Former NSA staffer, security researcher releases paper demonstrating how Mac malware can capture, redistribute live video and audio feeds

Posted by:
Date: Friday, October 7th, 2016, 05:57
Category: News, security, Software


Malware on the Mac is becoming something to worry about, as demonstrated by security researcher and former NSA staffer Patrick Wardle. During a presentation at Virus Bulletin, Wardle yesterday showed how Mac malware to tap into live feeds from the built-in webcam and microphone on a MacBook Pro. His presentation is being delivered at the Virus Bulletin conference in Denver later today.

Although any unauthorized access to the webcam will light the green LED – a firmware-level protection that is exceedingly difficult to bypass – Wardle’s presentation shows how a malicious app can tap into the outgoing feed of an existing webcam session, like a FaceTime or Skype call, where the light would already be on.


Some iPhone users encountering Activation Lock error upon entering wrong Apple ID email address

Posted by:
Date: Thursday, October 6th, 2016, 05:36
Category: iOS, iPhone, News, security, Software


It appears that inputting the wrong Apple ID email address could lead to an Activation Lock with the new iPhone 7 and iPhone 7 Plus and some iPhone 6s and 6s Plus models.

A number of users have stated that, after entering the wrong Apple ID email address, they cannot sign in and are therefore unable to proceed with setting up the iPhone. The issue has primarily affected new iPhone 7 and iPhone 7 Plus models upon being turned on for the first time, and iPhone 6s and iPhone 6s Plus models upon being restored to default settings, although older models appear to be affected to a lesser extent.


Apple apparently discontinues third-gen Apple TV units, focuses on fourth-gen models

Posted by:
Date: Wednesday, October 5th, 2016, 05:26
Category: Apple TV, Hardware, News, retail, TvOS


It’s been some time coming.

Apple has officially discontinued the third-gen Apple TV set-top box. In an email sent out today to employees and education partners, Apple confirmed that it is discontinuing the device, shifting its focus entirely to the fourth-gen, tvOS-powered model.

In the email, Apple explained that it would fulfill order backlog for the device, but pointed partners towards the other available products for new purchases.

Apple offered the following explanation in the email:

Effective immediately, Apple TV (3rd generation), MD/199LL/A, has reached end of life and is now discontinued. The Apple Supply team is going to fulfill all shippable backlog.


Angry customer uses steel ball to smash Apple Store items, complains about consumer rights prior to being caught

Posted by:
Date: Friday, September 30th, 2016, 09:02
Category: Fun, Hardware, iPhone, MacBook Air, News


This probably isn’t the best way to have your customer support complaints addressed.

On Friday, a disgruntled customer walked into the Apple Store in Dijon, France and began destroying various products with a steel ball of the kind that’s used in the classic French game Pétanque. The steel ball is hollow but still weighs about 2.5 pounds.

He is heard talking about “his consumer’s right” and citing that he’s unhappy with how Apple handled his support case. Minutes later, security turns up and tries to escort him away — but not without him trying to escape.


Leaked document explains how Apple tracks communication via, shares information with law enforcement

Posted by:
Date: Thursday, September 29th, 2016, 05:01
Category: iOS, iPhone, Legal, News, privacy, security


In the complicated balancing act between privacy and security, it looks like Apple has been handing the phone number you’ve called over to the police.

Following this year’s FBI investigation and Apple’s vows of privacy protection, it appears that Apple in fact keeps a log of everyone you try to contact using iMessage, according to a leaked document found by The Intercept. These logs contain personal contact information, including phone numbers, and are stored in Apple’s servers for 30 days before being deleted. Furthermore, Apple has shared these server logs with police after being compelled by a court order.


Apple acknowledges iOS 10 security flaw that reduces security for iTunes-based backups

Posted by:
Date: Monday, September 26th, 2016, 05:50
Category: Hack, iOS, News, security, Software


Well, this is why they invented bug fixes and updates.

A new discovery by iOS and security forensics company Elcomsoft has revealed that encrypted iOS backups saved via iTunes are now much easier to crack in iOS 10 than in recent years. The change in security is apparently due to a new password verification method in iOS 10.

The discovery focuses on the backup method, which in iOS 10, apparently “skips certain security checks” that were present in past versions of iOS. This allows passwords to be attempted signficnatly faster than before. The new backup method works alongside the old back up method, meaning that for pre-iOS 10 backups, the old method is used.


Apple releases Security Update 2016-001 for OS X Yosemite, El Capitan users

Posted by:
Date: Friday, September 2nd, 2016, 05:55
Category: News, security, Software


Because security updates are a good thing.

On Thursday, Apple released Security Update 2016-001 for users of OS X 10.10 Yosemite and OS X 10.11 El Capitan. The fix covers assorted zero-day exploits that could allow full access to a device and updates Safari to version 9.3.5 to patch security holes in the browser as well.

The exploits require the user to open a URL from an SMS message, which then executes remote binary files in the OS that dig into the kernel and allow unauthorized software to be installed—in iOS this effectively jailbreaks your device behind your back.


Transmission BitTorrent client found to be spreading OS X/Keydnap malware

Posted by:
Date: Wednesday, August 31st, 2016, 05:27
Category: macOS, News, security, Software


The malware beast raises its head once again.

Transmission, a popular BitTorrent client, has been discovered to once again be distributing Mac-based malware under version 2.92, months after it was used to spread a strand of ransomware.

Researchers at security firm ESET have been following a malware called OSX/Keydnap, which can steal passwords, and noticed that it was spreading through Transmission’s official site.

As of now, a version of Transmission containing the malware is in the wild according to ESET.


Dropbox resets passwords for users who haven’t logged in since mid-2012

Posted by:
Date: Monday, August 29th, 2016, 05:56
Category: Archive, security, Software


It’s a bit of a strong measure, but Dropbox decided to take it.

On Friday, Dropbox required users who hadn’t logged in since mid-2012 to change their account passwords. The company stated that this was a preventative measure and that this wasn’t an indication that accounts had been improperly accessed.

They concluded by apologizing for the inconvenience.