Versatile Hacking Tool Ported to the Mac Could Pose Risks to Users

Security researchers use many tools to conduct their work; in many cases, the best way to test a system is to try to break in, because it allows one to identify all the weaknesses and potential inroads a real hacker might exploit. These tools aren’t secret, though, and often they are used for legitimate purposes just as often as illegitimate ones. One such tool, known as the Metasploit Framework, allows researchers to probe networks and systems for many kinds of security holes using a variety of tools. Of course, …

Researchers Warn of a Vulnerability in Email Encryption Standards

Email encryption is supposed to make the content of your emails safer, but according to a team of nine academic researchers, two of the most widely used encryption standards might be doing the opposite.

In a tweet sent on May 14, 2018, Sebastian Schinzel, a professor of computer science at Germany’s Münster University of Applied Sciences, said his team was about to publish information about “critical vulnerabilities” in OpenPGP and S/MIME. OpenPGP is the most widely used email encryption standard in the world. S/MIME, meanwhile, is a public …

New European Privacy Laws Have Ripple Effect on Online Privacy

The General Data Protection Regulation, or GDPR, is a new set of European Union rules that govern the ways businesses and online organizations treat user information, in particular the data belonging to EU citizens. The GDPR introduces a wide range of regulations, chief among them new restrictions on how third parties can process, store, and handle user information.

Checklist 89: Router Rundown

There are some items of technology in our lives that are so standard and ubiquitous because of how fundamental they are to the way things work that it’s very easy to take them for granted. Because we don’t pay a second thought to these things, we also quickly get stuck in security pitfalls and fall for traps that play on the fact that we don’t know or think very much about them. For example, have you ever really thought much about your router? With so many connected devices in …

Apple Supplements macOS Security Update to Address Wide-Reaching Flaw

Only a few weeks after the recent release of macOS High Sierra 10.13.4, Apple has amended the update by publishing an additional fix under this version number. Addressing a new flaw described as “serious” by the security community, the supplemental version of 10.13.4 addresses a problem in Intel CPUs discovered near the end of April that affects a broad number of devices, including Windows and Linux machines. However, unlike the Spectre and Meltdown flaws that caused much concern due to their so-called “unpatchable” nature, there is a way to …

Checklist 88: GrayKey’s Anatomy

How do you unlock your iPhone when you need to use it? Apple gives us a ton of options when it comes to keeping our information safe from prying eyes and unwanted intruders, from PINs to our fingerprints and our faces. Apple’s commitment to empowering users to take control of their privacy and security, though, has sometimes been the source of very public friction between the tech giant and law enforcement agencies such as the FBI. When Apple won’t help by providing a backdoor into user data, what option …

Checklist 87: The Anatomy of a Data Breach, Part 2

Welcome to Episode 87. Last week, we took an in-depth look at data breaches: from how they happen to a few of the biggest ones, and of course, what you can do to protect yourself when a big company loses your data, we covered a lot of ground in that show. We’ve got further to go still, though!  This week we’re continuing with our look into data breaches by turning our attention to the business side of things. These breaches don’t happen randomly, and how a company responds to …

Checklist 86: The Anatomy of a Data Breach, Part 1

During the course of your day, buy things, like gas, food, & lodging. Do you pay cash for all those things — or do you try to go back in time and operate on the barter system? Even if you do most of your business in day to day life with cash, chances are there are still at least some occasions when you pull out a card. For many more of us, debit and credit cards are an essential and irreplaceable part of daily life. Some restaurants, for example, …

Checklist 85: Facebook Follies

When you log on to Facebook, do you still feel like you’re having fun? The social network used to be an awesome place to reconnect with old friends and keep in touch with family. Today, more people than ever are choosing #DeleteFacebook.

While Facebook is a free service in theory, since no one pays to sign up for an account, it turns out the real costs are much higher than any subscription fee. From the Cambridge Analytica story we reported on recently to even more unwelcome news about privacy …

Checklist 84: Machine learning. Deep learning. Neural networks. Artificial...

Machine learning. Deep learning. Neural networks. Artificial intelligence… it’s starting to feel like we’re in an Isaac Asimov novel! For this week’s episode of The Checklist, we’re diving in to the latest ways computers and technology are being trained to complete complex tasks, make inferences, and do more overall. From Google training computers to identify specific objects in images to the way anti-malware software figures out how to detect and stop new variants, there are plenty of cool applications for this innovative technology. However, there are some pretty creepy things …

Latest Round of Apple Security Updates Includes iOS 11.3

After more than a month since the last big “patch day” for Apple products, the Cupertino company has now released to the public a new slew of updates that bring with them both new features and enhanced security. Covering everything from a new and essential update to iOS to important bug fixes in macOS, watchOS, and even Apple’s Xcode, these patches slam shut several open doors hackers might use to wreak havoc. Overall, these patches contain more than 90 fixes. Here’s a quick breakdown of what you can expect when …

Checklist 83: More Security Fails

It’s that time again — time for us to pull back for a “big picture” look at some of the big missteps in computer security over the recent weeks and months. Some of today’s stories relate to Apple, some don’t, but all of them fall into the category of a classic “security fail.”

Checklist 82: Security threats targeting macOS and iOS

Malware and vulnerabilities have roared in early in 2018. On this week’s Checklist by SecureMac, three hazards and two helpers about which you should know.

SecureMac Tackles Tough Privacy Concerns with PrivacyScan 1.9.4

Las Vegas, Nevada — Concern for personal privacy in the digital world is at an all-time high, and with prominent stories about data breaches and leaks on the rise, users are right to want to take better control of their data. However, Mac users today must often engage in a battle with their own web browsers to maintain their privacy.

To help win that fight, SecureMac has released the latest update to PrivacyScan, version 1.9.4. This refresh brings important bug fixes to the software for improved usability and navigation. …

Police Can Now Access iPhone Data Using a Secretive Piece of Hardware

For several years now, a fierce debate has raged over how much access law enforcement organizations (LEOs) should be able to have to the mobile devices of those suspected of a crime. The issue made nationwide headlines after the San Bernardino attacks in 2015, when the FBI grappled with how to break into an iPhone used by one of the perpetrators. While the FBI did eventually retrieve device data by utilizing an unknown group to gain access to the phone’s encrypted contents, law enforcement agencies, in general, have maintained that they must have a “backdoor” to access info secured by your iPhone passcode. Apple has steadfastly refused to give in to such demands, but it appears that for now, those refusals don’t matter: LEOs can now use a pricey piece of hardware called GrayKey.

Checklist 81: Facebook’s Privacy Failures Leave You in the Cold

If you’ve been listening to the news recently, you’ve probably heard the name “Cambridge Analytica” come up — and all kinds of stories about the data firm’s former executives claiming they could manipulate and intimidate large numbers of people with crafted, targeted social media content.

Some Apps on the Mac App Store Are Mining Cryptocurrency

The wave of cryptocurrency miners taking the place of common malware continues in 2018 unabated, and it appears every week we encounter another story about a website running surreptitious miners or a company looking for ways to use your CPU resources. As Mac users, we should be safe from those when we’re downloading validly signed apps from the Mac App Store, right? As it turns out, no — not all the time, unfortunately. In fact, it appears that Apple let an app with a Monero miner slip right through …

The Checklist 80: Digital Legacies

For all our listeners of The Checklist, it is no secret that we are strong advocates for security. Usually, we come on this show to talk about how to secure your digital life and keep unauthorized individuals from snooping through your information. Security is important, and in just about every situation, it’s not just desirable — it’s necessary. There is one unfortunate scenario, though, when it quickly causes problems: when you’re not around anymore to enter your password or walk through the reset process.

On today’s show, we’re thinking about the …

Checklist 79: Cryptocurrency and Your Web Browser

Last year, we visited the subject of Bitcoin and the technology behind it, the blockchain, in Episode 59 of The Checklist. In just a few short months since that episode, the price of one Bitcoin exploded, hundreds of new cryptocurrencies appeared, and company after company seems to be jumping on the bandwagon. By the way—you’re now listening to The Blockchain Checklist by SecureMac!

We’re only kidding — but blockchain and cryptocurrency are a bigger deal than ever before, and while it may excite investors, these technologies are also beginning …

The Checklist 78: The Perils and Pitfalls of Old Software and Hardware

In the time since we started The Checklist, we’ve reported on and discussed a variety of stories that, time and time again, come back to the same foundation: hackers breaking into the computers in our homes and businesses by exploiting weaknesses in old hardware or software. While not everyone can always afford to keep their computers upgraded to the latest, greatest hardware, there are many reasons users may want to or need to run old programs on old machines.

On today’s episode of The Checklist, we’re looking at the risks inherent …