AppleAlongside Apple’s recent updates to macOS Sierra and OS X El Capitan to address the Spectre and Meltdown vulnerabilities, the final week of January also saw the release of a variety of other incremental updates for most of Apple’s products. Typically, Apple does not disclose detailed descriptions of the security vulnerabilities they fix in these updates, preferring to speak in vague terms to avoid exposing attack vectors that are still open on un-patched systems. However, we do know a little about what went into some of these updates besides …
February 2, 2018 •
2 min read
Apple“Is Apple getting sloppy?”
That was the headline of a BBC article published on Wednesday, November 29th, 2017, reporting the discovery of a major security issue in Apple’s MacOS High Sierra operating system. It seems that a bug within the OS made it possible for anyone to access a High Sierra computer by exploiting a simple login loophole.
Usually, when you login as a user on a Mac, you must enter your username and password. On machines running High Sierra, though, it was possible to enter “root” as the username, …
December 1, 2017 •
3 min read
AppleWhen is your phone able to take a picture? Put that question to the average user and chances are they will say something about having the actual camera viewfinder on screen. Whether it’s from the default camera app, Instagram, or Facebook, we all expect that the camera isn’t at work when we can’t see ourselves on the screen. As one Google researcher, Felix Krause, recently uncovered, however, that is not actually the case. In fact, when users grant permissions to apps for the use of the camera, it turns …
November 3, 2017 •
2 min read
AppleThe latest round of Apple security updates arrived on Halloween, delivering everything from iOS 11.1 to updates that affect macOS, watchOS, and more. As is often the case with large patch days, these updates address a wide variety of security flaws affecting different parts of the systems in question. From WebKit vulnerabilities to memory handling issues on the Apple Watch and in macOS, Apple squashed plenty of bugs with this batch of updates. Perhaps one of the most important issues addressed in this round of updates, however, is Apple’s …
October 31, 2017 •
2 min read
AppleEvery time a new version of Apple’s operating system arrives, every tech-focused publication on the Internet does a deep dive on the new key features. Occasionally, though, cool bells and whistles go overlooked. Such is the case with the macOS Keychain Access application, which, in addition to storing passwords and account information, can also be used to store and secure sensitive data.
Keychain Access gives users the option to store what it calls “Secure Notes,” alongside passwords and other valuable data. Say you need to store something like a …
August 11, 2017 •
3 min read
AppleIn mid-May, while the world was waking up to deal with the chaos caused by the WannaCry ransomware spreading over the web, Apple was making its users safer again. Released on May 15th, a new set of patches dropped for iOS, macOS Sierra, and both the El Capitan and Yosemite version of OS X. So many different fixes were implemented that it would be difficult to cover exactly what each of them accomplishes. However, of particular note in this update is the fact that ethical hackers previously identified more …
June 29, 2017 •
2 min read
AppleWhen Apple revealed its long-awaited refresh of the MacBook line last year, the Touch Bar was touted as a major selling point. By incorporating the same sensor technology already present in the iPhone, Apple said that a wide variety of new applications were available. From rapid online purchasing to using your fingerprint to unlock your Mac, it attracted plenty of attention. Apple even discussed its efforts to secure the Touch Bar, since protecting user biometric information and payment data is of obvious importance.
However, a recent hack of …
March 30, 2017 •
2 min read
AppleOn March 7th, WikiLeaks entered the news and made waves again by releasing almost nine thousand documents they claimed came from within the US Central Intelligence Agency. Contained in the leak was a vast range of information about the CIA’s intelligence gathering practices regarding technology. The revelations included information that the agency had undertaken spying efforts through exploiting vulnerabilities in various technologies, including some “smart” TVs and mobile operating systems. Also, contained within the documents, however, were fourteen previously undisclosed flaws in iOS. Through these flaws, an attacker could …
March 21, 2017 •
2 min read
macOSA brand-new type of malware affecting Macs is in the wild, and this time there are definite signs of development in conjunction with a foreign nation. Designed (albeit rather poorly) to look like a Flash update, this malware, dubbed MacDownloader, is a unsophisticaed attempt to glean user passwords. Uncovered by security researchers after the malware targeted major defense contractors, the program may feature amateurish code, but its threat is very real.
After fooling a user into downloading the false Flash update, the malware quickly goes to work profiling the …
February 17, 2017 •
2 min read
Mac OS XModern malware adopts a huge number of different forms, from the destructive to the secretive. Some will seek to damage your system, while others snoop around for personal information to steal. Because these are the types of malware infections that users most often encounter, it’s easy to think that an anti-malware solution is all you need to stay protected. However, some malware can exploit flaws at a more fundamental level in the system. Such is the case with the emergence of a recent malware threat for Mac users which …
January 23, 2017 •
2 min read
AppleFollowing a month-long gap after the release of iOS 10.1.1, Apple has finally released its latest round of updates not just for its iOS devices but several other products as well. In addition to iOS 10.2, macOS Sierra received many security updates, as did Safari. iCloud and iTunes for Windows also received minor patches as well. While Apple took the time to add some additional features and tweaks to iOS in its update, these patches were mainly aimed at closing many ongoing system vulnerabilities.
Among the most crucial fixes …
December 20, 2016 •
2 min read
Mac OS XWith the huge number of ads present on the web today, it’s no surprise that they’re often a target and an attack vector for hackers looking for an open door. We’ve discussed malvertising here before to alert our readers to the potential threat. Now there comes word from security researchers that malvertisers executed a campaign specifically targeting macOS users early in November. This time the target was users who were hoping to install Google Chrome.
When searching for the keywords “Google Chrome,” a malicious ad purchased by the …
December 12, 2016 •
2 min read