Security

Apple Intelligence privacy is stronger than that of any other AI company, but even its security protections aren’t perfect once ChatGPT gets involved.

That’s the argument made by the security chief at Inrupt, the privacy-focused company co-founded by the inventor of the world wide web, Tim Berners-Lee …

An attacker has obtained the phone numbers of 33 million users of the popular 2FA security app Authy, exposing them to an increased risk of phishing attacks.

Developer Twilio has confirmed the claim, and asked customers to take two precautions …

Millions of iOS and macOS apps have been exposed to a security breach that could be used for potential supply-chain attacks, says an ArsTechnica report based on research by EVA Information Security. The exploit was found in CocoaPods, an open-source repository used by many popular apps developed for Apple platforms.

Some Wise customer data was likely to have been obtained by the hackers behind the Evolve data breach back in May.

Multiple additional fintech firms may also be affected by the cybersecurity attack, and it’s possible that personal data may be leaked if companies refuse to give in to ransom demands …

If there’s one type of company you definitely don’t want to see left vulnerable to hackers it’s an identity verification service with access to photo ID documents like driver’s licenses – but that’s exactly what appears to have happened with AU10TIX.

The cybersecurity company’s past or present clients include PayPal, Coinbase, X, TikTok, Uber, LinkedIn, Upwork, and Fiverr …

We’ve seen carriers and the FTC work to reduce the problem of robocalls in recent years but imposter calls remain a top scam. Want to protect yourself and your family? Incogni makes removing your personal information from the web and blocking spam calls easy.

Apple has fixed a Vision Pro bug which would have allowed a website to fill your room with an unlimited number of virtual 3D objects. Those objects – flying bats in the proof of concept – would then persist even after you quit Safari.

The bug was discovered by a cybersecurity researcher who says Apple took a lot of care to protect against this type of exploit, but it forgot one thing …

Both the EU and Australia have backed down on separate proposals to force tech companies to carry out CSAM scanning within messaging apps, which would have meant breaking end-to-end encryption.

It’s the latest development in the ongoing battle between tech companies and politicians who don’t understand how encryption works …

Following up on advanced sharing options landing for Proton Drive last week, the company is out with its latest update today for iOS users. Its end-to-end encrypted Proton Drive app for iPhone now offers automatic photo and video backup to securely store and protect your most important memories.

Notorious threat actor IntelBroker, who previously claimed responsibility for other high-profile data breaches, including those of U.S. government systems in April, allegedly leaked the source code of several internal tools used at Apple via a post on a dark web forum.

Apple Intelligence privacy is a key differentiator for the company’s own AI initiative, with the company taking a three-step approach to safeguard personal data.

But Apple says we won’t have to take the company’s word for it: It is taking an “extraordinary step” to enable third-party security researchers to fully and independently verify the privacy protections in place …

Today at WWDC 2024, Apple introduced a slew of new iPhone features that will be available on all compatible devices later this Fall. While Apple Intelligence and enhanced customization were among the most heavily showcased, iOS 18 will also introduce some nice new privacy features, including improved Contacts permissions, the ability to lock and hide apps, Private Cloud Compute, a standalone Passwords app, and more.

Microsoft Recall sounded like a very cool idea, but was very quickly revealed to be a security disaster. Instead of helping you recall everything you’ve done on your Windows PC, it was found that it could easily help a hacker do the same.

However, as much as the company messed-up the implementation, I do think there’s mileage in the concept, and if there’s one company I’d trust to do it with proper privacy protections, it’s Apple …

A Frontier hack exposed the personal data of at least 750,000 customers, including full names and social security numbers, which places them at significant risk of identity theft. The ransomware group said to be behind the attack claims that the actual number is two million.

The company has now notified the customers it believes to have been impacted by the security breach, but waited almost two months to do so …

Kaspersky, the renowned Russian cybersecurity firm, made headlines at this time last year after uncovering an attack chain using four iOS zero-day vulnerabilities to create a zero-click exploit. Kaspersky was able to identify and report one of the vulnerabilities to Apple. However, in an unfortunate update, Apple reportedly refuses to pay the security bounty for the firm’s contribution.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

One of the things we’re expecting to be announced next week is a ‘new’ Apple Passwords app on iPhone, iPad, and Mac – a move we’ve suggested on more than one occasion.

For 9to5Mac readers, this will bring one small but worthwhile benefit. The really big impact, though, will be with non-techies …

Historically, Apple has been hesitant to commit to solid timelines of how long it will support its devices with security and software updates. Now, thanks to a particular UK legal requirement, that has changed. And what the company is promising on paper is surprisingly less than what Samsung and Google commit to—but that’s not the full story.

Over the last few years, Apple has built a reputation for being strong on user privacy. Its marketing likes to emphasize this point often as a way of distinguishing the company from its competitors.

Interestingly though, a new discovery reveals that the just-released M4 iPad Pro includes a new security feature that Apple hasn’t told anyone about.

After reports of deleted photos resurfacing years later following the installation of iOS 17.5, Apple released iOS 17.5.1 last week to address the issue. But what caused it in the first place? Thanks to some clever reverse engineering by researchers, we have a glimpse at the rare bug responsible.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.