Security

iOS includes an iMessage security feature called Contact Key Verification (CKV) that gives users more certainty they’re messaging with the people they think they are. Follow along for what this feature is, how it works, and how to turn on Contact Key Verification on for iMessage.

An Android trojan called GoldDigger surfaced last year that can steal biometric data and more from victims to compromise their bank accounts. Now the threat has evolved into the GoldPickaxe trojan that can infect iOS and Android. Fortunately, there are several simple ways to protect against the first iPhone trojan, here’s what you should know.

iOS 17.5 has landed for everyone with several new user-facing features. And there are also 15 important security fixes that come with the update. Here are the full details on everything that’s been patched.

Apple this week updated its Platform Security guide, which contains in-depth technical information on security features implemented in its products. First released in 2015, the latest update adds six new topics, including first-ever details on BlastDoor 0-click protection and App Store security.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Proton has been building out its suite of software with new services like Proton Pass, an end-to-end encrypted password manager, and more. Now Proton Pass is more powerful than ever with what the company calls “Pass Monitor” which has four layers of identity and credential protection.

Ever wonder what malware macOS can detect and remove without help from third-party software? Apple continuously adds new malware detection rules to Mac’s built-in XProtect suite. While most of the rule names (signatures) are obfuscated, with a bit of reversing engineering, security researchers can map them to their common industry names. See what malware your Mac can remove below!

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Phishing scams are abundant and one of the latest we’ve seen is trying to convince Netflix customers their accounts have “expired” with an option to extend their membership for free for 90 days. Here are the details and tips on how to help friends and family stay safe.

Following the release of new betas last week, Apple snuck out one of the most significant updates to XProtect I’ve ever seen. The macOS malware detection tool added 74 new Yara detection rules, all aimed at a single threat, Adload. So what is it exactly, and why does Apple see it as such an issue?

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Two former Apple employees who worked for the company as cybersecurity researchers are now launching their own startup. Called DoubleYou, the startup is focused on helping creators of cybersecurity products protect iOS devices and Macs.

Proton is out with the latest upgrade for its users on a paid tier. Dark web monitoring is here to help you keep your online credentials as safe as possible with alerts when you need to update passwords due to data breaches and more. Here’s how it works.

At this year’s annual hacking conference, Black Hat Asia, a team of security researchers revealed how cybercriminals are sneakily using stolen credit cards and Apple Store Online’s ‘Someone else will pick it up’ option in a scheme that has stolen over $400,000 in just two years.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

One of the latest attacks on iPhone sees malicious parties abuse the Apple ID password reset system to inundate users with iOS prompts to take over their accounts. Here’s how you can protect against iPhone password reset attacks (often called “MFA bombing”).

Have you noticed your iPhone jump onto a WiFi network when you’re away from home without asking first? Or maybe you want to check what networks your iPhone is auto-joining? Follow along for how to turn off iPhone WiFi auto-join for public and carrier networks.

SIM swaps are one of the biggest security threats we face, allowing criminals to access most services protected by two-factor authentication. The situation could be about to get even worse, as we learn of an apparent large-scale attempt to bribe T-Mobile and Verizon workers to facilitate the swaps.

While new rules and security features are supposed to make these attacks harder to pull off, now would be an excellent time to ensure your accounts are protected by authenticator apps rather than text messages …

Considering a career change? The prices of zero-day hacking tools continue to rise. In a new pricing list published this week, spotted by TechCrunch, startup Crowdfense said that it will pay between $5 and $7 million for zero-days to break into iPhones.

Email security today has many shortcomings. It is widely known that email service providers cannot prevent every suspicious email from being received. However, a new study by web browser security startup SquareX reveals how little companies are doing to block malicious attachments and protect users.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

During an analysis of various splinter samples of a noteworthy macOS stealer, security researchers at Moonlock discovered one with an alarming level of sophistication. Under the disguise of the unreleased video game GTA 6, once installed, the malware executes rather clever techniques to extract sensitive information, such as passwords from a user’s local Keychain.

In typical Security Bite fashion, here’s the breakdown: how it works and how to stay safe.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

There are many known phishing attacks that target users of Apple devices to gain access to their Apple ID. However, a new “elaborate” attack uses a bug in the Apple ID password reset feature with “push bombing” or “MFA fatigue” techniques to flood Apple devices with password reset requests.

iOS 17.4.1 and macOS 14.4.1 have arrived for all users after the major iOS 17.4/macOS 14.4 updates. Now Apple has revealed what important security patches come with the latest updates for iPhone, Mac, and more.