Security

Today at WWDC 2024, Apple introduced a slew of new iPhone features that will be available on all compatible devices later this Fall. While Apple Intelligence and enhanced customization were among the most heavily showcased, iOS 18 will also introduce some nice new privacy features, including improved Contacts permissions, the ability to lock and hide apps, Private Cloud Compute, a standalone Passwords app, and more.

Microsoft Recall sounded like a very cool idea, but was very quickly revealed to be a security disaster. Instead of helping you recall everything you’ve done on your Windows PC, it was found that it could easily help a hacker do the same.

However, as much as the company messed-up the implementation, I do think there’s mileage in the concept, and if there’s one company I’d trust to do it with proper privacy protections, it’s Apple …

A Frontier hack exposed the personal data of at least 750,000 customers, including full names and social security numbers, which places them at significant risk of identity theft. The ransomware group said to be behind the attack claims that the actual number is two million.

The company has now notified the customers it believes to have been impacted by the security breach, but waited almost two months to do so …

Kaspersky, the renowned Russian cybersecurity firm, made headlines at this time last year after uncovering an attack chain using four iOS zero-day vulnerabilities to create a zero-click exploit. Kaspersky was able to identify and report one of the vulnerabilities to Apple. However, in an unfortunate update, Apple reportedly refuses to pay the security bounty for the firm’s contribution.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

One of the things we’re expecting to be announced next week is a ‘new’ Apple Passwords app on iPhone, iPad, and Mac – a move we’ve suggested on more than one occasion.

For 9to5Mac readers, this will bring one small but worthwhile benefit. The really big impact, though, will be with non-techies …

Historically, Apple has been hesitant to commit to solid timelines of how long it will support its devices with security and software updates. Now, thanks to a particular UK legal requirement, that has changed. And what the company is promising on paper is surprisingly less than what Samsung and Google commit to—but that’s not the full story.

Over the last few years, Apple has built a reputation for being strong on user privacy. Its marketing likes to emphasize this point often as a way of distinguishing the company from its competitors.

Interestingly though, a new discovery reveals that the just-released M4 iPad Pro includes a new security feature that Apple hasn’t told anyone about.

After reports of deleted photos resurfacing years later following the installation of iOS 17.5, Apple released iOS 17.5.1 last week to address the issue. But what caused it in the first place? Thanks to some clever reverse engineering by researchers, we have a glimpse at the rare bug responsible.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Security researchers report that a key element of Apple Location Services contains what they call “a really serious privacy vulnerability” that allowed troop movements to be tracked.

The issue could also allow an attacker to work out the location of anyone using a mobile wifi router, such as those in RVs, and travel routers sometimes used by business travellers …

The popular security utility Little Snitch, which monitors Mac network traffic for suspicious activity, has been updated to a much more modern interface, with a whole range of new features.

Key among these is DNS encryption, which shields server name queries, and a curated list of blocklists which can be installed with a single click …

Some of us are old enough to remember the days when malware was strictly a Windows problem. Macs were more secure by design, but another key factor was that there weren’t enough of them in use to make Mac malware a sensible use of time for attackers.

With Macs now very much a mainstream choice for consumers and businesses alike, they’ve also become a far more attractive target for cybercriminals – and Mac malware is a real and growing problem …

iOS includes an iMessage security feature called Contact Key Verification (CKV) that gives users more certainty they’re messaging with the people they think they are. Follow along for what this feature is, how it works, and how to turn on Contact Key Verification on for iMessage.

An Android trojan called GoldDigger surfaced last year that can steal biometric data and more from victims to compromise their bank accounts. Now the threat has evolved into the GoldPickaxe trojan that can infect iOS and Android. Fortunately, there are several simple ways to protect against the first iPhone trojan, here’s what you should know.

iOS 17.5 has landed for everyone with several new user-facing features. And there are also 15 important security fixes that come with the update. Here are the full details on everything that’s been patched.

Apple this week updated its Platform Security guide, which contains in-depth technical information on security features implemented in its products. First released in 2015, the latest update adds six new topics, including first-ever details on BlastDoor 0-click protection and App Store security.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Proton has been building out its suite of software with new services like Proton Pass, an end-to-end encrypted password manager, and more. Now Proton Pass is more powerful than ever with what the company calls “Pass Monitor” which has four layers of identity and credential protection.

Phishing scams are abundant and one of the latest we’ve seen is trying to convince Netflix customers their accounts have “expired” with an option to extend their membership for free for 90 days. Here are the details and tips on how to help friends and family stay safe.

Following the release of new betas last week, Apple snuck out one of the most significant updates to XProtect I’ve ever seen. The macOS malware detection tool added 74 new Yara detection rules, all aimed at a single threat, Adload. So what is it exactly, and why does Apple see it as such an issue?

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.