Security

1,166 'Security' stories July 2011 - November 2018

Ben Lovejoy Nov 16 2018 - 5:23 am PT

A major security breach, reported by TechCrunch, has underlined the sense of Apple’s approach to two-factor authentication (2FA).

A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more.

The exposed server belongs to Voxox (formerly Telcentris), a San Diego-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-real-time stream of text messages …

Expand
Expanding
Close

Some iPhone users finding their Apple ID accounts have been inexplicably locked, requiring password resets

Benjamin Mayo Nov 13 2018 - 3:22 am PT

0 Comments

We haven’t quite yet worked out the pattern or the cause but we have received many reports of users waking up to find that their Apple ID has been locked, and plenty more are complaining on social media. Apple will lock accounts for many different reasons, usually when someone attempts to access an ID by entering their incorrect password too many times.

Access to the account can be restored by answering the security questions and entering a trusted phone number for validation. Users may also have to reset their passwords.

Expand
Expanding
Close

Apple confirms the T2 security chip in newer Macs prevents some third-party repairs

Chance Miller Nov 12 2018 - 3:44 pm PT

0 Comments

Last month, a leaked internal service document revealed that Apple’s T2 security chip can prevent some third-party repairs for Mac users. While details were unclear at the time, and it seemed as if the policy wasn’t necessarily in full effect just yet, Apple today confirmed its existence to The Verge.

Expand
Expanding
Close

PSA: Check your browser extensions as private Facebook messages exposed

Ben Lovejoy Nov 2 2018 - 5:25 am PT

0 Comments

Rogue browser extensions appear to be responsible for Russian hackers obtaining private messages from as many as 120 million Facebook accounts …

Expand
Expanding
Close

Security
T2

Apple security doc touts T2 chip benefits, including hardware prevention of microphone eavesdropping

Chance Miller Oct 30 2018 - 12:03 pm PT

0 Comments

Alongside its new hardware and software unveiled this afternoon, Apple has published a full security guide for its T2 security chip. The T2 is featured in the new Mac mini and Retina MacBook Air, and Apple is highlighting its many benefits in today’s security document.

Expand
Expanding
Close

PSA: The CoinTicker Mac app contains malware, probably to steal cryptocurrency

Ben Lovejoy Oct 30 2018 - 4:34 am PT

0 Comments

CoinTicker, a Mac app that displays the current price of Bitcoin and other cryptocurrencies in your menu bar, has been found two contain two separate pieces of malware …

Expand
Expanding
Close

Former Facebook security chief criticizes Apple’s privacy practices in China

Chance Miller Oct 24 2018 - 3:21 pm PT

0 Comments

On the heels of Tim Cook’s comments at a Brussels privacy event this afternoon, Facebook’s former security chief is criticizing Apple privacy practices in China. Alex Stamos, who served as Facebook’s chief security officer from 2015 through this year, took to Twitter to voice his concerns regarding Apple privacy in the country (via CNBC).

Expand
Expanding
Close

GrayKey iPhone box reportedly no longer able to unlock iOS 12 devices, law enforcement believes

9to5 Staff Oct 24 2018 - 1:00 pm PT

0 Comments

In 2017, a duo of security specialists: Braden Thomas, former Apple security engineer, and Justin Fisher, senior research scientist at Endgame, formed a highly secretive company known as Grayshift. They began selling a box which promised to unlock any password-protected iPhone.

Expand
Expanding
Close

Yahoo hit with $50m in damages, affected users able to claim $25/hour for lost time

Michael Potuck Oct 24 2018 - 9:11 am PT

0 Comments

It’s been a tough road for Yahoo over the last five years with multiple security breaches that have included 3 billion users. Now, the Verizon owned company is looking at paying out $50 million in damages along with offering affected users free credit monitoring.

Expand
Expanding
Close

Deep-dive tech analysis says Bloomberg spy chip claims are impossible at Apple

Ben Lovejoy Oct 23 2018 - 4:24 am PT

0 Comments

A tech consultant and journalist specializing in server hardware says that some of the Bloomberg spy chip claims are completely implausible, while others are simply impossible.

The analysis coincides with Amazon joining calls made by Apple and Super Micro for the magazine to retract its story …

Expand
Expanding
Close

Super Micro will conduct further Chinese spy chip review despite lack of evidence

Ben Lovejoy Oct 22 2018 - 5:48 am PT

0 Comments

Super Micro Computer has told its customers that it will conduct further checks into Bloomberg’s Chinese spy chip claims despite the lack of evidence.

The announcement follows Tim Cook’s call for Bloomberg to retract the story …

Expand
Expanding
Close

Apple apologizes for hacked Apple IDs in China, says account details were phished

Benjamin Mayo Oct 16 2018 - 5:28 am PT

0 Comments

Apple has apologized following a recent spate of account hacks in China. The company said ‘we are deeply apologetic about the inconvenience caused to our customers by these phishing scams’, which it said affected a ‘small number’ of user accounts.

Although details on exactly what happened have not been disclosed, Apple said that the affected accounts were not secured with two-factor authentication. This allowed criminals to phish for account credentials and then extract money using apps like Alipay, as reported last week.

Expand
Expanding
Close

Facebook details what information hackers accessed from 30 millions users

Michael Potuck Oct 12 2018 - 10:17 am PT

0 Comments

Two weeks ago, Facebook announced that a flaw with its “View As” feature allowed hackers to compromise up to 50 million accounts. Today, the company is out with more specific details on the security breach and has shared exactly what information was stolen and for how many users.

Expand
Expanding
Close

Facebook takes down fake accounts with millions of followers in run-up to US midterms

Ben Lovejoy Oct 12 2018 - 4:38 am PT

0 Comments

Facebook says it has taken down hundreds of fake accounts with millions of followers in the run-up to the US midterm elections …

Expand
Expanding
Close

NSA denies spy chip claims, FBI says it’s not allowed to

Ben Lovejoy Oct 11 2018 - 4:16 am PT

0 Comments

The weight of evidence that Bloomberg’s spy chip claims were based on a misunderstanding continues to grow.

An NSA spokesperson has said that the story had people ‘chasing shadows’ and even with the ‘great access’ the organization has to secret information, it can still find no evidence to support Bloomberg’s claims …

Expand
Expanding
Close

Chinese spy chip story rumbles on as senators demand answers from Supermicro

Ben Lovejoy Oct 10 2018 - 4:28 am PT

0 Comments

The Chinese spy chip story continues, despite all the denials and signs suggesting that Bloomberg simply got it wrong.

A bipartisan pair of senators have written to motherboard supplier Supermicro acknowledging that the company has denied the claim, but nonetheless seeking answers to eight questions …

Expand
Expanding
Close

One of Bloomberg’s sources told them Chinese spy chip story “didn’t make sense” [U]

Ben Lovejoy Oct 9 2018 - 2:01 am PT

0 Comments

Bloomberg said that its sources were key to its decision to run the Chinese spy chip story, the site writing that ’17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks.’

However, one of the named sources – a security researcher who seemingly backed the claims – has said that his comment was taken out of context, and he actually told the site that what it was describing to him “didn’t make sense” …

Expand
Expanding
Close

Comment: Four more reasons it’s now inconceivable Apple lied about Chinese spy chips

Ben Lovejoy Oct 8 2018 - 4:49 am PT

0 Comments

I wrote an opinion piece on Friday outlining the five reasons I believe Apple, not Bloomberg, about the Chinese spy chip story.

It’s a friend-of-a-friend story. The technical arguments suggest it didn’t happen in the way Bloomberg says it did. Apple’s denial appears unequivocal. The company has ruled out the gag order theory. And, if it were true, there would be no reason now not to come clean about it.

Since then, four further reasons to believe Apple have emerged …

Expand
Expanding
Close

Senior Apple execs deny allegations of iCloud server Chinese ‘spy’ chips in new report

Chance Miller Oct 6 2018 - 8:45 am PT

0 Comments

Following a string of denials from the company itself, “multiple senior Apple executives” have now spoken to BuzzFeed News regarding Bloomberg’s puzzling story alleging server infiltration by a Chinese spy chip. The executives, who spoke under the condition on anonymity, strongly denied the story to BuzzFeed and offered more details on the internal Apple investigation.

Expand
Expanding
Close

Apple’s retired legal chief further confirms Apple has ‘never heard of’ these Chinese server spies

Peter Cao Oct 5 2018 - 2:56 pm PT

0 Comments

Over the past day or so, Bloomberg reported that some of Apple’s servers were compromised by way of a third-party implementing micro chips, and sending data back to China. Apple came back with a strong response noting that it was never made aware of such accusations nor did it have any ongoing investigations with the FBI or law enforcement.

Expand
Expanding
Close

GCHQ, the UK’s equivalent of the NSA, says it believes Apple’s denial of spy chip claim

Ben Lovejoy Oct 5 2018 - 6:23 am PT

0 Comments

Britain’s equivalent of the NSA, GCHQ (Government Communications Headquarters), has sided with Apple and Amazon in the Chinese spy chip row …

Expand
Expanding
Close

Apple continues denial of Chinese server spy infiltration with new statement

Peter Cao Oct 4 2018 - 1:26 pm PT

0 Comments

Earlier today, Apple issued an incredibly strong denial in response to a report from Bloomberg, which alleged that Apple and a handful of other tech companies had some data compromised due to Chinese surveillance chips being found in a Super Micro server. The report noted that these chips were found on Apple’s servers sometime around 2015.

Following its earlier statement on the report, Apple has now published a press release on its website detailing what actually happened as it continues to deny the allegations.

Expand
Expanding
Close

Apple strongly refutes report that it found Chinese ‘spy’ chips in iCloud servers

Benjamin Mayo Oct 4 2018 - 3:33 am PT

0 Comments

Bloomberg has today published a report claiming that companies including Amazon and Apple found Chinese surveillance chips in their server hardware contracted from Super Micro. Bloomberg claims Apple found these chips on its server motherboards in 2015. Apple is strongly refuting this report, sending out press statements to several publications, not just Bloomberg.

In a statement to CNBC, Apple said ‘we are deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed.’.

Expand
Expanding
Close

PSA: Update Telegram for Desktop macOS app to avoid your IP address being exposed

Ben Lovejoy Oct 1 2018 - 4:35 am PT

0 Comments

Telegram’s macOS desktop app has been leaking both public and private IP addresses while making voice calls. The same flaw was present in Telegram for Desktop on other platforms, as well as in Telegram for Windows …

Expand
Expanding
Close