SecurityApple’s head of Security Engineering and Architecture made the announcement (which everyone is by now well aware of) about their soon-to-be-implemented bug bounty program at Black Hat 2016. Krstic expanded upon the parameters of the program in greater detail. Apple is offering cash payouts of varying amounts, depending on type of vulnerability discovered:
SecureBoot firmware components – Up to $200,000
Extraction of confidential material protected by the Secure Enclave Processor – Up to $100,000
Execution of arbitrary code with kernel privileges – Up to $50,000
Unauthorized access to iCloud account data on Apple servers …
August 30, 2016 •
3 min read
SecurityThose of you with a small or home business probably use your laptop or personal computer to send invoices, receive transactions, and deal with incoming or outgoing mail related to running your company. If that’s the case, there’s probably plenty sensitive information passing through your computer, and you need to ensure that it’s well protected.
For the Mac users out there, you might have heard that Macs are naturally less susceptible to viruses, hacks and other security breaches than PCs. And at some point in the past, that may have been …
August 30, 2016 •
5 min read
SecurityYou’ll recall that Apple recently got into a row with four large Australian banks (Bendigo and Adelaide Bank, Commonwealth Bank, NAB, and Westpac) over Apple Pay and their NFC (near field communication) mobile payment hardware. For those who are unaware, Apple Pay allows iPhone and Apple Watch users to make convenient, contactless retail payments at various outlets instead of a credit or debit card. The banks joined forces to resist signing deals to use Apple Pay, and (from Apple’s perspective at least) stifle their ability to compete. In a formal …
August 29, 2016 •
3 min read
SecurityYou’re browsing the Internet, and you take a glance up at the address bar. What do you see? In most cases, the first characters in the URL of the website you are looking at will be “HTTPS.” HTTPS, or HTTP Secure, is the most secure version of Hypertext Transfer Protocol. This protocol allows for communication over a computer network, with said communications encrypted by either Transport Layer Security (TLS) or Secure Sockets Layer (SSL). On the Internet, HTTPS allows for private and safe exchange of data between a website …
August 27, 2016 •
3 min read
SecurityiPhone and iPad users should update to the latest version of iOS as soon as possible, following the latest security update from Apple. The new patch—iOS 9.3.5—arrived on Thursday, August 25th and was dubbed by Apple as an “important security update.” It addresses dangerous malware that was recently developed in the Middle East.
Writing for ZDNet, Zack Whittaker noted that iOS 9.3.5 is a patch for three different malware vulnerabilities, not just one. Working together, security researchers Citizen Lab and Lookout discovered the vulnerabilities and notified Apple about their existence. Lookout …
August 26, 2016 •
3 min read
SecurityTaking a page from the playbook of a number of other high-profile companies, Apple intends to implement a bounty program to enlist the aid of third parties in tracking down and eliminating bugs in their software. Recently, The Verge reported that Apple would, at last, join the ranks of the other tech giants currently offering cash-for-bugs and that the program would take off sometime in September. Though the company has long maintained a tip line, this would be the first time they are explicitly sanctioning money in exchange for sniffing …
August 18, 2016 •
3 min read
SecurityiOS 9 has received yet another update – this one designed to tackle recently discovered security flaws – CNET reports. This marks the fourth update to iOS 9.3 (which was released in March). It is also speculated to be the last update to iOS 9.3, as iOS 10 is slated to be released next month. You may be thinking, “what gives?” as this update was released suddenly, and without the numerous rounds of beta testing and public review that iOS 9.3.3, entailed. Interestingly, this update is also devoid of …
August 17, 2016 •
3 min read
SecurityLas Vegas, NV, August 16, 2016 – SecureMac, one of the key contributors in the Mac security world, today announced the results of a recent customer survey in which respondents answered questions regarding the security associated with their Mac as well as their experience with MacScan software. The survey received more than 500 responses from existing MacScan software users.
Of the customers surveyed, 72% own two or more Macs and 94% own two or more Apple devices (iPhone, iPad, Mac, etc.). Further, 79% of customers have been Mac users for over …
August 16, 2016 •
3 min read
SecurityWhatsApp, the popular cross-platform messaging program, may have a security flaw. That security flaw might also be present in Apple’s iMessage feature. This is according to security researcher Jonathan Zdziarski, via a post on his blog Zdziarski’s Blog of Things on July 28th. First, a bit of background. You’ll recall from a few months ago that WhatsApp introduced new encryption protocols for communications sent via the app. The so-called “end-to-end encryption” was implemented in an effort to secure user privacy and ensure that no individuals or groups could access the …
August 15, 2016 •
2 min read
SecurityThree years ago, Edward Snowden turned the United States upside down by leaking information about NSA spying programs to the press. The leaks gave American citizens an unprecedented view of the tactics that the government employs to track and monitor their private lives. In the wake of the leaks, Snowden was labeled as a traitor to the United States.
Currently, Edward Snowden is living in exile in Russia. However, that fact hasn’t kept him from being a near-consistent presence in the headlines. This fall, he’ll be the subject of a new …
August 3, 2016 •
3 min read
SecurityThe Little Snitch app is an application firewall that is great for monitoring and controlling how the apps on your Mac can connect to and use the internet. However, according to a recent report from Threatpost, the application might be vulnerable itself. Discovered by researcher and hacker Patrick Wardle, the vulnerability is a local escalation of privileges issue. If exploited, the issue could allow malware programs or local users to gain root privileges on a target computer.
Root privileges, of course, are dangerous for how much control they can give hackers …
August 2, 2016 •
2 min read
SecurityEffective August 1, 2016, support for MacScan 2 software has officially ended.
This means that SecureMac is no longer providing technical support or malware definition, tracking cookie blacklist, or program updates for MacScan 2. We have been strongly encouraging existing users of MacScan 2 to consider upgrading to MacScan 3 for ongoing protection.
The five-star ratings and feedback MacScan 3 has generated from the thousands of customers who have already upgraded has been incredibly positive. Most users share the same sentiment that the new software is easier-to-use, extremely fast …
August 1, 2016 •
2 min read
SecurityAs always, Apple unveiled a slew of intriguing new announcements at their annual Worldwide Developers Conference in June. Among the headline-worthy revelations were the new versions of the Apple Watch, an overhauled Apple Music app, and the “raise and wake” feature of iOS 10. Perhaps the most surprising thing about the conference concerned what was under the hood for iOS. Specifically, Apple has decided to leave the kernel of their mobile operating system unencrypted.
For those who are unfamiliar with the terminology, a “kernel” is considered an operating system’s …
July 27, 2016 •
3 min read
SecurityApple recently released the latest round of security updates for all of its operating systems and key software programs. The updates all hit the web on July 18th and are officially available for download as we speak. Here’s a brief rundown of each update, what it includes, and why you should make a point to install it ASAP.
OS X El Capitan v10.11.6 and Security Update 2016-004: Apple’s rundown of security fixes for El Capitan should be more or less familiar to anyone who has ever read the notes …
July 21, 2016 •
3 min read
SecurityLas Vegas, NV, June 28, 2016 – SecureMac, one of the key contributors in the Mac security world, today announced the launch of its Affiliate Partner Program in conjunction with FastSpring. The new program allows qualified affiliates the opportunity to partner with SecureMac and earn generous affiliate commissions on sales of its award-winning products, PrivacyScan and MacScan 3, sold through SecureMac.com including the single and family pack options. The FastSpring affiliate program is powered by Impact Radius and is easy to join and incredibly simple to implement and manage.
June 28, 2016 •
2 min read
SecurityUsers of Apple’s AirPort base station should make a point to install the recently released firmware update. The update, Firmware Version 7.6.7 and 7.7.7, corrects a vulnerability with DNS data parsing that resulted in memory corruption. The vulnerability could also have allowed for arbitrary code execution. So far, there have been no reports about anyone exploiting this particular vulnerability. However, just to be safe, AirPort users should install the firmware update as soon as possible.
DNS data parsing is a key feature of wireless routers. DNS stands for domain …
June 27, 2016 •
2 min read
SecurityIf you’ve been using computers for long enough, the chances are pretty good that you, a friend, or a family member has been a victim (or almost-victim) of a technical support scam. There are many variations of these scams. Sometimes, your computer screen might get inundated with pop-up ads telling you that you’ve been infected with a virus and that you should call the phone number provided for “technical support.” In other situations, you might just get a phone call from a “tech support” specialist, telling you that your …
June 8, 2016 •
3 min read
SecurityIf you haven’t updated your Apple devices in the past month, now would be a good time. On May 16th, Apple unveiled security patches for not just one of its operating systems, but for all of them. Last Monday, Apple unveiled security patches for not just one of its operating systems, but for all of them. The patches represented the first across-the-board updates that Apple has released for its operating systems since March 21st.
These patches apply to OS X El Capitan and iOS, as well as to the …
June 7, 2016 •
3 min read
SecurityFor years, Apple has been using Intel processor chipsets to power its Mac computers. According to a recent article from Computerworld, those days could soon come to an end. The author cited the words of technology analyst Ben Bajarin, who suggested that Apple’s dedication to “security and encryption” would push the company away from using Intel chips in Mac machines.
Bajarin may have a point. Apple may count on Intel for its Mac processors, but the company produces its own chipsets for the iPhone and the iPad. The current …
June 6, 2016 •
2 min read
SecurityWith the rapid pace of technological development, we’re becoming increasingly concerned for our privacy in all areas of life, particularly when browsing the web. In part one of this article, we took a look at the specific information and data stored by our web browsers.
In part two, we’re going to look at the privacy and security implications of having all of this data stored on our computers.
How Does This Affect You?
Much of our stored data seems pretty innocuous, with the obvious exception of web browsers with …
June 4, 2016 •
4 min read