All items tagged with "Security"

Edward Snowden leaks with praise for Apple’s privacy stance

Edward Snowden

Edward Snowden

Apple has been eager to point out lately that unlike Google and Facebook it doesn’t collect or sell your personal information. It’s been a great way for the company to differentiate itself from its competitors and Apple has apparently won over Edward Snowden in the process.

In a recent interview, Snowden was asked whether he thinks Tim Cooks perspective on privacy has been genuine and honest, to which Snowden replied, “it doesn’t matter if he’s being honest or dishonest,” but “that’s a good thing for privacy. That’s a good thing for customers.”

Snowden pointed out that Apple obviously has a financial incentive to differentiate itself from competitors, and we should incentivize other companies to follow their path:

Read the rest of this post »

iOS and OS X bug lets attackers steal passwords from iCloud Keychain

apple-iphone-cracked-security-mac-ios-malware-flaw

Researchers cracked iCloud Keychain and bypassed App Store approval processes.

A group of six university researchers claim to have successfully bypassed Apple’s tight App Store approval processes to publish Mac and iOS malware apps. According to the report, the team presented the zero-day vulnerability to Apple back in October 2014 and were told to keep quiet about it for at least six months.

Luyi Xing, a security researcher who helped expose the zero day vulnerability, still has yet to hear back from Apple on a possible fix.

Read the rest of this post »

iOS mail exploit might let phishers snatch your Apple ID credentials

A new day, a new iOS bug...

A new day, a new iOS bug…

iOS security researchers Jan Souček has discovered a new bug in iOS’s mail client that could trick users into accidentally giving attackers their AppleID and password.

The Mail app exploit was discovered at the beginning of 2015, and Apple’s engineers were quickly notified of its existence, but a fix for the bug hasn’t been released in any of the updates following iOS 8.1.2. According to Souček, the bug allows remote HTML content to be loaded, making it possible to build a password collector that looks just like an iCloud sign-in prompt.

Here’s a video of the bug in action:

Read the rest of this post »

Tim Cook: ‘Morality demands’ security with privacy

Tim Cook addresses the White House Summit on Cybersecurity and Consumer Protection.

Tim Cook addressed the White House Summit on Cybersecurity and Consumer Protection in February.

In a speech to nonprofit research firm Electronic Privacy Information Center (EPIC) at its annual “Champions of Freedom” awards dinner last night, Apple head Tim Cook had some strong words about online security, government monitoring, and corporate data mining.

Cook was the first business leader to receive recognition from EPIC, which lauded his “corporate leadership” on matters of maintaining Apple customers’ privacy.

Read the rest of this post »

Jumpstart a new career in IT management and security with 4 essential exam trainings [Deals]

original_2033_UltimateIT_SecurityBundle_MF-Primary

Thinking about a new career in IT management and security, but not sure where to start? We’ve made it easy. This bundle from iCollege packages together four essential certification courses that train you exactly on what you need to know. Get it for $59 at Cult of Mac Deals today—at 94% off, a deal this good doesn’t come around often.

Read the rest of this post »

How to hide your location from Facebook stalkers

Facebook may be telling people where you are.

Facebook may be telling people where you are.

Anyone you exchange messages with via Facebook Messenger could know where you’ve been at any point. Chatted with your boss? He could use a newly discovered hack to figure out your sick days weren’t spent at home.

Facebook intern Aran Khanna found he could figure out where his friends were going daily with a bit of code, based solely on whether he had Facebook Messenger conversations with them. It even worked with people he wasn’t Facebook friends with if he had been in the same Facebook Messenger chat group.

He calls this code Marauders Map, and anyone can use it. Luckily, it’s fairly simple to hide your location from potential stalkers.

Read the rest of this post »

Yes, Google can wiretap your Hangouts for the government

This text isn't the only message that's insecure. Photo: Evan Killham/Cult of Mac

This text isn’t the only message that’s insecure. Photo: Evan Killham/Cult of Mac

If you’re looking to plan a heist, you’d probably best stay clear of Hangouts: Google has inadvertently confirmed that its chat platform is susceptible to police and government monitoring.

While the tech giant usually keeps quiet about Hangouts’ security features, the revelation (of sorts) came out of an “Ask Me Anything” session Friday on Reddit that included members of Google’s public policy department and legal team. Its proposed topic was “the current status of U.S. government surveillance law reform and how Google thinks about these issues,” but the questions were less about laws or reform and more about Google’s practices.

Read the rest of this post »

How to clear credit card info from a stolen Apple Watch

Let's hope you never have to worry about theft. Photo: Jim Merithew/Cult of Mac

Let’s hope you never have to worry about theft. Photo: Jim Merithew/Cult of Mac

So, you just got that shiny new Apple Watch. It’s amazing, right?

So amazing that someone may try to steal it from you. Sure, that sucks, but it could happen.

Here’s how to clear the credit card info from the stolen device if you no longer have physical possession of your Apple Watch.

Read the rest of this post »

Serious OS X vulnerability isn’t fixed after all

Tim Cook addresses the White House Summit on Cybersecurity and Consumer Protection. Photo: White House

Tim Cook addresses the White House Summit on Cybersecurity and Consumer Protection. Photo: White House

A significant security flaw affecting OS X Yosemite hasn’t been fixed as previously thought, according to a former NSA staffer.

The flaw, known as Rootpipe, is said to have existed since 2011, and could allow an attacker to gain full control of another user’s Mac without requiring authentication.

Read the rest of this post »

Slack has been hacked

Cult of Mac runs on Slack. Photo: Jim Merithew/Cult of Mac

Cult of Mac runs on Slack. Photo: Jim Merithew/Cult of Mac

Slack, the cool new communications app that many of the world’s top companies have flocked to, just revealed that it’s been hacked.

Attackers were able to access a Slack database, the company said Friday morning. There’s no indication the hackers were able to decrypt passwords stored on the server, but Slack is immediately ramping up security efforts in response.

Read the rest of this post »