Critical flaw leaves all Apple devices open to password thieves

By

apple-iphone-cracked-security-mac-ios-malware-flaw
Update your devices today to be safe.
Photo: Faris Algosaibi/Flickr CC

If you haven’t already installed Apple’s latest round of software updates, go do it now.

A flaw in earlier versions of iOS, OS X, tvOS and watchOS makes it possible for hackers to remotely steal saved passwords from your Apple devices without your knowledge.

In-app purchases flaw exposes developers to costly hacks

By

appstore

Photo: PhotoAtelier/Flickr

Sloppy coding in some popular iOS games allows hackers to give themselves and others thousands of dollars’ worth of in-app purchases for free.

The hole was discovered by developers at DigiDNA, creator of a backup tool called iMazing that allows iPhone and iPad users to access their devices’ hidden file systems. The developers found that the app backup/restore feature in iMazing 1.3 exposes weaknesses in the way games like Angry Birds 2 and Tetris Free handle in-app purchases.

To demonstrate how easy it is to hack in-app purchases using this method, the DigiDNA team tweaked Angry Birds 2 to start the game with 999,999,999 gems — the equivalent of $10,000 of in-game credits.

Serious OS X vulnerability isn’t fixed after all

By

Tim Cook addresses the White House Summit on Cybersecurity and Consumer Protection. Photo: White House
Tim Cook addresses the White House Summit on Cybersecurity and Consumer Protection. Photo: White House

A significant security flaw affecting OS X Yosemite hasn’t been fixed as previously thought, according to a former NSA staffer.

The flaw, known as Rootpipe, is said to have existed since 2011, and could allow an attacker to gain full control of another user’s Mac without requiring authentication.

Why you really want to update iOS now (it’s not emojis)

By

Artist's impression of the people potentially behind iOS vulnerability. Photo: Hackers, United Artists
Artist's impression of the people potentially behind iOS vulnerability. Photo: Hackers, United Artists

With reports that it can break elements of Touch ID, there are plenty of reasons to consider not upgrading to iOS 8.3, the latest version of Apple’s mobile OS.

But here’s a very good reason to: according to security researchers, the update fixes a vulnerability which has the potential to render your iPhone almost useless.