| Cult of Mac

Apple offers up to $1.5 million to anyone who spots a software flaw


Apple offers up to $1.5 million to anyone who spots a software flaw
White hat hackers assemble!
Photo: United Artists

Spotted a vulnerability in Apple software, but not among Cupertino’s chosen developers tasked with seeking out bugs? No problem. As of today, Apple’s $1.5 million bug bounty program is available everyone who wants to participate. Previously, it was only open to a select few.

The bug bounty means people can earn up to 7-figures for finding weaknesses in Apple software. These could otherwise be exploited by nefarious hackers.

Apple: We’ve patched ‘many’ iOS vulnerabilities exposed by WikiLeaks


These apps' iOS widgets will give your iPhone superpowers.
Keep your iPhone up to date to ensure it's as safe as can be.
Photo: Gilles Lambert/Unsplash CC

Apple insists it has already patched “many” of the iOS vulnerabilities that were exposed in WikiLeaks’ CIA document dump Tuesday.

Cupertino says it is working to address any identified holes that weren’t already patched, and the company reminds fans that the software built for iPhone boasts the best data security available to consumers.

iOS and OS X bug lets attackers steal passwords from iCloud Keychain


Researchers cracked iCloud Keychain and bypassed App Store approval processes.
Photo: Faris Algosaibi/Flickr CC

A group of six university researchers claim to have successfully bypassed Apple’s tight App Store approval processes to publish Mac and iOS malware apps. According to the report, the team presented the zero-day vulnerability to Apple back in October 2014 and were told to keep quiet about it for at least six months.

Luyi Xing, a security researcher who helped expose the zero day vulnerability, still has yet to hear back from Apple on a possible fix.

Adobe Got Burned For Ending Legacy Support – Will The Same Thing Happen To Apple?


Adobe backpedals after demanding users upgrade to receive security patches
Adobe backpedals after demanding users upgrade to receive security patches

Last week, Adobe created a firestorm of user unrest when it issued a series of security bulletins impacting three applications of its Creative Suite and said that users must pay to upgrade to the latest versions of the apps if they wanted patches that would close the vulnerabilities.

The company was quickly besieged by users, technology professionals, and security experts demanding that it reverse course and offer security patches to users who couldn’t afford the upgrades (or didn’t want to spend the money). Even though company quietly backpedaled and announced it would offer security updates without acknowledging the reason for its about face or offering an apology, the gaffe raises concerns that Apple’s yearly OS X release cycle might lead it down a similar path.

Any Mac With A Firewire Port Running OS X Lion Can Be Hacked Within Minutes [Report]



OS X Lion is being hailed by many as the most secure operating system yet, not just from Apple, but in total. In particular, its FileVault encryption rewrite is being widely hailed as one of the most secure, low-overhead ways yet to keep your data safe.

But behind all the talk, there’s a huge security hole in OS X Lion that has been present at least since Snow Leopard. Any Mac with a Firewire port is vulnerable to it, and it’s so easy to exploit that any hacker with physical access to your computer can get your password within minutes.