Strangers can see the email address and other personal info of AirDrop users due to a security flaw in Apple’s file-sharing system, security researchers say. All that is required for this exploit to take place is physical proximity to an AirDrop user and a Wi-Fi device.
The researchers reportedly disclosed the flaw to Apple in May 2019, but it remains unfixed. That potentially leaves more than 1.5 billion Apple devices vulnerable.
Apple temporarily disabled the Apple Watch Walkie-Talkie app after discovering a vulnerability that allowed users to listen in on another person’s iPhone calls without their knowledge.
The app will stay installed on devices, although it won’t work until Apple issues a fix.
Zoom conference calls are as much of a part of modern office working life as disagreements about the air-con system.
But security researcher Jonathan Leitschuh recently stumbled upon something extremely concerning. As discovered by Leitschuh, Zoom featured a vulnerability that allowed hackers to break into a target’s Mac webcam. This happened regardless of whether the Mac user was using Safari, Chrome or Firefox.
Fortunately, Zoom has, well, zoomed to correct it.
Google’s Project Zero team has discovered a “high severity” flaw in the macOS kernel.
The issue, which potentially allows attackers to perform malicious actions on a mounted filesystem, was reported to Apple more than 90 days ago. No fix has been made available yet, but Apple has acknowledged the issue and is working with Project Zero on a patch.
A security researcher has decided to provide Apple with details — and a patch — for a serious Keychain flaw in macOS Mojave that allows anyone to access your saved usernames and passwords.
Linus Henze previously withheld the information in protest of Apple’s decision not to offer a macOS bug bounty program. He now believes the problem is too serious for the company to ignore.
Many businesses choose to spend more on Apple smartphones and computers because they’re supposed to be safer than more affordable alternatives running Android or Windows. But they’re not completely bulletproof.
Researchers have discovered a worrying flaw in one Apple service that allows hackers to steal business passwords from macOS and iOS devices.
Apple’s rock-solid supply chain might be churning out new Macs that are already hacked.
Getting a brand new Mac usually means you’re getting the freshest, most bug-free system possible, but security researchers have discovered that there’s a way to hack brand new Macs before they’ve even been turned on.
Apple has rolled out a fix for a massive security flaw in macOS High Sierra.
The issue, disclosed on Tuesday, allows anyone to gain administrator access to your Mac without your login password. Apple asks users to install its latest update “as soon as possible.”
Apple rolled out its latest iOS 10.3.3 update on Wednesday, and you should install it as quickly as possible if you haven’t already.
This release fixes a serious vulnerability in the Wi-Fi chips used in iPhone, iPad, and iPod touch, which allows an attacker to remotely take control of your device over a wireless network.
WikiLeaks founder Julian Assange has vowed to give technology firms like Apple access to the CIA’s “cyberweapons” arsenal so they can develop fixes that make our devices more secure.
Earlier this week, thousands of leaked documents and files revealed the full extent of the CIA’s cyber attacks on smartphones, computers and even smart TVs. WikiLeaks says the spy agency has lost control of it all in a “historic act of devastating incompetence.”
Dozens of popular iOS apps are vulnerable to spilling your sensitive data through silent “man-in-the-middle” attacks, according to a reliable mobile security expert.
During testing, Will Strafach, one of the first to hack open the iOS platform, found 76 apps that were guilty of accepting invalid certificates that could be used to intercept data.
If you haven’t already installed Apple’s latest iOS 10.1 update, do it now. Thanks to a vulnerability in earlier release of its software, it’s possible for your iPhone, iPad, or iPod touch to be hacked using only a malicious JPEG image or PDF file.
If you haven’t already installed Apple’s latest round of software updates, go do it now.
A flaw in earlier versions of iOS, OS X, tvOS and watchOS makes it possible for hackers to remotely steal saved passwords from your Apple devices without your knowledge.
A worrying flaw uncovered in Google Chrome makes it even easier for pirates to download movies and TV shows from the web. Google was made aware of the issue a month ago, but the company is yet to release an update that fixes it.
Sloppy coding in some popular iOS games allows hackers to give themselves and others thousands of dollars’ worth of in-app purchases for free.
The hole was discovered by developers at DigiDNA, creator of a backup tool called iMazing that allows iPhone and iPad users to access their devices’ hidden file systems. The developers found that the app backup/restore feature in iMazing 1.3 exposes weaknesses in the way games like Angry Birds 2 and Tetris Free handle in-app purchases.
To demonstrate how easy it is to hack in-app purchases using this method, the DigiDNA team tweaked Angry Birds 2 to start the game with 999,999,999 gems — the equivalent of $10,000 of in-game credits.
A significant security flaw affecting OS X Yosemite hasn’t been fixed as previously thought, according to a former NSA staffer.
The flaw, known as Rootpipe, is said to have existed since 2011, and could allow an attacker to gain full control of another user’s Mac without requiring authentication.
With reports that it can break elements of Touch ID, there are plenty of reasons to consider not upgrading to iOS 8.3, the latest version of Apple’s mobile OS.
But here’s a very good reason to: according to security researchers, the update fixes a vulnerability which has the potential to render your iPhone almost useless.
1Password by AgileBits is a an incredible tool for keeping your data safe. More than just a password manager, 1Password allows you to encrypt and organize a wide range of data (website passwords, non-web digital accounts, credit/debit card numbers and financial account details, software licenses, and files containing confidential information.
Those features are all well and good, but the biggest feature is 1Password’s ability to keep all that data secure in the face of brute force attacks – the kind of attacks where a piece of software simply tries combination after combination of possible passwords. Password cracking software that rely on such attacks can easily try thousands of potential passwords each second.
To find out whether or not 1Password can withstand such attacks, AgileBits tested one 1Password against John the Ripper, one of the most well-known password cracking tools.
AT&T is one of 48 carriers worldwide which have a network vulnerability that allows hackers to intercept cellular data and inject malicious content into the traffic that passes between smartphones and the websites they visit. The flaw can be used to transfer code to unencrypted pages which causes a user to perform unintended actions, like sending messages or friend requests from Facebook and Twitter. And your iPhone may be vulnerable.
Apple’s operating systems and its software are generally believed to be the best available in terms of security and stability, but a new report from Trend Micro reveals that’s a huge misconception… at least in recent months. In fact, the Cupertino company suffered more vulnerabilities during the last quarter than rivals like Oracle, Google, Adobe, and even Microsoft.
Still enjoying Apple’s latest operating system on your Mac? With over 250 new features for $29.99, most of us couldn’t be happier with the upgrade… until we find out that our Macs are now at risk from a major vulnerability in OS X Lion.
A group of hackers have discovered a vulnerability with Apple’s Dev Center which leaves the site open to phishing scams. Unless Apple fixes it soon, users could find themselves unknowingly redirected to malicious websites that attempt to steal their credentials.
