Google security researchers have discovered six so-called ‘zero interaction’ iOS vulnerabilities – bugs that can allow an attacker to take control of the phone without the user having to do anything other than receive and open a message.
Five of them have been fixed in iOS 12.4, but Apple has not yet been able to completely close the sixth one …
The team behind the open source ConfirmedVPN that launched last December is out today with another security-focused app for iOS called Lockdown. The new free app is what the developer says is the first open source firewall and works completely on device to block apps from crypto mining, sharing data with Facebook, and can block custom domains as well.
A Bluetooth flaw has been discovered that would allow a bad actor to track a wide range of devices — including iPhones, iPads, Macs, and Apple Watches.
Other vulnerable devices are laptops and tablets running Windows 10, and Fitbit wearables. Android devices are, however, not at risk …
US Senate Minority Leader Chuck Schumer (D-NY) has officially called on the FBI and FTC to investigate FaceApp, citing national security concerns.
The controversy over FaceApp, which allows users to choose a photo and then have the app make them look younger or older, began with what turned out to be a false alarm…
Update: Apple is pushing a new security update to remove these webservers too.
The Mac webcam hijack flaw discovered in the Zoom video conference app is also present in RingCentral and Zhumu.
The evidence also suggests that the same vulnerability will exist in other Mac video conferencing apps …
At the Black Hat security conference in August, a lead Apple security executive will offer new details on iOS 13 and macOS Catalina. The talk will run for 50 minutes and is entitled “Behind the Scenes of iOS and Mac Security.”
Can smart home devices get viruses? There’s been a lot of talk about the idea of IoT (Internet of Things) devices being infected by viruses, not least because Samsung this month recommended scanning its QLED televisions for viruses every few weeks.
Security experts from Avast and Symantec have set out to separate fact from fiction. They say that while a virus isn’t impossible, it is extremely unlikely – but there are four other ways the security of your smart home can be compromised, and we outline some simple steps you can take to reduce the risks …
A macOS Gatekeeper vulnerability discovered by a security researcher last month has now been exploited in what appears to be a test by an adware company.
Gatekeeper is designed to ensure that Mac apps are legitimate by checking that the code has been signed by Apple. Any app failing that check shouldn’t be allowed to install without the user acknowledging the risk and granting explicit permission to proceed …
The latest Apple ads carry messages aimed to showing the company caring for both consumers and the planet.
There are three short video ads, each just 16 seconds long, and you can watch each of them below …
Instagram account recovery will be a much easier process thanks to a new in-app process announced by the company.
Currently, if you get locked out of your account, the recovery process is a manual one …
The Israeli forensics firm Cellebrite revealed this week that it now has the ability to unlock any iOS device that’s running up to iOS 12.3. The firm made the announcement on Twitter, touting a new version of its Universal Forensic Extraction Device.
Apple announced its upcoming single sign-on service “Sign in with Apple” at WWDC last week and it’s received quite a bit of attention, including concerns about a requirement to include the Apple offering if an app offers a login with a Google or Facebook option. Today, The Verge has shared an interview with Google’s product management director covering the company’s own SSO feature, how he feels about Apple’s entrance to the space, and more.
A new report today from The Wall Street Journal takes another look at the growing problem of how apps are sharing user data with third-party companies without user knowledge. While this happens on both iOS and Android, the report focuses on iPhone since Apple has strong beliefs about privacy. While the company hasn’t announced anything official, WSJ sources have said that Apple is going to tighten up app privacy soon, starting with kids’ apps.
Apple, Google, Microsoft and 44 other organisations and security experts have signed an open letter condemning a proposal to secretly add law enforcement organizations to encrypted chats and calls.
The proposal by GCHQ – Britain’s equivalent of the NSA – seeks to provide an encryption workaround that would breach privacy and security in apps like Messages, FaceTime, WhatsApp and Signal …
Apple’s commitment to customer privacy includes extreme testing of Secure Enclave chips inside a top-secret lab, reveals a new report today.
The tests include ensuring that the chips remain secure even when subjected to extreme temperatures, whether low or high …
As expected, a second teenager who hacked into Apple servers and downloaded internal company documents has also been granted probation by an Australian court. It follows the same outcome for his fellow hacker last year.
The first teen was 16 years old at the time the attacks began, while the second was even younger, at just 13 …
Multiple Snapchat employees spied on users by misusing internal tools, accessing such information as location, phone numbers and their own saved Snaps.
The tools are supposed to be used to help the company fight spam and abuse, and to comply with law enforcement requests, but many staff have access and are abusing it, say former employees …
Following the announcement of new speculative execution exploits that target Intel CPU architecture, Apple has posted a new document on its website that explains how customers with computers that are ‘at heightened risk’ of attack can enable full mitigation. Full mitigation is not enabled by default as it is probably an excessive amount of security for the average user, and it comes with big performance penalties.
In its tests, Apple recorded up to a 40 percent drop in performance with full mitigation activated. This is because enabling MDS protection involves disabling hyper-threading entirely, and adds additional barriers when the processor switches contexts.
Facebook Live restrictions have been introduced in response to the New Zealand terrorist attack, when the gunman live-streamed footage of the shootings, making good on a promise made back in March …
Last fall, Facebook discovered a major flaw with its “View as” feature which saw security tokens for 50 million accounts stolen. Facebook has today announced its security review of the incident is complete and has brought back the View as Public feature in addition to adding a quick button to “Edit Public Details.”
While there has been lots of talks about regulating Facebook and the tech industry as a whole, there’s so far been no real action. Now Facebook’s cofounder, Chris Hughes has published an opinion piece today in The New York Times, making the case for why Facebook needs to be broken up. But beyond that, he believes we need a new government agency to handle the growing tech regulation issues. Read on for the five main reasons Facebook’s cofounder believes the platform needs to be broken up.
Smart home devices are ‘creepy’ according to the majority of people who own them, based on an Ipsos MORI poll. Two-thirds of US owners of smart home gadgets bought them despite this feeling.
The take-away appears to be that consumers consider the convenience to outweigh privacy concerns …
Evernote’s Mac app had a vulnerability that could have allowed an attack to remotely launch malicious code …