Sen. Rubio takes Apple to task for slow response to Adware Doctor's data harvesting

09/19/2018, 03:09 pm

A frequent critic of the company in regards to China, U.S. Senator Marco Rubio has reportedly sent a letter to Apple CEO Tim Cook asking why the company didn't immediately react to word a Mac App Store title was exporting browser histories to the country.

0 comments

Newegg card skimming hack stole customer payment details for over a month

09/19/2018, 01:09 pm

Online retailer Newegg has become the victim of a month-long data breach, with the payment details of thousands of customers potentially acquired by hackers, by adding code to the store's payments page in a similar manner to other recent attacks.

6 comments

Apple details Siri Shortcuts, Screen Time, student ID cards, more in updated iOS Security Guide

09/17/2018, 07:09 pm

Following the release of iOS 12, Apple on Monday issued as revised version of its iOS Security Guide detailing new features and system improvements including Siri Suggestions, the new Shortcuts app, Screen Time and more.

2 comments

Updates bring Password Autofill support to 1Password, Dashlane, Keeper and LastPass

09/17/2018, 05:09 pm

Updates to popular iOS titles 1Password, Dashlane, LastPass and Keeper deliver support for Apple's Password Autofill tool, a built-in password management extension that is now open to third-party apps in iOS 12.

20 comments

WebKit flaw crashes iPhones when malicious page opened in browsers, HTML-rendering apps

09/17/2018, 08:09 am

A security researcher has disclosed a bug in WebKit that can cause a kernel panic on an iOS device, prompting a restart of an affected iPhone or iPad, by exploiting a vulnerability in the rendering engine using just 15 lines of code in a webpage.

12 comments

Safari for iOS URL spoofing exploit revealed, with no documented fix

09/11/2018, 10:09 am

A security researcher has revealed an issue that can allow website addresses to be spoofed in Safari for iOS and Microsoft's Edge browser, but while Microsoft has since fixed the flaw, it is unclear if Apple has updated Safari, potentially leaving the iOS browser vulnerable to attack.

14 comments

Review: Ring's iPhone-connected Spotlight Cam Solar falters without a paid subscription

09/08/2018, 05:09 am

Ring's Spotlight Cam Solar kit is a decent option for outdoor security -- but hard to recommend to most people unless you can check very specific boxes.

8 comments

More malicious apps found in Mac App Store that are stealing user data

09/07/2018, 04:09 pm

A number of apps in the Mac App Store have been found to be stealing data from its users, acquiring sensitive information and sending it to the developer, including one app which was the top paid utility available in the store before its removal.

34 comments

Spyware maker mSpy exposes iCloud info as part of massive data breach

09/06/2018, 10:09 am

The private data of millions of people -- including iCloud usernames and authentication tokens -- was recently exposed on an mSpy Web database which, until it was taken down, didn't require authentication.

42 comments

Google's $50 Titan Security Keys for consumer accounts now available in U.S.

08/30/2018, 11:08 am

Google has started to sell its Titan Security Keys to the public in the United States, expanding the availability of the Google-produced hardware tokens from just its cloud customers to anyone who wants to enhance the security of their Google account -- and they work on the Mac and iOS.

20 comments

Sprint staff portal poorly secured, allowed for easy SIM swapping attack

08/27/2018, 09:08 am

"Weak passwords" are being blamed for a security breach at wireless carrier Sprint, which could have set up users for an attack allowing for phone number theft and transfer.

6 comments

Flaws in Apple & Asurion websites expose PINs of millions of iPhone users

08/24/2018, 08:08 pm

Although already fixed, security vulnerabilites at Apple's online store and the website for Asurion, a phone insurance firm, recently exposed the PINs of millions of mobile accounts, a report revealed on Friday.

18 comments

Personal data of two million customers swiped in T-Mobile breach

08/24/2018, 08:08 am

T-Mobile has confirmed it is the victim of a server breach where attackers accessed customer data, with the recently-discovered intrusion involving personal data potentially affecting as many as two million users of the major U.S. carrier.

43 comments

Exploit in Airmail 3 for macOS can send a user's data to attackers by simply opening an email

08/22/2018, 09:08 am

The macOS email client Airmail 3 contains a number of severe vulnerabilities, researchers claim, with attackers potentially able to use the exploits to steal a user's emails and attachments, just from the user opening a specially-constructed message.

6 comments