Pokemon Go developer Niantic under fire for “full access” to Google accounts, states fixes coming soon

Posted by:
Date: Tuesday, July 12th, 2016, 08:05
Category: iOS, iPhone, News, security, Software

pokemongo

If you’re looking to install Pokémon Go on your iOS device, you might want to wait a few days.

Amid revelations that the popular Pokémon Go game for iPhone offers universal access to Google accounts, Google and Niantic have said that user emails and other sensitive data are not being harvested, and that a pair of fixes are incoming.

Early Monday, analytics firm architect Adam Reeve claimed that installing Pokémon Go and using a Google account to play the game granted full access to linked accounts on both Android and iOS, without informing the user. The apps, per the Google Play description, “can see and modify nearly all information in your Google Account” but “can’t change your password, delete your account, or pay with Google Wallet on your behalf.”

(more…)

Additional malware strains for Macs surface, GateKeeper still recommended as means of protection

Posted by:
Date: Thursday, July 7th, 2016, 11:43
Category: Hack, macOS, News, OS X, security, Software

trojanhorse

After a hiatus, a trio of three new discovered Mac malware strains have emerged.

The strains, once installed, have the potential to access Web cameras, password keychains, and pretty much every other resource on an infected machine.

The first one, as mentioned yesterday, has been dubbed “Elanor” by researchers at antivirus provider Bitdefender and is hidden inside EasyDoc Converter, a malicious app that is, or at least was, available on a software download site called MacUpdate. When double clicked, EasyDoc silently installs a backdoor that provides remote access to a Mac’s file system and webcam, making it possible for attackers to download files, install new apps, and watch users who are in front of an infected machine. Eleanor communicates with control servers over the Tor anonymity service to prevent them from being taken down or being used to identify the attackers.

(more…)

Backdoor.MAC.Elanor malware for Mac enters the wild, can steal data, execute remote code, operate webcam

Posted by:
Date: Wednesday, July 6th, 2016, 07:18
Category: News, security, Software

trojanhorse

Well, this’ll keep Apple’s security team busy for a while.

Recently, Bitdefender Labs found what might be the second example of true Mac malware to enter the wild. The application, dubbed “Backdoor.MAC.Elanor”, is available on a number of reputable download sites such as MacUpdate.

The backdoor is embedded into a fake file converter application that is accessible online on reputable sites offering Mac applications and software. The EasyDoc Converter.app poses as a drag-and-drop file converter, but has no real functionality – it simply downloads a malicious script.

(more…)

Apple leaves iOS 10 beta kernel unencrypted, opens door to white hat hackers, researchers

Posted by:
Date: Thursday, June 23rd, 2016, 08:41
Category: Hack, iOS, News, security, Software

ios10logo

This is interesting.

According to users who’ve been testing the iOS 10 beta, Apple apparently left the operating system’s kernel unencrypted. Apple confirmed this on Wednesday, citing that the move was performed to streamline system performance.

An Apple spokesperson stated that because iOS 10’s kernel cache does not contain sensitive information, it does not need to be encrypted.

(more…)

Facebook CEO appears with tape-covered camera, microphone port on MacBook Pro

Posted by:
Date: Wednesday, June 22nd, 2016, 08:05
Category: MacBook Pro, News, security

mark-zuckerberg-tape-facebook-instagram-1-1592x796

It’s not the most complicated fix in the world, but apparently Mark Zuckerberg stands by it.

The Facebook CEO, who has apparently had more than $16 million on security spent on him for protection from “specific threats” and has hired 16 bodyguards to protect him at home, shared an image on Facebook celebrating Instagram’s 500 million monthly user milestone in which the camera and microphone of a MacBook Pro in the background are covered with taps. While some tried to argue that it wasn’t Zuckerberg’s desk, it’s been seen in a variety of other images of Zuckerberg and in various live streams, so it seems like a safe assumption.

(more…)

WWDC: Flash, older plug-ins to be turned off by default in macOS Sierra, push towards HTML5 continues

Posted by:
Date: Wednesday, June 15th, 2016, 17:07
Category: Developer, Google, News, security, Software, WWDC

macossierra

In another sign that Flash is pretty much on its way out, Apple engineer Ricky Mondello announced that Safari 10, which will arrive in the upcoming macOS Sierra operating system, will arrive with legacy plug-ins like Flash turned off by default.

The Mac maker is planning similar measures with other plug-ins like Java, Silverlight and QuickTime. This move will force websites with both plug-in and HTML5-based media implementations to use their HTML5.

(more…)

1Password updated to 6.3.1 for OS X, 6.4.2 for iOS

Posted by:
Date: Monday, June 6th, 2016, 16:24
Category: iOS, News, OS X, security, Software

1passwordicon

1Password, AgileBits’ ubiquitous password manager, has been updated the version 6.3.1 for OS X and 6.4.2 for iOS.

1Password 6.3.1 for OS X offers the following fixes and changes:

Improved:
– Item sharing has returned with proper advice for sharing only over secure services.

– When first setting up 1Password the back buttons shown there now properly support VoiceOver.

– The password generator shown when first setting up 1Password now announces the number of words.

– VoiceOver no longer reads the image descriptions in sidebar categories or item list.

– We made it more clear how to sign out of an account in the “Accounts” preferences.

– Improved VoiceOver support in the 1Password Account login form so that the text fields are associated with their labels.

(more…)

Apple releases AirPort Base Station Firmware Update 7.7.7 for AirPort Extreme, Time Capsule units

Posted by:
Date: Wednesday, May 25th, 2016, 08:11
Category: News, security, Software

airportutilityicon

It’s been a while since Apple released one of these.

On Wednesday, Apple released its AirPort Base Station Firmware Update 7.7.7 for its 802.11ac AirPort Extreme Base Station and Time Capsule units.

The update resolves the following security issues with the devices:

(more…)

WhatsApp arrives for OS X

Posted by:
Date: Wednesday, May 11th, 2016, 08:55
Category: iOS, News, OS X, security, Software

whatsapp

WhatsApp has arrived for OS X.

The popular messaging app now has a desktop Mac version of the client, the launch coming a few months after the Facebook-owned service launched a web interface and a month after it rolled out end-to-end encryption for all communication.

Much like the web client, the WhatsApp Mac application relies heavily on the mobile version of the communication platform. WhatsApp keeps all conversations synced across all of your devices. Additionally, because the app is native on OS X, it supports desktop notifications, keyboard shortcuts, and more.

(more…)

FBI not submitting San Bernadino iPhone hack for peer review

Posted by:
Date: Thursday, April 28th, 2016, 08:50
Category: Hack, iPhone, Legal, News, security

lockediphone5c

The FBI is keeping the San Bernadino iPhone hack technique to itself for the time being.

A recent report has stated that the FBI will not be submitting the exploit used to break into the iPhone 5c of San Bernardino shooter Syed Rizwan Farook to a review process that could clear it for sharing with outside parties.

The FBI, which used a third party to unlock the iPhone, apparently didn’t acquire the rights to the technical details used in the hack, according to Amy Hess, the FBI’s executive assistant director for science and technology. As a result, Hess said the agency doesn’t “have enough technical information about any vulnerability” that could be considered for release.

(more…)