Privacy

The Federal Trade Commission (FTC) has responded to a series of massive Marriott and Starwood data breaches, ordering the companies to make no fewer than 13 changes to ensure it can’t happen again.

More than 344 million customers were impacted by three separate security breaches, which revealed personal data that included credit card details and passport information …

A report over the weekend suggested an Apple smart home doorbell with support for Face ID is in development. It follows an earlier report of an Apple smart home camera next year.

While it could be argued that both are commodity products, and that Apple’s most important contribution is the HomeKit platform rather than the hardware, there seems little doubt about the opportunity here …

The most popular home internet router brand in the US may be banned from sale in the country over fears that it represents a threat to national security.

Three separate US agencies have opened investigations into TP-Link routers, which account for 65% of the US market, in part because badged versions are supplied to customers by more than 300 ISPs …

Amnesty International says a security vulnerability in HomeKit was used to target iPhones belonging to Serbian journalists and activists.

The civil rights organization conducted an investigation after Apple notified two of the victims that their devices had been compromised by Pegasus spyware …

An official government report has concluded that the Trump-era Department of Justice (DOJ) did not obtain the required authorizations before demanding customer call and message data from Apple and others.

It also failed to obtain authorization from the Attorney General before imposing a gag order on Apple, preventing it from disclosing the fact that it had been forced to hand over the personal data …

Thousands of CSAM victims are suing Apple for dropping plans to scan devices for the presence of child sexual abuse materials.

In addition to facing more than $1.2B in penalties, the company could be forced to reinstate the plans it dropped after many of us pointed to the risk of misuse by repressive regimes …

A newly-released app lets you regularly scan your iPhone for Pegasus spyware – which can access almost all the data on a phone – for a one-off cost of just one dollar.

A mobile security firm created the app, which allows you to scan your iPhone or Android phone and send the results to them for analysis – and they’ve so far detected seven phones infected by the spyware …

Popular video conferencing platform Zoom agreed to pay $85M in compensation back in 2021 after it was revealed that the company lied to users about the type of encryption it offered. It has now offered to pay an $18M fine to the Securities & Exchange Commission (SEC) in order to settle an investigation into the same security and privacy issue.

Zoom disclosed the offer in a regulatory filing …

Some six years after virtual private network company NordVPN started searching data breaches for the most-used passwords, things are every bit as bad as when the company started.

Each year, the company searches the dark web for passwords stolen by malware or exposed in security breaches to determine the most commonly-used passwords, and this year’s crop is as depressing as ever …

Earlier this week Ming-Chi Kuo suggested that we’ll see an Apple smart home camera in 2026, with the company confident it will prove to be a popular accessory, selling in the tens of millions per year.

Given Apple’s habit of minimizing the number of products it makes, if the report is accurate the company must feel there’s good reason to enter a crowded product category, and I think an Apple camera will likely differentiate itself in two ways: privacy, and Apple Intelligence …

A UnitedHealth hack exposed the personal information and health data of more than 100M Americans – the first time the company has put a specific number on the security breach.

A ransomware attack was made on Change Healthcare back in February, but it was only yesterday that the company revealed its “unprecedented magnitude” …

Apple Intelligence is launching later this month, bringing a first wave of AI features to your iPhone, iPad, and Mac. But as with all AI technology, the matter of privacy is a key one to pay attention to. How does Apple Intelligence handle user privacy? Here’s what you should know.

One of the new features of iOS 18 and macOS Sequoia is iPhone Mirroring – but using this with a personal iPhone on a work Mac currently creates a privacy risk for employees, and a legal risk for businesses.

The problem, as cybersecurity company Sevco discovered, is that apps on the iPhone get treated as Mac apps, and that means their presence is included in corporate IT audits …

It was revealed this weekend that Chinese hackers managed to access systems run by three of the largest internet service providers (ISPs) in the US.

What’s notable about the attack is that it compromised security backdoors deliberately created to allow for wiretaps by US law enforcement …

A MoneyGram hack has seen an attacker obtain the personal data of an unknown number of the company’s 50 million money transfer users.

A separate hack of a debt collection company has seen personal data obtained for more than 200,000 Comcast customers, despite previous assurances that this was not the case …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

I’m in the midst of traveling to Ukraine this week for OFTWv2.0, and I can’t help but think about the comments on last week’s edition of Security Bite defending the VPN apps that still exist on the App Store in Russia. While almost every app from legitimate providers in the country has been removed, Russian users can still find a surplus of VPN options claiming to offer secure encryption and private browsing. The only question being–really?

Some developers yesterday argued that a change to iPhone contact privacy in iOS 18 made it harder for new social media apps to compete.

But I think they’re wrong, and that the more granular privacy control offered in iOS 18 actually makes it more likely that we’ll be willing to grant contacts access to apps …

iOS 18 is full of big, headline changes like new customization tools, upgrades to Photos, Notes, and Messages, and the forthcoming Apple Intelligence features. But one smaller update is causing a lot of concern for social apps, and it’s a change designed to protect user privacy.

A succession of T-Mobile data breaches saw millions of customers have their personal data exposed. The company has now been fined $15.75M, and has agreed to spend the same amount again on upgrading its security.

The Federal Communications Commission (FCC) says that the combination of fine and promised security enhancements represents a model for future handling of such incidents …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Since Russia’s full-scale assault on Ukraine, Apple has significantly scaled back its operations in the country. It has since suspended all product sales and limited certain services, such as Apple Pay. Despite this, Apple continues to operate a full-fledged App Store in Russia. However, it’s now facing worthy criticism for complying with Russian government requests to remove VPN apps to adhere to local regulations–censorship.

Apple has improved iPhone security and privacy with iOS 18. One of the valuable new features is the ability to require Face ID for individual apps as well as putting them in a hidden folder. Read along for how to lock and hide apps on iPhone in iOS 18.