flaw

iOS 13 flaw exposes all your contacts data

By

Find My Friends
Keep your iPhone close by.
Photo: Ed Hardy/Cult of Mac

A newly-discovered flaw in iOS 13 lets anyone access your contacts without your passcode.

It takes just a few simple steps to bypass your iPhone’s lockscreen and see every phone number, email address, and physical address you have saved. But a fix is already on the way.

Does your iPhone XS suffer from s-s-stuttering?

By

iPhone XS Max
It's thought every handset has this problem.
Photo: Leander Kahney/Cult of Mac

iPhone XS and iPhone XS Max owners are reporting animation stutters after leaving their handsets idle for around 10 seconds.

The problem, which is most obvious when opening or closing apps and scrolling pages, has reportedly been present for several months now. It persists in the latest iOS 12.2 betas, which suggests Apple hasn’t yet found a fix.

Apple may have quietly fixed MacBook Pro’s ‘stage light’ flaw

By

MacBook Pro 2018 display cables
It's a small but significant change.
Photo: iFixit

Apple’s latest MacBook Pro lineup may be immune to the “stage light” flaw that has plagued some 2016 and 2017 models.

Slightly longer display cables inside the newer notebooks could help prevent the wear that older units are susceptible to. It’s only a minor change, but it may eliminate nasty $600 repair bills.

Google’s Project Zero discovers ‘high severity’ flaw in macOS kernel

By

macOS High Sierra
Apple is said to be working on a fix.
Photo: Apple

Google’s Project Zero team has discovered a “high severity” flaw in the macOS kernel.

The issue, which potentially allows attackers to perform malicious actions on a mounted filesystem, was reported to Apple more than 90 days ago. No fix has been made available yet, but Apple has acknowledged the issue and is working with Project Zero on a patch.

Researcher provides Apple with details (and fix) for Keychain flaw

By

macOS Keychain
Apple still won't cough up a reward.
Photo: Killian Bell/Cult of Mac

A security researcher has decided to provide Apple with details — and a patch — for a serious Keychain flaw in macOS Mojave that allows anyone to access your saved usernames and passwords.

Linus Henze previously withheld the information in protest of Apple’s decision not to offer a macOS bug bounty program. He now believes the problem is too serious for the company to ignore.

Apple flaw lets hackers steal business passwords

By

The CIA has a team of more than 5,000 hackers.
Businesses beware.
Photo: Brian Klug/Flickr CC

Many businesses choose to spend more on Apple smartphones and computers because they’re supposed to be safer than more affordable alternatives running Android or Windows. But they’re not completely bulletproof.

Researchers have discovered a worrying flaw in one Apple service that allows hackers to steal business passwords from macOS and iOS devices.

Apple vows to zip Siri’s loose lips in future update

By

Sorry, Alexa: Siri still the most widespread AI assistant
Sorry, Alexa: Siri still the most widespread AI assistant
Photo: Ste Smith/Cult of Mac

Apple has promised it will fix Siri’s newly-discovered privacy problem in a future software update.

The flaw allows anyone to read your unread messages and other notifications without your passcode — even those that you’ve chosen to hide. It’s not yet clear if Apple will have the fix ready in time for iOS 11.3, which is already on its sixth beta release.

Chrome browser bug makes movie piracy even easier

By

Screen Shot 2016-06-24 at 19.06.08
Stealing movies is simple with Chrome.
Photo: David Livshits/Alexandra Mikityuk

A worrying flaw uncovered in Google Chrome makes it even easier for pirates to download movies and TV shows from the web. Google was made aware of the issue a month ago, but the company is yet to release an update that fixes it.

Facebook coughs up $10,000 for 10-year-old Instagram hacker

By

facebook-coughs-up-10000-for-10-year-old-instagram-hacker-image-cultofandroidcomwp-contentuploads2015122015-12-08-140126-1-jpg
It pays to uncover Facebook flaws.
Photo: Killian Bell/Cult of Mac
Instagram Android
It pays to uncover Facebook flaws. Photo: Killian Bell/Cult of Android

A 10-year-old with insane hacking skills just scored a $10,000 payout from Facebook for uncovering a serious flaw in Instagram.

The Helsinki-based boy, who can’t even open a Facebook account for another three years, found he was able to alter code on Instagram’s servers to delete comments posted by any account.

In-app purchases flaw exposes developers to costly hacks

By

App Store icon
Business is booming for the App Store.
Photo: PhotoAtelier/Flickr

Sloppy coding in some popular iOS games allows hackers to give themselves and others thousands of dollars’ worth of in-app purchases for free.

The hole was discovered by developers at DigiDNA, creator of a backup tool called iMazing that allows iPhone and iPad users to access their devices’ hidden file systems. The developers found that the app backup/restore feature in iMazing 1.3 exposes weaknesses in the way games like Angry Birds 2 and Tetris Free handle in-app purchases.

To demonstrate how easy it is to hack in-app purchases using this method, the DigiDNA team tweaked Angry Birds 2 to start the game with 999,999,999 gems — the equivalent of $10,000 of in-game credits.

Apple Kills Serious iPhone SMS Spoofing Flaw With iOS 6

By

iphone-sms-text-message
Another great reason to install iOS 6.

Back in August, we told you about a serious SMS security flaw with the iPhone that opened the door to text message spoofing. At the time, Apple told users they could protect themselves by using its iMessage service rather that traditional SMS messages, but the Cupertino company appears to have rectified the issue in iOS 6.

iOS 5 Security Flaw Allows Access To Contacts List, Recent Calls & Text Messages Without Passcode

By

Passcode locks are no match for a piece of software called XRY.
Passcode locks are no match for a piece of software called XRY.

Apple’s iOS devices has suffered a number of passcode flaws in recent years, which have allowed anyone to circumvent their security and access features within the device. The company has always been fairly quick to address these issues, but they continue to crop up.

The latest allows anyone with knowledge of the exploit to access your contacts list, your recent calls, your voicemail, your text messages, and more.

iOS Bug Could Cost You A Fortune In Data Fees While You’re On Vacation

By

iphone-app-store

We’re all familiar with how costly data can be on our iOS devices if we’re using them to get on the internet abroad with no access to a Wi-Fi hotspot. To prevent nasty charges, most of us turn off data roaming and avoid using our devices for the internet.

However, there’s a nasty bug in Apple’s iOS operating system that could cost you a fortune while you’re on vacation by allowing you to download apps over a 3G data network even with the feature turned off.

The Passcode Lock On Your iPad 2 Is Useless If You Use a Smart Cover

By

A Colorado man believes Apple's Smart Cover infringes his patent for a portable computer case.
A Colorado man believes Apple's Smart Cover infringes his patent for a portable computer case.

I’ve got a passcode lock on my iPad 2 so that it cannot be accessed by individuals who weren’t given permission to play with it. However, I also use an Apple Smart Cover, and thanks to a security flaw in the iPad’s iOS software, my passcode lock is now useless, because anyone can use my Smart Cover to gain entry to my iPad.

Skype for Mac Updated to Fix Critical Security Flaw

By

Skype-logo-big.jpg

The Skype application for Mac has finally been updated to fix a critical vulnerability discovered last week. Version 5.1.0.935 fixes a major flaw that exposed your Mac to attacks from malicious contacts via instant messages, and meant another user could gain remote access to your system.

Interestingly, Skype actually fixed the flaw on April 14th, but didn’t bother pushing the update out to its users because there was no exploit active in the wild. Reassuring, isn’t it?