Apple releases macOS 10.12.1 Sierra update

Posted by:
Date: Tuesday, October 25th, 2016, 05:37
Category: macOS, News, security, Sierra, Software

macossierra

On Monday, Apple released macOS 10.12.1, the first major update to its recently-released macOS 10.12 Sierra operating system.

The update, which weighs in around 584 megabytes, includes the following fixes and changes:

Fixes:
Adds an automatic smart album in Photos for Depth Effect images taken on iPhone 7 Plus.

Improves the compatibility of Microsoft Office when using iCloud Desktop and Documents.

Fixes an issue that may prevent Mail from updating when using a Microsoft Exchange account.

Fixes an issue that caused text to sometimes paste incorrectly when using Universal Clipboard.

Improves reliability of Auto Unlock with Apple Watch.

Improves security and stability in Safari.

(more…)

Officials look into Friday’s Mirai-based DDoS, cite Apple’s HomeKit security protocol

Posted by:
Date: Monday, October 24th, 2016, 05:02
Category: Hack, Hardware, HomeKit, News, security

ddos-attack-on-dns-major-websites-including-github-twitter-suffering-outage

Following up on the large-scale distributed denial of service (DDoS) attack on Friday that temporarily took down large chunks of the Internet, it looks like Apple’s controversial “walled garden” approach to its HomeKit devices may have worked out.

As detailed in recent reports, the attack, which also targeted unprotected “Internet of Things” (IoT) devices, focused on Dyn, an internet management company that provides DNS services to many major web entities.

A series of repeated attacks caused websites including The Verge, Imgur and Reddit, as well as services like HBO Now, and PayPal, to see slowdowns and extended downtimes. Follow-up waves played havoc with The New York Times, CNN, Netflix, Twitter and the PlayStation Network, among many others.

(more…)

FAA bans Samsung Galaxy Note 7 handsets on U.S. flights

Posted by:
Date: Monday, October 17th, 2016, 05:12
Category: battery, Hardware, Legal, News, Samsung, security

screen-shot-2-800x530

Ok, if you bring a Samsung Galaxy Note 7 handset onto a plane, this may be a viable reason as to why the burly security types are tackling you.

The Federal Aviation Administration recently banned the Galaxy Note 7 from being brought onto airplanes. Under a new Emergency Restriction / Prohibition Order, it’s now a federal crime to fly with the device.

(more…)

Former NSA staffer, security researcher releases paper demonstrating how Mac malware can capture, redistribute live video and audio feeds

Posted by:
Date: Friday, October 7th, 2016, 05:57
Category: News, security, Software

trojanhorse

Malware on the Mac is becoming something to worry about, as demonstrated by security researcher and former NSA staffer Patrick Wardle. During a presentation at Virus Bulletin, Wardle yesterday showed how Mac malware to tap into live feeds from the built-in webcam and microphone on a MacBook Pro. His presentation is being delivered at the Virus Bulletin conference in Denver later today.

Although any unauthorized access to the webcam will light the green LED – a firmware-level protection that is exceedingly difficult to bypass – Wardle’s presentation shows how a malicious app can tap into the outgoing feed of an existing webcam session, like a FaceTime or Skype call, where the light would already be on.

(more…)

Some iPhone users encountering Activation Lock error upon entering wrong Apple ID email address

Posted by:
Date: Thursday, October 6th, 2016, 05:36
Category: iOS, iPhone, News, security, Software

activation-lock-main

It appears that inputting the wrong Apple ID email address could lead to an Activation Lock with the new iPhone 7 and iPhone 7 Plus and some iPhone 6s and 6s Plus models.

A number of users have stated that, after entering the wrong Apple ID email address, they cannot sign in and are therefore unable to proceed with setting up the iPhone. The issue has primarily affected new iPhone 7 and iPhone 7 Plus models upon being turned on for the first time, and iPhone 6s and iPhone 6s Plus models upon being restored to default settings, although older models appear to be affected to a lesser extent.

(more…)

Leaked document explains how Apple tracks communication via, shares information with law enforcement

Posted by:
Date: Thursday, September 29th, 2016, 05:01
Category: iOS, iPhone, Legal, News, privacy, security

imessage-logo

In the complicated balancing act between privacy and security, it looks like Apple has been handing the phone number you’ve called over to the police.

Following this year’s FBI investigation and Apple’s vows of privacy protection, it appears that Apple in fact keeps a log of everyone you try to contact using iMessage, according to a leaked document found by The Intercept. These logs contain personal contact information, including phone numbers, and are stored in Apple’s servers for 30 days before being deleted. Furthermore, Apple has shared these server logs with police after being compelled by a court order.

(more…)

Komplex trojan surfaces for macOS, thought to exploit vulnerability in MacKeeper antivirus software

Posted by:
Date: Tuesday, September 27th, 2016, 14:52
Category: Hack, News, security, Software

trojanhorse

Yet another chunk of malware for OS X/macOS to worry about.

Security researchers at Palo Alto Networks have identified a new trojan known as “Komplex”, which can download, execute, and delete files from an infected Mac. Interestingly, the Trojan will also save a PDF document to the infected system concerning the Russian space program.

The PDF document details planned Russian space projects from 2016 to 2025, but also acts as a decoy.

(more…)

Apple acknowledges iOS 10 security flaw that reduces security for iTunes-based backups

Posted by:
Date: Monday, September 26th, 2016, 05:50
Category: Hack, iOS, News, security, Software

ios10logo

Well, this is why they invented bug fixes and updates.

A new discovery by iOS and security forensics company Elcomsoft has revealed that encrypted iOS backups saved via iTunes are now much easier to crack in iOS 10 than in recent years. The change in security is apparently due to a new password verification method in iOS 10.

The discovery focuses on the backup method, which in iOS 10, apparently “skips certain security checks” that were present in past versions of iOS. This allows passwords to be attempted signficnatly faster than before. The new backup method works alongside the old back up method, meaning that for pre-iOS 10 backups, the old method is used.

(more…)

Yahoo confirms hack, roughly 500 million email accounts breached

Posted by:
Date: Friday, September 23rd, 2016, 05:51
Category: Hack, Legal, News, security

yahoomail

In the annals of hacks and breaches, this is pretty epic.

Yahoo confirmed on Thursday data “associated with at least 500 million user accounts” have been stolen in what may be one of the largest cybersecurity breaches ever.

The company said it believes a “state-sponsored actor” was behind the data breach, meaning an individual acting on behalf of a government. The breach is said to have occurred in late 2014.

“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” Yahoo said in a statement.

(more…)

Apple releases Security Update 2016-001 for OS X Yosemite, El Capitan users

Posted by:
Date: Friday, September 2nd, 2016, 05:55
Category: News, security, Software

blog_basic-computer-security-tips_132796727-806x393

Because security updates are a good thing.

On Thursday, Apple released Security Update 2016-001 for users of OS X 10.10 Yosemite and OS X 10.11 El Capitan. The fix covers assorted zero-day exploits that could allow full access to a device and updates Safari to version 9.3.5 to patch security holes in the browser as well.

The exploits require the user to open a URL from an SMS message, which then executes remote binary files in the OS that dig into the kernel and allow unauthorized software to be installed—in iOS this effectively jailbreaks your device behind your back.

(more…)