A massive data breach dubbed db8151dd has exposed the records of 22M people – including addresses, phone numbers, and social media links. But the source of the data is a mystery …
Exploit acquisition platform Zerodium has shared that it has an oversupply of a few types of iOS and Safari flaws, to the point that it has stopped taking submissions from researchers for the “next 2 to 3 months.”
Update: Intel comment added at end.
No fewer than seven serious Thunderbolt security flaws have been discovered, affecting machines with both standalone Thunderbolt ports and the Thunderbolt-compatible USB-C ports used on modern Macs.
The flaws allow an attacker to access data even when the machine is locked, and even when the drive is encrypted …
Free Zoom accounts will get three more security features on May 9 as the company continues its efforts to boost privacy protections and fight abuse like Zoom-bombing …
Apple has made great progress over the years in protecting its customers against two big risks: theft of their Apple devices, and exposure of their personal data.
Activation Lock was introduced in 2013 and made it impossible for a thief to restore an iPhone or iPad to factory settings without the Apple ID credentials of its owner, or proof of purchase. Apple’s T2 chip did the same job for Macs as of 2018.
But while that’s great for protecting data, and making Apple devices far less appealing targets to thieves, there is a big downside …
Apple’s lawsuit against virtualization company Corellium has taken a surprising turn, as the Department of Justice claims that photos Apple wants to introduce into evidence may have ‘national security concerns.’
The DOJ wants Apple to hand over the photos before introducing them into evidence so that it can examine them before deciding whether the government has an interest in the case …
Update: Zoom 5.0.0 is finally landing today, after initially being promised for April 22. It hasn’t yet shown up in all app stores, but should do so shortly.
Zoom security and privacy has been boosted with the addition of no fewer than nine new features in the latest update, Zoom 5.0 …
Last week saw contradictory claims about iPhone Mail vulnerabilities, with a security company claiming that they had been exploited in real-world attacks, and Apple stating that it can find no evidence of this.
Two leading security researchers have now weighed in on this, agreeing with Apple on one point, while stating it remains possible that the bugs have been exploited …
A security company which discovered iPhone Mail vulnerabilities claimed that they have been ‘widely exploited’ in real-world attacks. Apple has now denied this claim, stating that it could find ‘no evidence’ that the exploits have been used.
Additionally, it says that the vulnerabilities in question cannot bypass iPhone and iPad security safeguards …
A new potentially serious software vulnerability has been discovered in iOS 13 that works via the default Mail app on iPhone and iPad. The security group ZecOps (via Motherboard) says that one of the two vulnerabilities is a zero-click exploit (no user interaction needed) that can be performed remotely.
An iOS 12 exploit has reportedly reemerged, being used by a group of hackers in China known as the “Evil Eye.” The latest Insomnia exploit gives attackers root access to iPhones running iOS 12.3 to 12.3.2.
Police, consumer organizations and Internet security companies are warning about an increasing number of coronavirus scams, as the FBI says cybercrime reports are up 400% …
Given the demographic of Apple customers, it’s no surprise to learn that they are the most common phishing target.
A new security report found that a full 10% of all phishing attempts were trying to get hold of Apple ID credentials, ahead of Netflix at 9% and a surprising third choice …
Popular videoconferencing service Zoom will shortly allow paying subscribers to opt out of Chinese servers when routing calls …
Zoom has created a security advisory council to help conduct a detailed review of its apps, with Alex Stamos as one of its members. Stamos was Facebook’s chief security officer from 2015 to 2018, and now researches and teaches on ‘the misuse of technology’ at Stanford …
The Taiwanese government has made the decision to ban the use of Zoom over security concerns. The German government hasn’t gone quite that far, but the country’s foreign ministry has barred it from government computers and heavily restricted any use of the service …
Over the last few years, Facebook has had a slew of privacy and security blunders and more details about one of them have come to light through a new court filing as the social media company is suing the spyware company NSO Group. It turns out Facebook tried to buy controversial government spyware to monitor iPhone and iPad users.
It seems hardly a day can go by without more Zoom vulnerabilities being discovered – with not just one but two more being revealed today …
A white-hat hacker was able to hijack iPhone cameras using a chain of three vulnerabilities he discovered. The same approach would also work with the cameras on Macs.
Ryan Pickren disclosed the vulnerabilities to Apple in December of last year. The company fixed the most serious of them in January, and the rest last month.
The approach relied on an exception to the normal privacy requirement for apps to seek permission for camera or microphone access…
Recent Apple MacBooks have included an aggressive security feature that disconnects hardware microphones when the lid is physically closed. The feature is designed to prevent eavesdropping on compromised hardware.
Starting with the recently introduced 2020 iPad Pro, Apple is bringing the same privacy feature to iPads.
After writing an apology note earlier today, fixing two serious Mac flaws, and detailing a plan to improve its security, privacy, and transparency moving forward, Zoom has also fixed its “malware-like” installer with the latest macOS update.
Zoom penetration tests have been commissioned by the popular videoconferencing service after a series of security and privacy issues were found in the company’s mobile and desktop apps.
Zoom’s problems have been a messy mixture of poor communication, sketchy marketing, rule-breaking, and actual security holes …
Zoom, the popular video call service has had a number of privacy and security issues over the years and we’ve seen several very recently as Zoom has seen usage skyrocket during the coronavirus pandemic. Now two new bugs have been discovered that allow hackers to take control of Macs including the webcam, microphone, and even full root access.
As reported by The Intercept, the Zoom video conferencing app offers options for end to end encryption in its UI (and in its marketing materials) but the calls are not actually end-to-end encrypted at all.
The Zoom video app is bursting into the public consciousness this year as the coronavirus causes most people to work from home. However, the security of the app has come under fire in many ways. In this instance, it turns out Zoom calls are only encrypted in transmission. This means the central Zoom servers could decrypt the incoming calls and see all participants if the company wanted to.