Google's Project Zero has revealed a "high severity" flaw in the macOS kernel, one which could allow an attacker to make changes to a file without macOS being informed, an issue that could lead to infected files being opened and allowing more malicious activities to become available to abuse.
Linus Henze has informed Apple of all details regarding a bug he discovered in the macOS Keychain security software, and has done so without payment from the company. He previously withheld the information in protest of the company's lack of a Bug Bounty for Mac, but now says the problem is too important to keep to himself.
Vulnerabilities in Thunderbolt has been disclosed by security researchers, with "Thunderclap" allowing a device connecting over Thunderbolt to acquire sensitive data from the host Mac, an issue that affects almost all Macs released since 2011.
This week on the AppleInsider Podcast, Victor and William talk about digital data security and how protecting your privacy is getting harder, and whether or not it makes sense for Apple to start making their own Wi-Fi routers again.
A class action suit has been filed that accuses Apple's two-factor authentication of being too disruptive to users, taking too much time out of a user's day when it is needed, and abusive since it can't be rolled back to a less safe login method after 14 days.
Paying people when they report serious security issues with macOS and iOS is a good idea but two years on, it's still only done in a half-hearted, miserly way. That's damaging for Apple and it's damaging for us.
This week on the AppleInsider Podcast, Victor and William talk about digital data security and how protecting your privacy is getting harder, and what's going on with Apple Retail, now that Angela Ahrendts is leaving.
Following a report detailing the use of so-called "session replay" technology, Apple is informing developers that they need to disclose the implementation of analytics tools that enable screen recording or face a ban from the App Store.
A number of popular iOS apps paying data analytics services for so-called "session replay" technology have the ability to record and play back user interactions, often without asking permission, according to a new report.
Apple's shutting down all of Facebook's internal apps seemed like a big deal, but it's just business as usual for the social media company — violate agreements and trust, get caught, find another way to do the same thing and move on.
Apple has advised it has repaired a security hole in Group FaceTime that allowed users to listen in to others without their permission on its servers, with a software update to address the issue on iPhones and iPads arriving in the next week.
The recently-discovered Group FaceTime bug that allowed people to eavesdrop on other people without their permission has been worked around, and a fix is coming, but the UK's surveillance agency wants to use flaws like it as a feature, in order to more easily spy on targets.