Security researchers point out Apple-granted API that could have allowed Uber to monitor iPhone users’ activities

Posted by:
Date: Monday, October 9th, 2017, 05:55
Category: Apple Watch, Developer, iOS, News, security, Software, Wearables

Last week, a controversial background API given from Apple to Uber designed to improve performance of the Uber app on the Apple Watch made headlines when security researchers told stated that Uber could have used it to record a user’s iPhone screen even with the Uber app just running in the background.

In a statement, Uber said the entitlement was used for an old version of the Apple Watch app and was provided to Uber because the original Apple Watch couldn’t render maps.

The company offered the following statement regarding the situation:

(more…)

Apple releases macOS High Sierra 10.13 Supplemental Update, works to address security concerns, bugs

Posted by:
Date: Friday, October 6th, 2017, 05:39
Category: High Sierra, macOS, News, security, Software

Every so often after a major operating system update, Apple releases a supplemental update to sort things out.

This is one of those times.

On Thursday, Apple released macOS High Sierra 10.13 Supplemental Update. The update, a 915 megabyte download through the App Store’s “Update” tab, fixes two important security flaws, one of which was just recently publicized. It also addresses three relatively minor bugs in macOS High Sierra.

Per Apple’s patch notes, the macOS High Sierra 10.13 Supplemental Update offers the following fixes:

Improves installer robustness
Fixes a cursor graphic bug when using Adobe InDesign
Resolves an issue where email messages couldn’t be deleted from Yahoo accounts in Mail
Security patch notes for macOS High Sierra 10.13 Supplemental Update
StorageKit

(more…)

Verizon reveals that all 3 billion existing Yahoo accounts were breached in 2013 attack

Posted by:
Date: Wednesday, October 4th, 2017, 05:45
Category: Finance, Hack, News, security

If you had a Yahoo account in 2013, there’s a 100 percent chance that you were hacked.

Yahoo’s parent company has revealed that the massive data breach that occurred in August of 2013 affective all three billion Yahoo accounts that existed at the time.

Previously, Yahoo said the hack affected 1 billion accounts, or a third of all accounts. Verizon now says new intelligence suggests the attack was much larger, compromising all Yahoo accounts in 2013.

(more…)

Apple File System included in forthcoming macOS High Sierra operating system won’t work on Fusion Drive units, Apple provides instructions for workaround

Posted by:
Date: Wednesday, September 20th, 2017, 05:51
Category: Fusion Drive, macOS, News, security, Software

This could get annoying.

Apple has released a technical note describing how the new Apple File System (APFS) feature will be limited to Macs with all-flash built-in storage, which means it won’t work with iMacs and Mac minis that include Fusion Drives.

The Fusion Drives were converted to the APFS format during the first beta test of MacOS High Sierra, but support was removed in subsequent betas and not reimplemented.

(more…)

HomePod firmware hints at possible Face ID scanning even when next-gen iPhone is laying flat

Posted by:
Date: Monday, August 7th, 2017, 05:55
Category: Developer, Hardware, HomePod, iPhone, Rumor, security, Touch ID

The leaked HomePod firmware might have given away yet another feature for Apple’s upcoming next-gen iPhone.

iHelp has noted a line that references support for facial recognition even when the device is laying flat on its back. The term “Pearl” is believed to be Apple’s name for Face ID:

AXRestingPearlUnlock

com.apple.accessibility.resting.pearl.unlock

(more…)

Wikileaks publishes two more Mac-specific exploits from CIA Vault 7 files

Posted by:
Date: Friday, July 28th, 2017, 05:49
Category: Hacks, News, security, Software

If you’re interested in security, you’ll like this.

Wikileaks has just Wikileaks published two more Mac exploits from the so-called CIA Vault 7 under the name Project Imperial. The new exploits—Achilles and SeaPea—affect older versions of OS X, such as Mac OS X 10.6 Snow Leopard and Mac OS X 10.7 Lion.

The exploits behave as follows:

(more…)

iOS 10.3.3 update resolves Wi-Fi exploit that allowed for complete outside control of devices

Posted by:
Date: Friday, July 21st, 2017, 05:14
Category: Hardware, iPad, iPhone, iPod Touch, News, security, Software

Even if you’re generally a bit hesitant to accept iOS updates until they’ve been out for a while, it might be a good idea to accept the new iOS 10.3.3 update, which was released on Wednesday.

Per Apple’s security document, the update includes the following major fix:

Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip

Description: A memory corruption issue was addressed with improved memory handling.

(more…)

Apple releases macOS 10.12.6, iOS 10.3.3, watchOS 3.2.3 updates

Posted by:
Date: Thursday, July 20th, 2017, 05:56
Category: iOS, macOS, News, security, Software, watchOS

‘Twas a day of updates as Apple released new versions of macOS Sierra, iOS 10, and watchOS 3 on Wednesday.

As usual, Apple’s comments as to the changes involved bug fixes, performance improvements and security fixes with the release of macOS Sierra 10.12.6, iOS 10.3.3 and watchOS 3.2.3, respectively.

Specific changes for macOS 10.12.6 included the following:

(more…)

Unexpected iOS 11 security feature surfaces, hints at new keychain elements

Posted by:
Date: Monday, July 17th, 2017, 05:03
Category: iOS, Rumor, security, Software

This could turn into something interesting.

A new key-shaped icon found in the current iOS 11 beta seems to hint at an upcoming set of security features.

It’s unknown as to whether this hooks into the 1Password app by AgileBits or something on Apple’s end.

(more…)

Notebook travel ban could be lifted soon following security upgrades

Posted by:
Date: Wednesday, July 12th, 2017, 05:47
Category: Hardware, News, security

The notebook travel ban may be lifted in a relatively short period of time.

The Department of Homeland Security on Tuesday said if security measures are increased at the airports in coming days and weeks, the restriction will be removed.

Back in March, the United States banned electronic devices larger than a smartphone from the cabins of flights coming to the U.S. from 10 airports in eight countries in the Middle East and North Africa. Officials feared that the devices could be used to smuggle explosives on board.

The electronics ban remains in effect for U.S.-bound flights from airports in Cairo, Egypt; Casablanca, Morocco; and Jeddah and Riyadh, Saudi Arabia.

(more…)