12/22/2014, 02:12 pm
At next week's Chaos Communication Congress in Germany, a researcher will demonstrate a method in which a malicious actor could use a specially-crafted Thunderbolt device to inject a bootkit -- which could survive nearly any attempt to remove it -- into the EFI boot ROM of any Mac with a Thunderbolt port.
Massive, sophisticated "Inception - Cloud Atlas" malware infects Windows and Android but can't exploit Apple's iOS without jailbreak
12/11/2014, 03:12 pm
A vast and sophisticated new espionage campaign targeting "military, diplomats, and business execs," discovered by Blue Coat Labs and confirmed by Kaspersky Labs, exploits flaws in Microsoft Windows and seeks to infect Android, Blackberry and iOS devices, but is limited to only infecting iPhones and iPads that are jailbroken.
11/26/2014, 12:11 am
The United States Department of Justice has fined the CEO of spyware vendor StealthGenie $500,000 and demanded the firm turn over the source code for software designed to remotely monitor calls, texts and other activity on Android and jailbroken iOS devices.
11/13/2014, 11:11 pm
Coming days after the discovery of an iOS vulnerability called "Masque Attack" was made public, Apple late Thursday issued a statement regarding the potentially malicious software, saying default OS X and iOS security settings are enough to thwart attacks.
11/10/2014, 05:11 pm
Despite headlines fretting of a "new era in OS X and iOS malware," Apple's security systems for iOS and OS X are working as intended to protect users from exposure to the ubiquitous malware affecting open platforms including Android and Windows. Here's the realistic, non-sensationalized facts about how safe Apple's users actually are and how users can remain protected from threats that arise.
11/10/2014, 03:11 pm
A recently-discovered vulnerability in Apple's mobile operating system could allow attackers to trick users into replacing legitimate apps that have access to a variety of personal information -- such as banking apps -- with hacked versions that relay that information to malicious actors.
11/06/2014, 01:11 pm
Apple on Thursday announced it has begun taking measures to block apps that contain the so-called "WireLurker" malware, which transmits from a Mac to iOS devices over USB, by preventing the infected applications from launching.
11/05/2014, 06:11 pm
Coming less than one week following the discovery of an OS X vulnerability called "Rootpipe," computer security researchers have found a new form of malware dubbed "WireLurker," which infects well-protected iOS devices through OS X.
11/04/2014, 01:11 pm
Speaking at the Øredev Developer Conference in Malmö, Sweeden, Emil Kvarnhammar of security firm TrueSec demonstrated a privilege escalation vulnerability affecting OS X 10.8.5 through the newest 10.10 Yosemite.
10/24/2014, 08:10 am
Tim Cook's tour of China continues with another interview with local media, this time with the Apple CEO telling users in the country that he had "very open" discussions on privacy and security with the Chinese government, following a series of attacks in the country targeting Apple users.
After gaining U.S. government approval, Samsung Knox security for Android found to be "completely compromised" [u]
10/23/2014, 06:10 pm
Samsung's Knox security layer for Android generates weak encryption keys, stores passwords locally and gives users login hints in a fatal "security by obscurity" design "compromising the security of the product completely," a researcher has detailed.
10/22/2014, 09:10 am
Apple Chief Executive Tim Cook has reportedly traveled to Beijing to meet with the vice premier of China to discuss protecting user data, a meeting prompted by recent hacks targeting iCloud users in the country.
10/21/2014, 12:10 pm
Hackers have reportedly begun targeting iCloud users in mainland China, utilizing a so-called "man-in-the-middle" approach in an attempt to steal user information, with one group accusing the Chinese government itself of perpetrating the attack.
10/13/2014, 10:10 am
James Comey, director of the U.S. Federal Bureau of Investigation, has once again slammed Apple's iPhone and devices running Android that can hold secure, encrypted data that is inaccessible by law enforcement, saying that such capabilities allow users to "place themselves beyond the law."
09/26/2014, 09:09 am
Apple on Friday sought to calm OS X users who feared their computers may be at risk from a widespread vulnerability in popular UNIX command interpreter bash -- which is included in Apple's UNIX-based desktop operating system -- saying that most consumers are not at risk, while advanced users will receive a patch in the coming days.
09/25/2014, 11:09 am
A new and potentially crucial feature in iOS 8 allows an iPhone or iPad to send out its last-known location just before the device's battery dies, increasing the chances that a user might be able to recover their lost Apple product.
09/25/2014, 09:09 am
A security researcher who discovered a brute-force attack against Apple's iCloud service in March -- similar to the "iBrute" vulnerability that surfaced in conjunction with the celebrity photo hacking scandal earlier this month -- says that the company refused to address the flaw for months after he reported it.
09/08/2014, 11:09 am
As part of its efforts to beef up iCloud security and prevent unauthorized access, Apple now by default sends users an email when someone has logged into their iCloud account through a traditional Web browser.
09/07/2014, 11:09 am
Last week's celebrity photo leaks were a stark reminder of what can happen to internet users that fail to follow basic security precautions, like enabling two-factor authentication when it's available. With Apple's own security practices under the microscope, AppleInsider shows you how to enable Cupertino's own implementation.
Cook says Apple will roll out new iCloud security alerts, expand 2-step authentication after celebrity photo flap
09/04/2014, 10:09 pm
In response to a recently leaked cache of nude photos apparently stolen from celebrities' iCloud accounts, Apple CEO Tim Cook said the company plans to activate new security measures designed to thwart future attacks.