The web browser built into the TikTok iPhone app can monitor your keystrokes. A developer who researched the software called it “the equivalent of installing a keylogger,” and warns that it can potentially grab passwords and credit card info.
A similar warning went out recently about the browsers built into Facebook and Instagram.
A recent macOS Monterey update deals with a nasty security problem in WebKit. But Apple is aware many users don’t upgrade to the latest operating system versions, so it also released Safari 15.6.1. The web browser update allows anyone using older macOS versions to avoid the vulnerability.
The browser update is free and available now.
Apple developed Automatic Verification to let iPhone, Mac and iPad users bypass those irritating CAPTCHA image tests that websites use to confirm that someone is a human and not a bot.
Cloudflare and Fastly, big cloud computing companies that power tons of websites, are already on board to adopt the new system.
Apple is in the process of upgrading Apple Pay fraud prevention features for cards stored in the Wallet app on iPhone and Apple Watch, starting with Visa cards.
Some users have already started noticing a new “Enhanced Fraud Prevention” alert badge.
Apple said in a statement Thursday it will update AirTags item trackers with new privacy warnings, better warning sounds and smarter Find My tracking. The efforts comes as the company tries to improve security in the wake of criminal activity involving the devices, such as theft and stalking.
To make sure your AirTag has the latest security improvements, check for the AirTag update regularly.
If you’ve been reusing the same old password across multiple websites and accounts, you need to stop what you’re doing and get a password manager immediately. Cybersecurity experts recommend password managers as the best way to protect yourself and your private data.
And right now, you can grab a year’s premium subscription to the top-rated Dashlane — the official password manager of Cult of Mac — while it’s on sale for just $29.99. That’s 50% off the regular price of $59. Or, boost your savings even further by grabbing a one-year subscription to the Dashlane Password Manager Family Plan, which lets you create six premium accounts, on sale for 64% off.
Apple paid a cybersecurity student what’s thought to be a record-high $105,000 bug bounty. Why? He showed the company how hacking its webcams can render the devices fully vulnerable to further attacks.
Apple has confirmed that giving users the option to skip iOS 15 updates and stick with iOS 14 was always intended to be temporary.
Its clarification comes after it last week stopped delivering security updates to those who have chosen not to update their devices since iOS 15 made its debut last September. iOS 15.2.1 is now the only upgrade option.
This UEM post is brought to you by ManageEngine.
If you manage technology for a company, you need all the help you can get. Not every business has the resources for a big, well-equipped IT department. Yet you might still need to manage, automate and secure all sorts of devices across a workforce and varied systems.
That’s where ManageEngine’s Desktop Central comes in. Its unified endpoint management system is affordable, feature-rich and easy to use, thanks to a clean, intuitive design.
WhatsApp’s encrypted backups features is now rolling out on iPhone. Users can create a password to prevent unauthorized access to their chat data, while still uploading it to iCloud or Google Drive for their convenience.
The feature ensures that your WhatsApp chats are protected, even if the backup file itself somehow makes it into the wrong hands.
iOS is safer than Android because you cannot sideload apps onto an iPhone, Apple says. The company this week published a document in response to the European Commission’s proposal that could force Apple to allow third-party app marketplaces, which points out the many risks (as Apple sees it) with that plan.
Titled “Building a Trusted Ecosystem for Millions of Apps,” the 31-page PDF argues that allowing the sideloading of apps on iPhone “would cripple the privacy and security protections that have made iPhone so secure.”
Not too long ago you didn’t have a whole lot of choices for high-quality cameras to run with Apple’s HomeKit system, but that’s changing all the time. For example, Zorachka has released its new, high-end Homam 64GB camera. It joins recent offerings from the likes of Aquara, Eufy, Eve and others.
Apple rushed out updates for iPhones, iPads, Macs and Apple Watches on Monday to patch a pair of critical security vulnerabilities. The updates protect users from arbitrary code execution that can be triggered by maliciously crafted PDFs or web content, Apple said in its release notes.
In both cases, “Apple is aware of a report that this issue may have been actively exploited,” the company said.
The updates include iOS 14.8, iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2 and security patches for Safari and macOS Catalina.
WhatsApp recently patched a serious security vulnerability that could expose sensitive user data. Security researchers discovered the hole, which could be exploited by opening an attachment that contained a malicious image file.
More recent versions of WhatsApp now check the integrity of image that has been edited with filters to keep users safe.
Apple CEO Tim Cook, Microsoft CEO Satya Nadella, and other tech executives will meet President Biden at the White House this week. The focus of the meeting will be the efforts of private companies to improve cybersecurity following an increase in online attacks, one report claims.
An international coalition of more than 90 policy and rights groups is urging Apple to drop plans to scan user photos for child abuse material (CSAM).
In an open letter addressed to Apple CEO Tim Cook, published on Thursday, the coalition said it is concerned the feature “will be used to censor protected speech, threaten the privacy and security of people around the world, and have disastrous consequences for children.”
Security research firm Corellium on Monday revealed its new Open Security Initiative, which will support independent research into the privacy and security of mobile apps and devices. Its first target is Apple’s controversial CSAM scanning feature, set to roll out to iPhone users later this year.
Corellium said it applauds Apple’s commitment to holding itself accountable, and it believes its platform of virtual iOS devices is best for supporting any testing efforts. It hopes that researchers will use it to uncover “errors in any component” of Apple’s feature, which could be used to “subvert the system as a whole, and consequently violate iPhone users’ privacy and security.”
Three of Apple’s biggest products received security patches Monday — and another got its version on Thursday. You should probably install them as soon as possible.
The company started with macOS Big Sur 11.5.1, iOS 14.7.1, and iPadOS 14.7.1 to fix a security hole reportedly used by at least one hacker already. That’s why they are “recommended for all users,” according to Apple.
Apple followed up Thursday by releasing watchOS 7.6.1 to patch the same bug on Apple Watch. It’s also recommended.
Google rolled out a couple of new search-related security tools Thursday for its main iOS app. With them, you can add security to saved search histories and quickly delete recent searches. We’ll show you how to use them, below.
Linksys has rolled out support for Apple’s smart-home platform, HomeKit, in a firmware update for its flagship affordable Wi-Fi router system. Now users can enjoy high-speed internet access throughout the house with a little extra peace of mind.
It’s time to stop using that useless six-digit passcode on your iPhone. Now that cops around the United States are going crazy for the GrayKey, a little box that can crack your iPhone’s passcode in hours, it has become clear that the iPhone’s regular six-digit numerical code is no longer secure.
Plus, now that GrayKey is available, it won’t be long before they’re in the hands of the bad guys, too, if they’re not already. In fact, instructions on how GrayKey works surfaced online last month.
The good news is, it’s super-easy to change your iPhone passcode to something a lot better. The bad news? There actually isn’t any, unless you already have the cops trying to break into your iPhone — in which case you’ve got plenty of bad news already.
The headline should probably read, “Got data? And money?” Storage device-maker Apricorn released on Thursday what it bills as the largest-ever portable encrypted solid state drive. It holds 20TB of data and costs $12,999.
But don’t worry, you can get a much smaller one for as little as $239.
This post on Apple device endpoint management is brought to you by Hexnode.
The COVID-19 pandemic remolded everything from our socializing habits to our working styles, imposing a new normal worldwide. Remote work emerged as a workable solution to prevent the complete interruption of entire industries while also safeguarding employees’ health during a dangerous time.
Whether you share confidential documents for work, want to protect your personal information from hackers and phishing scams, or simply value security, the strength of your email can change everything. Especially since hacked email accounts make up more than half of all recent data breaches.
The solution? A super-strength, end-to-end encrypted email service you can trust.
Apple thinks five pieces of antitrust reform legislation could undermine innovation and competition in tech, as well as creating a “race to the bottom” for security and privacy. Apple laid out its concerns in a letter sent ahead of Wednesday’s meeting of the House Judiciary Committee to discuss the proposed laws.
The letter — sent to chairmen Jerrold Nadler and David Cicilline, and ranking members Jim Jordan and Ken Buck — lays out Apple’s arguments for why the government needs to reconsider the five bills.