Google’s Project Zero discovers ‘high severity’ flaw in macOS kernel

By

macOS High Sierra
Apple is said to be working on a fix.
Photo: Apple

Google’s Project Zero team has discovered a “high severity” flaw in the macOS kernel.

The issue, which potentially allows attackers to perform malicious actions on a mounted filesystem, was reported to Apple more than 90 days ago. No fix has been made available yet, but Apple has acknowledged the issue and is working with Project Zero on a patch.

Researcher provides Apple with details (and fix) for Keychain flaw

By

macOS Keychain
Apple still won't cough up a reward.
Photo: Killian Bell/Cult of Mac

A security researcher has decided to provide Apple with details — and a patch — for a serious Keychain flaw in macOS Mojave that allows anyone to access your saved usernames and passwords.

Linus Henze previously withheld the information in protest of Apple’s decision not to offer a macOS bug bounty program. He now believes the problem is too serious for the company to ignore.

Apple flaw lets hackers steal business passwords

By

The CIA has a team of more than 5,000 hackers.
Businesses beware.
Photo: Brian Klug/Flickr CC

Many businesses choose to spend more on Apple smartphones and computers because they’re supposed to be safer than more affordable alternatives running Android or Windows. But they’re not completely bulletproof.

Researchers have discovered a worrying flaw in one Apple service that allows hackers to steal business passwords from macOS and iOS devices.

Brand new Macs at risk of hacking during setup process

By

macOs Mojave
Your brand new Mac can be hacked really easily.
Photo: Apple

Apple’s rock-solid supply chain might be churning out new Macs that are already hacked.

Getting a brand new Mac usually means you’re getting the freshest, most bug-free system possible, but security researchers have discovered that there’s a way to hack brand new Macs before they’ve even been turned on.

WikiLeaks vows to share CIA ‘cyberweapons’ so tech firms can fix holes

By

Wikileaks'
Wikileaks' "Vault 7" data dump allegedly reveals CIA hacking tools used to compromise iPhones, Android phones and other devices.
Image: Gordon Johnson/Pixabay

WikiLeaks founder Julian Assange has vowed to give technology firms like Apple access to the CIA’s “cyberweapons” arsenal so they can develop fixes that make our devices more secure.

Earlier this week, thousands of leaked documents and files revealed the full extent of the CIA’s cyber attacks on smartphones, computers and even smart TVs. WikiLeaks says the spy agency has lost control of it all in a “historic act of devastating incompetence.”

By

iPhone 7 front
Be wary when using Wi-Fi.
Photo: Ste Smith/Cult of Mac