Around 20 members of the Lighthouse team are now working at Apple, according to a new report.
The hires, which include two company co-founders, come after Apple acquired a bunch of Lighthouse’s home security patents earlier this month. An email sent to customers this week requested permission to transfer security camera data with Apple.
It’s time to change your Facebook and Instagram passwords again.
Facebook revealed today that it unknowingly stored hundreds of millions of passwords in a readable format on its internal storage systems. There’s no information yet that the passwords were accessed by any nefarious people, but you should probably update yours, just in case.
Apple is one of a larger number of big companies that has been inadvertently leaking sensitive data through Box, the cloud storage service.
Security researchers found that staff were exposing data by sharing public links to files and documents that can be easily discovered. It’s thought more than 90 companies, including Box itself, are affected.
Google’s Project Zero team has discovered a “high severity” flaw in the macOS kernel.
The issue, which potentially allows attackers to perform malicious actions on a mounted filesystem, was reported to Apple more than 90 days ago. No fix has been made available yet, but Apple has acknowledged the issue and is working with Project Zero on a patch.
A security researcher has decided to provide Apple with details — and a patch — for a serious Keychain flaw in macOS Mojave that allows anyone to access your saved usernames and passwords.
Linus Henze previously withheld the information in protest of Apple’s decision not to offer a macOS bug bounty program. He now believes the problem is too serious for the company to ignore.
What’s the very first app you should download onto a brand new iPhone?
The first app you get should be Dashlane, a rock-solid, easy-to-use password manager that is Cult of Mac’s official security app.
When you start from scratch, you face a big problem — passwords! Dashlane solves that.
Apple’s fix for the huge FaceTime flaw that allowed people to eavesdrop on other iPhone and iPad users is finally here.
iOS 12.1.4 was released to the public this morning, bringing a crucial fix for the bug found by a 14-year-old boy who tried to contact Apple for 10 days before the company eventually clued in on the huge flaw.
Facebook CEO Mark Zuckerberg has confirmed plans to merge WhatsApp, Instagram, and Facebook Messenger — but says it probably won’t happen until 2020 at the earliest.
In a fourth-quarter earnings call this week, Zuckerberg also explained the reasons behind the plan, such as increased security with end-to-end encryption. Many questions still remain unanswered, however.
You know the Apple FaceTime bug that everyone’s going crazy about? It’s a huge screwup, for sure, but at least we know it’s just a bug. Being able to call someone and eavesdrop on their conversations without them knowing is clearly a privacy nightmare, which is why Apple disabled Group FaceTime until it can issue a proper fix.
Amazon, on the other hand, offers silent eavesdropping as a feature for its Echo speakers. It’s called Drop In, and if you’ve enabled it, you should probably turn it off.
Apple was made aware of a serious flaw in FaceTime over a week ago and ignored it, one user claims.
The bug, which allows callers to see and hear you before you’ve answered a Group FaceTime call, has forced Apple to disable the feature this week. But why wasn’t it recognized earlier?
Whenever you click a link in a Google search, it replaces the URL of the site with a tracking URL. If you hover over a link with your mouse before you click it, Safari will show you the full URL of that link. It’s a great way to check where you’re about to get sent. Google plays along with this, showing you the proper URL for the link in question.
Only when you actually click on it, it swaps out that link, replacing it with its own tracking link.
Fortunately, there’s a way to block this sneaky, underhanded and totally unsurprising behavior.
You know how iOS’ accessibility features often prove handy for all users? Like Live Listen, which lets you turn your AirPods into remote listening devices? Or a combo of settings that resurrects an iPhone with a broken screen?
The same is true for Screen Time. This feature tracks how long you spend using apps every day, and can help you limit that time. But you can also use Screen Time to password-protect any app on your iPhone or iPad.
This post is presented by Dashlane.
Christmas season used to mean spending days dashing between stores to rack up presents for loved ones. Now it means buying online from people and companies all over the country, maybe even the planet.
Online shopping is the norm now, so protecting your credit card information involves more than covering the keypad as you enter your PIN at the cashier’s stand. To avoid losing your payment information this shopping season, the best line of defense is a good password manager.
The iPad’s main trick is that it disappears when you launch an app. Fire up a piano app, and your iPad becomes a piano. Launch YouTube and it turns into a TV for pacifying children. This is part of the magic of the iPad, but it’s not quite perfect. Kids can easily leave YouTube and start reading your sexts instead. And a musician might accidentally trigger a gesture while playing on those virtual piano keys, finding themselves back at the home screen in the middle of a performance.
What you need is kiosk mode, aka Guided Access. This locks the iPad into a single app, and disables the hardware buttons. And it’s equally good for keeping you in one app, or keeping people out of all the others.
If you’ve upgraded to iOS 12.1 already, you might want to be careful about where you leave your iPhone. It turns out that a new lock screen flaw lets anyone access your contacts without your passcode. The video below shows you how it’s exploited.
Tapping into a Mac’s microphone is about to get a lot harder for hackers thanks to Apple’s new T2 chip.
Apple didn’t dedicate much time to its new T2 chip during today’s ‘More in the Making’ keynote, but the company’s newest security guide gives an in-depth look at the chip. Not only is it designed to prevent MacBook Air users from getting malware but it also makes it physically impossible for hackers to access your microphone when you’re most vulnerable.
Apple’s refreshed Privacy website is live, giving U.S. users the ability to download all of their data from Apple. The website explains how and why Apple products are “designed to protect your privacy.”
Apple stresses that “your data belongs to you” and insists that it never sells users’ info to advertisers or other organizations.
The website even gives users the ability to delete an Apple account — and all associated data — if desired.
Instagram has finally added proper secure authentication to its iPhone app. Previously, you could have Instagram send you a one-time login code via SMS every time you signed in. But SMS isn’t secure, making it relatively easy for people to hijack.
Now, you can use your favorite authenticator app — Google Authenticator, for instance — to generate a one-time code any time you need to sign in to Instagram.
One of the sources named in Bloomberg‘s recent report on alleged Chinese spy chips in motherboards used by Apple and other companies has cast doubts on the story.
Speaking on a podcast published this week, security researcher Joe Fitzpatrick said that the hardware implant approach described “doesn’t make sense.”
Instagram is starting to integrate more closely with Facebook when it comes to your personal location data.
The app is reportedly testing a new feature that would allow Instagram to share all of your GPS coordinates with Facebook without ever opening up the Facebook app. This would allow Facebook to gather more information on you so it can serve up more targeted ads and content, but that might piss off some Instagram fans.
Many businesses choose to spend more on Apple smartphones and computers because they’re supposed to be safer than more affordable alternatives running Android or Windows. But they’re not completely bulletproof.
Researchers have discovered a worrying flaw in one Apple service that allows hackers to steal business passwords from macOS and iOS devices.
Apple’s foolproof Face ID system looks like it has met its match.
Even though Face ID is supposed to faster on the iPhone XS and XS Max, it appears that the security system can be completely fooled by identical twins. If you’ve got a sibling doppelganger, you might want to just use a passcode.
Watch how ineffective Face ID is at distinguishing between these two:
One fantastic new feature of iOS 12 is that password manager apps can integrate into the built-in password autofill. You know how when you tap a password field in Safari, and it offers to fill the password in from your iCloud Keychain? It’s pretty handy right?
Now it can also serve up passwords form third-party apps like Dashlane and 1Password. And that’s not all.
iOS 12 adds the ability to share passwords via AirDrop, which is super-duper useful. Maybe you want to send your Netflix password to your spouse so you can watch a movie on his iPad, or maybe you need to share the password you just created for the local grocery delivery service.
In short, any situation in which you previously used a service like 1Password or Dashlane to show your password in large type so somebody else could copy it, you can now use AirDrop instead. Here’s how.
A top paid app in the Mac App Store has been revealed as stealing the browser histories of anyone who downloads and uses it.
Adware Doctor is among the top grossing paid apps in the App Store’s utilities category. According to a report by TechCrunch, Apple was warned about the data pilfering several weeks ago, although it has still not pulled the app.