As first promised back in August, Apple’s bug bounty program is now open to all.
It was previously an invitation-only initiative, which attracted criticism as it incentivized non-invitees to sell vulnerability details to companies and governments who would exploit them to gain unauthorized access to Apple devices…
Apple has released its 2019 Security guide that covers the company’s efforts across a variety of levels including hardware security and biometrics, encryption and data protection, as well as app, services, and network security.
All users are advised to update WhatsApp, as older versions have a vulnerability that could see a single message wipe out your group chats…
Apple has defended its policy of using strong iPhone encryption such that not even the company can gain access to the personal data stored on devices.
The company struck to its privacy guns despite the Senate Judiciary Committee chairman issuing a threat against Apple and other tech giants…
This week we learned that the iPhone 11 Pro still tracks location data even when users have turned the features off. Apple gave a limited response saying that “We do not see any actual security implications,” and that it was working as intended. However, now Apple has followed up with more details about why the iPhone 11 Pro is doing this and that it will include a toggle in an iOS update to stop location tracking totally.
Intel chip security flaws that affect all Macs, as well as Windows and Linux machines, still exist, say security researchers – despite the chipmaker’s claims to have fixed them. Similar flaws were found and patched in ARM processors, but there is no suggestion at this stage that further issues remain in these.
The ‘fundamental design flaw’ in Intel’s CPUs came to light last year, with the security vulnerabilities dubbed Spectre and Meltdown. They would allow an attacker to view data in kernel memory, which could span anything from cached documents to passwords …
Apple released the second developer beta of iOS 13.3 today and one of the changes includes Safari support for NFC, USB, and Lightning FIDO2-compliant security keys.
Web designer Joshua Maddux has found the iOS Facebook app activating the iPhone camera while scrolling his feed. He found the same issue on five separate devices, with others able to replicate. The same issue does not appear to be present in the Android app.
Maddux posted a video (below) showing the behavior…
A recently discovered vulnerability in the macOS Mail app caused by Siri that currently affects Catalina and the previous three releases means that users’ encrypted emails actually aren’t. While Apple is working on a fix for the bug, read on for more details about the issue and a couple of workarounds to solve the problem now.
A new laser-based hack discovered for devices with MEMS (micro-electro-mechanical systems) microphones makes iPhone, HomePod, Google Home, Amazon Echo, and more vulnerable to line of sight attacks from up to several hundred feet away.
Facebook is suing an Israeli company for a WhatsApp hack which allowed various governments to spy on more than 1,000 users, reports Reuters. The attack was made possible by a security vulnerability in the app, later fixed.
WhatsApp sued Israeli surveillance firm NSO Group on Tuesday, accusing it of helping government spies break into the phones of roughly 1,400 users across four continents in a hacking spree whose targets included diplomats, political dissidents, journalists and senior government officials…
If you receive an email purporting to be from Adobe, be careful even if it does contain information which only you and Adobe should know. Millions of Creative Cloud accounts had their details exposed for around a week…
Apple has confirmed that 17 malware iPhone apps were removed from the App Store after successfully hiding from the company’s app review process.
The apps were all from a single developer but covered a wide range of areas, including a restaurant finder, internet radio, BMI calculator, video compressor, and GPS speedometer …
The Apple Watch could completely replace passwords and one-time codes, thanks to a new form of authentication being touted as a way to “solve the world’s password problem.”
I’ve argued before that passwords are horrible…
In a report from professor and cryptographer, Matthew Green today, concerns were raised about Apple sharing users’ browsing data to the Chinese company, Tencent. Now Apple has offered an official response, reassuring users that actual URLs aren’t shared with third-parties.
Last week we heard from a reader who experienced a fraudulent charge coming from a clone of his Apple Card. It was a good reminder that even with its security focus and lack of printed numbers, the physical Apple Card is just as susceptible to skimming and cloning as any other credit or debit card. Now we’ve heard from another reader who just had a fraud issue with Apple Card, but more surprising, he says he’s never used the physical titanium Apple Card.
A zero-day vulnerability in iTunes and iCloud apps on Windows PCs enabled attackers to install ransomware without triggering antivirus protections. Ransomware encrypts the entire hard drive or SSD with a key known only to the attacker, enabling them to demand a ransom to decrypt the machine…
Apple Card arrived with a number of unique selling points like a super-fast application and approval process, no fees, Daily Cash, and strong security and privacy focus. But even though the physical titanium card doesn’t have any numbers or any other information besides a user’s name, it looks like it is still susceptible to credit card cloning just like any other credit or debit card.
Instagram is rolling out a really neat way for users to identify phishing scams. If you receive an email claiming to be from the company, you can easily check in the app…
Law enforcement agents in New York City have been able to crack iPhones in-house since January 2018 — some 18 months before the capability was revealed by the company supplying the technology.
It was June 2019 that Israeli forensics firm Cellebrite announced that its “new” UFED Premium product would, for the first time, allow customers to unlock iPhones in their own offices, rather than have to send them to the company’s own labs. But a new report today found that the product has been in use for far longer than this…
More than a billion scam popup ads were served thanks to bugs in Apple’s WebKit and the open-source Blink frameworks which power Safari and Chrome on iOS and macOS…
Even though just Apple released iOS 13.1 to fix some issues with iOS 13 just today, the company has shared another bug that it will fix with an upcoming software update. For now, third-party keyboards may have full access to what users are typing even if they denied the app’s permission.
Apple has iOS 13.1 ready for release tomorrow to fix some performance and reliability issues with iOS 13 but we’ve also heard two reports of what users think could be an iOS 13 payment method security flaw.