11/15/2016, 03:11 pm
Pre-installed software on some Android phones from a developer contracted to develop the software for an undisclosed Chinese manufacturer sends the contents of text messages composed on the device, in addition to other user metadata, to a server in China.
11/15/2016, 12:11 pm
The makers of the music discovery app Shazam have promised a software update in the next few days, after it was uncovered that the current Mac version is always listening -- even when it's supposed to be off.
11/03/2016, 11:11 am
Password storage and retrieval tool LastPass is altering its pricing structure again, with the most recent opening up cross-platform password storage to all users with an ad-supported tier.
10/10/2016, 09:10 am
UK cabinet members have been prohibited from wearing Apple Watch during Cabinet meetings, over misplaced concern that they may be penetrated by Russian spies, and used for covert surveillance and recordings of sensitive government business.
09/29/2016, 09:09 pm
Zerodium, a well-known "bug broker," on Thursday announced a new $1.5 million top end limit for zero-day exploits targeting iPhones and iPads running Apple's latest version of iOS 10.
09/28/2016, 11:09 am
Apple has allegedly invited a bevy of third party security experts and device hackers to its headquarters to break down the details of the previously announced bug bounty program for macOS and iOS.
09/01/2016, 08:09 pm
Apple in a patch last week blocked a particularly nasty malware package called "Pegasus" from infiltrating iOS devices, and the company is now doing the same for its OS X desktop operating system.
08/31/2016, 10:08 am
Rather than waiting until 2018, Apple could introduce eye-scanning technology to securely identify users next year, if a new supply chain rumor is to be believed.
08/30/2016, 04:08 pm
Once again, BitTorrent client Transmission has distributed malware to some users through an altered installer, with downloaders of the software on Aug. 28 and 29 probably infected by the "Keydnap" package.
08/29/2016, 04:08 pm
An app ostensibly for browsing Dribbble passed through Apple's App Store review process despite coming loaded with a hidden feature that allowed users running iOS 9.3.3 or earlier to jailbreak their device.
08/25/2016, 03:08 pm
More details have emerged about the need for the iOS 9.3.5 patch, which looks to have terminated a trio of exploits capable of a remote jailbreak and mass exfiltration of data from a target's iPhone, including device and account passwords.
08/25/2016, 01:08 pm
Apple on Thursday pushed out yet another important update for its iOS 9 operating system, addressing serious security holes apparently exploited by an Israeli hacking firm, in what could be the final patch ahead of the release of iOS 10.
08/16/2016, 08:08 pm
The full video of Apple's presentation at this year's Black Hat security conference was posted to YouTube on Tuesday, offering viewers a deep dive into iOS security mechanisms, from backbone synchronization service iCloud to new systems like HomeKit.
Oops: Microsoft leaks its Golden Key, unlocking Windows Secure Boot and exposing the danger of backdoors
08/10/2016, 04:08 pm
Microsoft has demonstrated why the FBI's desire for "Golden Key" backdoors allowing "good guys" to bypass security is such a bad idea: it inadvertently released its own keys to Windows tablets, phones, HoloLens and other devices using UEFI Secure Boot.
08/09/2016, 12:08 pm
Apple engineer Ivan Krstić spoke on far more than Apple's new bug bounty program at the Black Hat security conference, and delved into the inner workings of iOS hardware and software security features both in iOS 9 and the forthcoming iOS 10.
07/28/2016, 04:07 pm
Apple's head of Security Engineering and Architecture will go into "unprecedented technical detail" on iOS security during a talk at this year's Black Hat USA conference in Las Vegas, including new technology coming with iOS 10.
07/28/2016, 09:07 am
Apple has implemented the .xip file compression protocol with digital signatures for its newest Xcode 8 beta distribution, instead of the unsecured .zip format, guaranteeing that the contents have not changed since initial creation.
07/26/2016, 11:07 am
Newly-published guidelines could lead Apple and other companies to find an alternative to SMS for two-factor authentication, such as dedicated apps, according to reports.
07/12/2016, 10:07 am
Amid revelations that the popular Pokémon Go game for iPhone offers universal access to Google accounts, Google and Niantic have said that user emails and other sensitive data are not being harvested, and that a pair of fixes are incoming.
07/07/2016, 03:07 pm
A second piece of Mac-specific malware has been discovered this week, one that could expose the passwords stored in the macOS Keychain. But once again, Apple's Gatekeeper security -- when properly configured -- will block the attack from succeeding.