Author

Avatar for Arin Waichulis

Arin Waichulis

arinwaichulis

Arin Waichulis is a security writer for 9to5Mac and the Director of Social Media for the 9to5 family of sites (9to5Mac, Electrek, 9to5Google, DroneDJ, Space Explored, 9to5Toys).

Follow Arin below.

Connect with Arin Waichulis

Security Bite: X quietly adds option to keep its third-rate AI product Grok from scraping your posts and interactions

X now scrapping posts to train Grok AI

Heads up! Elon Musk’s social platform X (formerly Twitter) has quietly added an opt-out toggle to keep its AI chatbot Grok from data scraping your posts, as well as any interactions you have with it. The setting to allow data for training is enabled by default and buried only within the web version of X. Here’s how to find it…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: North Korean hackers impersonate job recruiters to target Mac users with updated BeaverTail malware

apple security release page

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Security researchers have identified an attempt by state-sponsored hackers from North Korea (DPRK) to target Mac users with infostealer malware through a trojanized meeting app.

Once infected, the malware would establish a connection between the Mac and the attacker’s command and control (C2) server to exfiltrate sensitive data like iCloud Keychain credentials. It was also found to quietly install the remote desktop application AnyDesk and keylogging software in the background to take over machines and collect keystrokes.

Expand Expanding Close

Security Bite: Mac Malware wreaking the most havoc in 2024

apple security release page

It is a long-standing misconception that Macs are impervious to malware. This has never been the case. And while Apple might secretly hope people continue the preconceived notion, Mac users continue to be caught off guard by cybercriminals whose attack methods are becoming increasingly sophisticated. Below, you’ll find the most common macOS malware strains in 2024…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Meta will start using your data to train its AI next week, but you may be able to opt out

Meta AI data

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

As Meta ramps up its efforts to stay competitive in an industry dominated by artificial intelligence, users are becoming increasingly concerned after a significant update to its privacy policy. Beginning June 26, if you post or interact with chatbots on Facebook, Instagram, Threads, or WhatsApp, Meta may use your data to train its generative AI models–but you may be able to opt out depending on where you live.

Expand Expanding Close

iOS 18 includes these new privacy features: Lock and hide apps, improved contact permissions, more

iOS 18 Private Cloud Compute

Today at WWDC 2024, Apple introduced a slew of new iPhone features that will be available on all compatible devices later this Fall. While Apple Intelligence and enhanced customization were among the most heavily showcased, iOS 18 will also introduce some nice new privacy features, including improved Contacts permissions, the ability to lock and hide apps, Private Cloud Compute, a standalone Passwords app, and more.

Expand Expanding Close

Security Bite: Apple refused to pay bounty to Kaspersky for uncovering vulnerability part of ‘Operation Triangulation’

Apple breached PERM rules | Drone shot of Apple Park campus

Kaspersky, the renowned Russian cybersecurity firm, made headlines at this time last year after uncovering an attack chain using four iOS zero-day vulnerabilities to create a zero-click exploit. Kaspersky was able to identify and report one of the vulnerabilities to Apple. However, in an unfortunate update, Apple reportedly refuses to pay the security bounty for the firm’s contribution.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Here’s the iOS 17.5 bug that resurfaced deleted photos

apple security release page

After reports of deleted photos resurfacing years later following the installation of iOS 17.5, Apple released iOS 17.5.1 last week to address the issue. But what caused it in the first place? Thanks to some clever reverse engineering by researchers, we have a glimpse at the rare bug responsible.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Apple updates Platform Security guide with first-ever details on App Store security, BlastDoor, more

apple platform security

Apple this week updated its Platform Security guide, which contains in-depth technical information on security features implemented in its products. First released in 2015, the latest update adds six new topics, including first-ever details on BlastDoor 0-click protection and App Store security.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Here’s what malware your Mac can detect and remove

macos mac malware

Ever wonder what malware macOS can detect and remove without help from third-party software? Apple continuously adds new malware detection rules to Mac’s built-in XProtect suite. While most of the rule names (signatures) are obfuscated, with a bit of reversing engineering, security researchers can map them to their common industry names. See what malware your Mac can remove below!


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Did Apple just declare war on Adload malware?

apple security release page

Following the release of new betas last week, Apple snuck out one of the most significant updates to XProtect I’ve ever seen. The macOS malware detection tool added 74 new Yara detection rules, all aimed at a single threat, Adload. So what is it exactly, and why does Apple see it as such an issue?


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Cybercriminals take advantage of Apple Store Online’s third-party pickup

apple store third party pickup order

At this year’s annual hacking conference, Black Hat Asia, a team of security researchers revealed how cybercriminals are sneakily using stolen credit cards and Apple Store Online’s ‘Someone else will pick it up’ option in a scheme that has stolen over $400,000 in just two years.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: iCloud Mail, Gmail, others shockingly bad at detecting malware, study finds

email service providers security malware attachments

Email security today has many shortcomings. It is widely known that email service providers cannot prevent every suspicious email from being received. However, a new study by web browser security startup SquareX reveals how little companies are doing to block malicious attachments and protect users.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: This GTA 6-disguised macOS malware performs heist on Keychain passwords

macos malware gta6 security

During an analysis of various splinter samples of a noteworthy macOS stealer, security researchers at Moonlock discovered one with an alarming level of sophistication. Under the disguise of the unreleased video game GTA 6, once installed, the malware executes rather clever techniques to extract sensitive information, such as passwords from a user’s local Keychain.

In typical Security Bite fashion, here’s the breakdown: how it works and how to stay safe.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Here’s why Apple is being vague with iOS 17.4.1 details

Apple iOS 17.4.1 security fixes

Update: Apple released details on the security patches for iOS 17.4.1, iPadOS 17.4.1, visionOS 1.1.1, as well as macOS 14.4.1. They all patch an integer overflow vulnerability in two separate frameworks. Apple didn’t say whether it was being actively exploited. More details can be found here.

Last week, Apple released iOS 17.4.1 with rather vague release notes claiming to include important bug fixes and security patches. Two days later, the company has yet to add any specifics. This is unusual for Apple, which typically lists critical security patches hours after a release and suggests that the ones in iOS 17.4.1 could be significant or something else entirely…

Expand Expanding Close

Security Bite: Hackers breach CISA, forcing the agency to take some systems offline

CISA - US Cybersecurity Agency

CISA says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrastructure.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

LastPass suffers worldwide outage causing site 404 error

LastPass system outage - down for users

Update: LastPass told 9to5Mac that a product release caused the outage. Details below.

It’s not just you. LastPass, the popular password manager used by over 33 million people, suffered from widespread downtime this morning. It only appeared to affect users visiting the service’s main website, who were quickly presented with “404 Not Found” error messages.

Expand Expanding Close

Security Bite: Self-destructing macOS malware strain disguised as legitimate Mac app

mac security malware apple

Security researchers at Moonlock, the relatively new cybersecurity wing of MacPaw, have detected a new strain of macOS malware disguised as a legitimate Mac app that can destroy itself in certain conditions. At its worst, it can unknowingly extract cookies from Safari and Chrome, contacts from Address Book, and passwords from installed password managers. Meet Empire Transfer…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Jamf warns cyber hygiene among many Apple-using businesses is ‘abysmal’

Hey, Arin here. Last week was the busiest for security so far this year. We saw an unprecedented offensive on the LockBit ransomware gang; Apple moved to make iMessage future-proof with quantum computer protection, and the topic of this week, Jamf’s new report highlighting some alarming statistics around Apple-using businesses. So, grab your drink of choice. Let’s get into it…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: What exactly does Vision Pro share about your surroundings?

apple security release page

Last week, Apple finally released an in-depth Vision Pro and visionOS data privacy overview. While it was arguably something that the company could’ve been available at launch, it helps explain what precisely the spatial computer collects from our surroundings and sends to third-party applications, and more…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Ransomware payments hit record $1.1 billion in 2023 despite previous year’s decline

Vulnerability in iTunes and iCloud allowed ransomware on Windows PCs

It was a landmark year for ransomware in 2023 and a well-publicized one following the MOVEit and MGM Resorts beaches that shook the security industry. Not only did threat actors collectively pocket a record-breaking $1.1 billion from victims, but a new report highlights how the scope and complexity of these attacks are becoming increasingly concerning.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: Use these iPhone privacy and security features in iOS 17.3, more

iOS 17 iPhone security and privacy features

Last week on Security Bite, I discussed a vulnerability in Stolen Device Protection, a newly added security feature in iOS 17.3. Vision Pro has since hit the market and has been dominating the headlines. This Sunday, I wanted to give your feed fresh air and discuss some of my favorite security and privacy features as of iOS 17.3. Admittedly, this will also give me more time to poke around at Vision Pro’s privacy and security protections in the real world.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Security Bite: iPhone’s Stolen Device Protection has a fatal flaw, but you can fix it

Stolen Device Protection for iPhone

Last week, Apple released iOS 17.3 with a new security feature called Stolen Device Protection, which aims to help protect your data in case a thief has stolen your iPhone and obtained the password. However, there’s one flaw that you should be aware of…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close