The latest version of password manager 1Password 7.3 concentrates on its Mac version's menubar app which now lets you drag passwords and login details into websites or also into supported apps on your Mac.
Linus Henze has informed Apple of all details regarding a bug he discovered in the macOS Keychain security software, and has done so without payment from the company. He previously withheld the information in protest of the company's lack of a Bug Bounty for Mac, but now says the problem is too important to keep to himself.
Paying people when they report serious security issues with macOS and iOS is a good idea but two years on, it's still only done in a half-hearted, miserly way. That's damaging for Apple and it's damaging for us.
The iPhone X can auto-fill crucial data in Safari, using Face ID to authenticate the user, and securely enter credit card information with Apple's iCloud Keychain and Safari Autofill at the crux of the feature. AppleInsider shows you how to set it up.
The Keychain password vulnerability affecting multiple versions of macOS — including High Sierra — was reported to Apple on Sept. 7, and will likely be patched by the company in the near future, according to the security researcher who first publicized the issue.
Apple's macOS High Sierra contains a vulnerability that lets apps discover Keychain passwords in plaintext, though it requires victims to intentionally override built-in security, a researcher noted on Monday.
A new version of the long-running Genieo adware has brought with it a new technique for accessing the OS X Keychain without user intervention, a security gray area that could be used by other malicious actors to make off with sensitive data stored in the Mac credential manager.
Apple on Friday commented on the discovery of so-called cross-app resource access (XARA) exploits, saying it rolled out a server-side security update earlier this week and is currently working with researchers on additional fixes.
Three serious vulnerabilities in cross-app resource sharing protocols on Apple's desktop and mobile platforms have been discovered and used successfully to steal data — like passwords and secret authentication keys — including one that lays Keychain open to attackers.