Children’s Websites Pay Settlement for Tracking User Activity

Several popular children’s websites have agreed to a court settlement for tracking kids’ activities on the web. The sites collectively will pay $835,000 to settle a lawsuit brought by Eric Schneiderman, the Attorney General of New York. Schneiderman discovered that the sites in question were monitoring kids online and tracking their movements to advance their marketing agendas.

While this type of behavior is legal (and common) with adult users, Internet tracking and targeted advertising gets into dangerous territory when monitoring kids. Schneiderman’s investigation found that the websites in …

Dropbox Security Concerns Deepen with Extensive System Permissions Requests

Over the past few years, there has been an undeniable explosion in the popularity of using “the cloud” for services as diverse as music streaming, web hosting, and file storage. One of the earliest, biggest, and most continually influential players in cloud services is Dropbox. As the company that brought cloud storage and file syncing into widespread use, it’s easy to ascribe safety and security to the Dropbox brand based on popularity alone. In spite of its presence on many platforms including OS X and its everyday use in business …

Ransomware Imitation Attempts to Fool iPhone Users

Though the threat of computer viruses once lurked primarily in the domain of email attachments and suspicious file downloads, the current landscape is vastly different. Simply doing damage to a system and spreading a virus further is no longer the biggest threat. From spyware to any of the many flavors of malware, there are many new and evolving security issues facing computer systems globally. Ransomware continues its rise to prevalence as infections rise year over year, compromising more machines. Ransomware, a type of malware which locks down user access to …

SecureMac to Debut “The Checklist” Podcast Series

Apple Security Experts Teaming Up with Popular Radio Host, Ken Ray

Las Vegas, NV, September 8, 2016 – SecureMac, one of the key contributors in the Mac security world, today announced the debut episode of “The Checklist – presented by SecureMac,” a security-themed podcast series intended for a wide range of audiences from novices to like-minded experts. Ken Ray, a popular icon in ‘all things related to Apple’ will serve as the host.

Each week, Nicholas Raba, Nicholas Ptacek and Ken will cover a wide range of security topics related to Mac …

Opera Suffers Major User Data Breach

With millions of active users on Mac platforms alone and hundreds of millions more users worldwide, Opera remains a favorite web browser even two decades after its first release. On its website download page, Opera even bills itself as “the best browser for Mac.” Apple users should, therefore, pay close to attention to a recent data breach affecting users of the Sync feature. Opera Sync functions similarly to Google Chrome’s sync function, which synchronizes settings and other data over multiple devices. This feature is very helpful for individuals who use …

Apple Releases Security Updates for OS X El Capitan, Yosemite, and Safari

Apple released a trio of security updates on Thursday to patch vulnerabilities in their desktop operating systems and web browser. Users running OS X El Capitan should download Security Update 2016-001, while those still using OS X Yosemite will need Security Update 2016-005.

As MacRumors noted in their report on the updates, it is not customary for Apple to release standalone security updates for OS X. Instead, security updates tend to be bundled in with more overarching version updates. MacRumors theorized that the distribution of these two standalone updates …

A Security Exploit Using Live Photos Showcases the Need for Biometric Scrutiny

Personal biometric data, such as our faces and fingerprints, is increasingly used as a set of digital keys for unlocking access to many of our important devices and services. For example, many banks now take advantage of the iPhone’s built-in fingerprint scanner to allow quick and easy access to their mobile banking applications. This application affords a great deal of convenience for the user, generating a positive experience.

Beneath the “cool” factor, though, these new technologies must be strictly evaluated in terms of their real world effectiveness. Are we …

Ivan Krstic Announces Bug Bounty Program

Apple’s head of Security Engineering and Architecture made the announcement (which everyone is by now well aware of) about their soon-to-be-implemented bug bounty program at Black Hat 2016. Krstic expanded upon the parameters of the program in greater detail. Apple is offering cash payouts of varying amounts, depending on type of vulnerability discovered:

SecureBoot firmware components – Up to $200,000
Extraction of confidential material protected by the Secure Enclave Processor – Up to $100,000
Execution of arbitrary code with kernel privileges – Up to $50,000
Unauthorized access to iCloud account data on Apple servers …

Five Easy Steps for a Safer Mac

Those of you with a small or home business probably use your laptop or personal computer to send invoices, receive transactions, and deal with incoming or outgoing mail related to running your company. If that’s the case, there’s probably plenty sensitive information passing through your computer, and you need to ensure that it’s well protected.

For the Mac users out there, you might have heard that Macs are naturally less susceptible to viruses, hacks and other security breaches than PCs. And at some point in the past, that may have been …

Apple’s Clash with Banks Over Apple Pay & NFC Chips

You’ll recall that Apple recently got into a row with four large Australian banks (Bendigo and Adelaide Bank, Commonwealth Bank, NAB, and Westpac) over Apple Pay and their NFC (near field communication) mobile payment hardware. For those who are unaware, Apple Pay allows iPhone and Apple Watch users to make convenient, contactless retail payments at various outlets instead of a credit or debit card. The banks joined forces to resist signing deals to use Apple Pay, and (from Apple’s perspective at least) stifle their ability to compete. In a formal …

Apple to Start Requiring HTTPS for iOS Apps

You’re browsing the Internet, and you take a glance up at the address bar. What do you see? In most cases, the first characters in the URL of the website you are looking at will be “HTTPS.” HTTPS, or HTTP Secure, is the most secure version of Hypertext Transfer Protocol. This protocol allows for communication over a computer network, with said communications encrypted by either Transport Layer Security (TLS) or Secure Sockets Layer (SSL). On the Internet, HTTPS allows for private and safe exchange of data between a website …

Apple Releases Important iOS Update to guard against Malware

iPhone and iPad users should update to the latest version of iOS as soon as possible, following the latest security update from Apple. The new patch—iOS 9.3.5—arrived on Thursday, August 25th and was dubbed by Apple as an “important security update.” It addresses dangerous malware that was recently developed in the Middle East.

Writing for ZDNet, Zack Whittaker noted that iOS 9.3.5 is a patch for three different malware vulnerabilities, not just one. Working together, security researchers Citizen Lab and Lookout discovered the vulnerabilities and notified Apple about their existence. Lookout …

Apple Bounty Program

Taking a page from the playbook of a number of other high-profile companies, Apple intends to implement a bounty program to enlist the aid of third parties in tracking down and eliminating bugs in their software. Recently, The Verge reported that Apple would, at last, join the ranks of the other tech giants currently offering cash-for-bugs and that the program would take off sometime in September. Though the company has long maintained a tip line, this would be the first time they are explicitly sanctioning money in exchange for sniffing …

iOS 9.3.4 Bug Fix

iOS 9 has received yet another update – this one designed to tackle recently discovered security flaws – CNET reports. This marks the fourth update to iOS 9.3 (which was released in March). It is also speculated to be the last update to iOS 9.3, as iOS 10 is slated to be released next month. You may be thinking, “what gives?” as this update was released suddenly, and without the numerous rounds of beta testing and public review that iOS 9.3.3, entailed. Interestingly, this update is also devoid of …

Security Flaws in WhatsApp & iMessage

WhatsApp, the popular cross-platform messaging program, may have a security flaw. That security flaw might also be present in Apple’s iMessage feature. This is according to security researcher Jonathan Zdziarski, via a post on his blog Zdziarski’s Blog of Things on July 28th. First, a bit of background. You’ll recall from a few months ago that WhatsApp introduced new encryption protocols for communications sent via the app. The so-called “end-to-end encryption” was implemented in an effort to secure user privacy and ensure that no individuals or groups could access the …

Edward Snowden Designs an iPhone Case to Detect Government Spying

Three years ago, Edward Snowden turned the United States upside down by leaking information about NSA spying programs to the press. The leaks gave American citizens an unprecedented view of the tactics that the government employs to track and monitor their private lives. In the wake of the leaks, Snowden was labeled as a traitor to the United States.

Currently, Edward Snowden is living in exile in Russia. However, that fact hasn’t kept him from being a near-consistent presence in the headlines. This fall, he’ll be the subject of a new …

Little Snitch Linked with Privilege Escalation on Mac OS X El Capitan

The Little Snitch app is an application firewall that is great for monitoring and controlling how the apps on your Mac can connect to and use the internet. However, according to a recent report from Threatpost, the application might be vulnerable itself. Discovered by researcher and hacker Patrick Wardle, the vulnerability is a local escalation of privileges issue. If exploited, the issue could allow malware programs or local users to gain root privileges on a target computer.

Root privileges, of course, are dangerous for how much control they can give hackers …

Support for MacScan 2 Has Ended

Effective August 1, 2016, support for MacScan 2 software has officially ended. 

This means that SecureMac is no longer providing technical support or malware definition, tracking cookie blacklist, or program updates for MacScan 2.  We have been strongly encouraging existing users of MacScan 2 to consider upgrading to MacScan 3 for ongoing protection.

The five-star ratings and feedback MacScan 3 has generated from the thousands of customers who have already upgraded has been incredibly positive.  Most users share the same sentiment that the new software is easier-to-use, extremely fast …

Apple is Leaving the Kernel Unencrypted in iOS 10

As always, Apple unveiled a slew of intriguing new announcements at their annual Worldwide Developers Conference in June. Among the headline-worthy revelations were the new versions of the Apple Watch, an overhauled Apple Music app, and the “raise and wake” feature of iOS 10. Perhaps the most surprising thing about the conference concerned what was under the hood for iOS. Specifically, Apple has decided to leave the kernel of their mobile operating system unencrypted.

For those who are unfamiliar with the terminology, a “kernel” is considered an operating system’s …

Apple releases key security updates

Apple recently released the latest round of security updates for all of its operating systems and key software programs. The updates all hit the web on July 18th and are officially available for download as we speak. Here’s a brief rundown of each update, what it includes, and why you should make a point to install it ASAP.

OS X El Capitan v10.11.6 and Security Update 2016-004: Apple’s rundown of security fixes for El Capitan should be more or less familiar to anyone who has ever read the notes …