Get the Lowest Prices anywhere on Macs, iPads and Apple Watches: Apple Price Guides updated April 26th
 

Topic: Keychain

Security researcher hands Apple details of Keychain bug, calls for explanation regarding lack of macOS Bug Bounty program

03/03/2019, 02:03 pm

Linus Henze has informed Apple of all details regarding a bug he discovered in the macOS Keychain security software, and has done so without payment from the company. He previously withheld the information in protest of the company's lack of a Bug Bounty for Mac, but now says the problem is too important to keep to himself.

32 comments

Apple's crippled bug bounty program makes us all less safe online

02/08/2019, 01:02 pm

Paying people when they report serious security issues with macOS and iOS is a good idea but two years on, it's still only done in a half-hearted, miserly way. That's damaging for Apple and it's damaging for us.

18 comments

Researcher demos new macOS Keychain exploit, holds data from Apple in protest

02/06/2019, 09:02 am

A veteran security researcher this week revealed the existence of a new macOS Keychain exploit, while controversially saying he wouldn't share details with Apple because of its bug bounty policies.

25 comments

Tip: Autofill passwords and credit card entry in Safari with Face ID on the iPhone X

11/13/2017, 08:11 pm

The iPhone X can auto-fill crucial data in Safari, using Face ID to authenticate the user, and securely enter credit card information with Apple's iCloud Keychain and Safari Autofill at the crux of the feature. AppleInsider shows you how to set it up.

1 comments

macOS's Keychain vulnerability reported earlier in Sept., Apple patch likely coming soon

09/26/2017, 09:09 am

The Keychain password vulnerability affecting multiple versions of macOS -- including High Sierra -- was reported to Apple on Sept. 7, and will likely be patched by the company in the near future, according to the security researcher who first publicized the issue.

5 comments

macOS High Sierra vulnerability may let unsigned apps steal Keychain logins in plaintext

09/25/2017, 04:09 pm

Apple's macOS High Sierra contains a vulnerability that lets apps discover Keychain passwords in plaintext, though it requires victims to intentionally override built-in security, a researcher noted on Monday.

23 comments

OS X El Capitan still exposed to vulnerabilities in Gatekeeper & Keychain, researchers say

09/30/2015, 03:09 pm

OS X El Capitan, launched earlier on Wednesday, still contains serious vulnerabilities in its Gatekeeper and Keychain features, according to security researchers.

6 comments

New adware scripts mouse clicks to access OS X Keychain, could lead to password theft

09/02/2015, 12:09 pm

A new version of the long-running Genieo adware has brought with it a new technique for accessing the OS X Keychain without user intervention, a security gray area that could be used by other malicious actors to make off with sensitive data stored in the Mac credential manager.

20 comments

Apple addresses XARA vulnerabilities, says fixes on the way

06/19/2015, 07:06 pm

Apple on Friday commented on the discovery of so-called cross-app resource access (XARA) exploits, saying it rolled out a server-side security update earlier this week and is currently working with researchers on additional fixes.

31 comments

Serious iOS, OS X flaws lead to password theft in wide ranging security study

06/17/2015, 09:06 am

Three serious vulnerabilities in cross-app resource sharing protocols on Apple's desktop and mobile platforms have been discovered and used successfully to steal data --like passwords and secret authentication keys --including one that lays Keychain open to attackers.

70 comments