Get the Lowest Prices anywhere on Macs, iPads and Apple Watches: Apple Price Guides updated September 19th
 

Topic: Security

Intel faces trio of class action lawsuits over Meltdown & Spectre security holes

01/08/2018, 11:01 am

Intel is staring down class action lawsuits in California, Indiana, and Oregon over the Meltdown and Spectre vulnerabilities exposed in modern processors, which can be used to access restricted memory in unpatched devices.

9 comments

AppleInsider podcast discusses Intel's bad week, Apple's iPhone battery situation, Chicago snow, Spotify, more

01/05/2018, 08:01 am

This week on the AppleInsider podcast, Mike and a special guest discuss the three-pronged attack against modern CPUs, continues the iPhone battery debacle debate, delves into the $16 billion Spotify copyright lawsuit, and talks about the iMac Pro.

3 comments

All Mac & iOS CPUs affected by 'Meltdown' and 'Spectre' chip flaws, some fixes already in place with more coming

01/04/2018, 07:01 pm

Following the news that both Intel- and ARM-based processors can be susceptible to various hacks, Apple issued a statement on Thursday announcing that it has already implemented some fixes in the latest iOS and macOS releases, with more still to come. However, there are not currently any known exploits taking advantage of "Meltdown" and "Spectre."

56 comments

Older, jailbroken iPhones or Apple TVs possibly susceptible to CPU kernel vulnerability

01/04/2018, 07:01 am

An ARM security update for the Cortex A8, Cortex A9, and Cortex A15 processors issued late on Wednesday suggests that older Apple iOS-based devices may be impacted by the CPU bug -- but they would have to be jailbroken, and running malware locally for the exploit to work.

7 comments

Home security camera company Blink bought out by Amazon

12/22/2017, 01:12 pm

After fulfilling a $1 million crowd-funding campaign for a debut security camera, shipping a second, and announcing a third Blink has been bought by Amazon for undisclosed terms, likely dashing any hopes for HomeKit integration.

8 comments

Some versions of Windows 10's facial recognition can be fooled by photos

12/21/2017, 03:12 pm

Although the issue has been patched through Microsoft's Fall Creators Update, outdated versions of Windows 10's Hello facial recognition can be spoofed with a photo, a German security firm said this week.

15 comments

Developer says now-fixed Apple HomeKit vulnerability was temporarily worsened in iOS 11.2

12/21/2017, 01:12 pm

Though Apple ultimately solved the issue with iOS 11.2.1 and tvOS 11.2.1, a HomeKit vulnerability discovered in October was simply made more severe in iOS 11.2, according to one developer.

3 comments

'Intentional' event redirects cloud traffic from Apple, Google & others through Russia

12/14/2017, 09:12 am

Internet traffic coming into and out of Apple, Facebook, Google, Microsoft, and other companies was briefly redirected through a Russian provider on Wednesday, in what appears to have been a deliberate move.

22 comments

Data of 31 million users of iPhone add-on keyboard ai.type potentially leaks

12/06/2017, 10:12 am

Conflicting accounts have emerged about a security breach involving the ai.type add-on keyboard for iOS and Android, with researchers claiming that 31 million people's data has been compromised -- with a user's contacts also potentially included in the leak.

40 comments

Apple's Cook talks privacy, AI & App Store revenues at China's World Internet Conference

12/03/2017, 05:12 pm

Speaking on Sunday at the World Internet Conference -- organized by the Cybersecurity Administration of China -- Apple CEO Tim Cook addressed a variety of topics, including sensitive ones that risked offending the pro-censorship Chinese government.

17 comments

Apple explains how to fix macOS High Sierra file sharing after security update breaks feature

11/29/2017, 08:11 pm

Though today's macOS High Sierra security update patched a critical root user bug, it introduced a problem that prevents Mac users from authenticating or connecting to file shares on their Mac.

31 comments

Apple issues macOS High Sierra update to fix password-less root vulnerability

11/29/2017, 11:11 am

Apple on Wednesday released a special security update for macOS High Sierra, solving a recently uncovered flaw which would let people gain root access without entering a password.

56 comments

Major vulnerability in Apple's macOS provides System Administrator access with few instructions [u]

11/28/2017, 04:11 pm

A new security flaw in macOS High Sierra has been discovered by researchers -- one that can grant users access to the system administrator account on a target machine, enabling access to the account without requiring a password.

44 comments

Google engineer proves any iPhone app with permission to access the camera is capable of spying

10/26/2017, 09:10 am

A Google engineer has demonstrated it is possible for a malicious iOS app to spy on a user, with a proof of concept app capable of photographing or recording from both iPhone cameras without the user's knowledge, all by exploiting the permissions granted by the user allowing access to the cameras.

103 comments

Alleged 'KRACK Attack' vulnerability threatens to lay bare Wi-Fi WPA-2 security

10/16/2017, 09:10 am

A set of six collegiate researchers are set to unveil details on a Key Reinstallation Attack (KRACK Attack) for WPA-2 Wi-Fi security, which if legitimate can allow attackers to undermine encryption on any wi-fi connection utilizing the security method -- including Apple hardware connecting to Airport Extreme and Airport Express routers. AppleInsider explains what it is, and how to cut down on the potential for attack until patches are rolled out.

29 comments

OnePlus' OxygenOS found to be linking device IDs to collected analytics data

10/11/2017, 12:10 pm

Smartphone maker OnePlus, a competitor against Apple's iPhone, is both collecting a lot of analytics data from users and linking it to personally identifiable information, according to one security researcher.

10 comments

Proof of concept phishing attack mimics iOS popups to steal user passwords

10/10/2017, 07:10 pm

Demonstrating a potentially glaring iOS security hole, developer Felix Krause created a proof of concept phishing attack that takes advantage of system popups, and the way users interact with these messages, to steal Apple ID credentials.

23 comments

Apple Supplemental Update for macOS High Sierra fixed Disk Utility, Keychain vulnerabilities

10/06/2017, 01:10 pm

Apple has released more details about its macOS High Sierra 10.13 Supplemental Update released on Thursday, advising it fixed two security issues relating to APFS volume encryption and a potential hack that could allow an attacker to extract a user's keychain passwords.

8 comments

Yahoo says all 3B accounts impacted by 2013 data breach

10/03/2017, 05:10 pm

Yahoo in a statement on Tuesday said further investigation into a massive 2013 data breach suggests all 3 billion its user accounts were impacted from the incident, tripling the internet firm's initial estimates.

10 comments

Security study finds old or improperly updated Macs in limited danger from EFI attack vectors

09/29/2017, 10:09 am

A new study postulates that Apple's lack of transparency about firmware updates could be lulling users and system administrators into a false sense of security -- but the situation on Windows computers is far worse, and an attack focusing on EFI modification needs to be highly focused and specifically targeted.

8 comments