Security

A statement reveals that the FBI accessed the locked phone of Thomas Matthew Crooks, the shooter at the Trump rally. There were unconfirmed reports that the device was an iPhone, but it was subsequently revealed to be a Samsung device.

The FBI said on Sunday that attempts to access the phone had not been successful, but just one day later stated that it has now succeeded …

More details are coming to light about the AT&T hack, which saw the personal data of around 110M customers compromised – including records of who they called and texted.

It’s reported that the carrier made a Bitcoin ransom payment in return for the hacker deleting the data, and that public disclosure of the security breach was delayed for two months in response to a request from the FBI …

A massive AT&T data breach has seen hackers able to steal the personal data of almost every customer the company has – a total of some 110 million Americans.

In an incredible security fail, the stolen data includes not only customer phone numbers, but also records of who contacted whom – a potential privacy minefield …

Apple has warned a significant number of iPhone users across 98 countries that they appear to have been targeted by “mercenary spyware attacks” which could compromise almost all the personal data on their devices.

The company says it can never be 100% certain in its conclusions, but has a high degree of confidence that it is correct, and urges message recipients to take the security warning seriously …

Scams like phishing and social engineering are continuing to grow with some specifically targeting Apple users. With that in mind, Apple has shared a new support document with official tips on how to protect your Apple ID and other online accounts, how to spot and report scam emails, calls, and more.

Apple users are being warned to be alert to smishing texts – the name given to phishing attacks carried out by sending SMS messages – trying to capture login credentials for Apple IDs.

The links direct to a fake iCloud page, and for 9to5Mac readers this is really one to warn your friends about …

Microsoft staff in China have been told that they must use an iPhone for authentication when logging in to company systems. From September, the use of Android smartphones as multi-factor authentication devices will be banned.

This will create a situation where an Apple device will be required despite the fact that staff are using Windows PCs …

It is a long-standing misconception that Macs are impervious to malware. This has never been the case. And while Apple might secretly hope people continue the preconceived notion, Mac users continue to be caught off guard by cybercriminals whose attack methods are becoming increasingly sophisticated. Below, you’ll find the most common macOS malware strains in 2024…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Apple Intelligence privacy is stronger than that of any other AI company, but even its security protections aren’t perfect once ChatGPT gets involved.

That’s the argument made by the security chief at Inrupt, the privacy-focused company co-founded by the inventor of the world wide web, Tim Berners-Lee …

An attacker has obtained the phone numbers of 33 million users of the popular 2FA security app Authy, exposing them to an increased risk of phishing attacks.

Developer Twilio has confirmed the claim, and asked customers to take two precautions …

Millions of iOS and macOS apps have been exposed to a security breach that could be used for potential supply-chain attacks, says an ArsTechnica report based on research by EVA Information Security. The exploit was found in CocoaPods, an open-source repository used by many popular apps developed for Apple platforms.

Some Wise customer data was likely to have been obtained by the hackers behind the Evolve data breach back in May.

Multiple additional fintech firms may also be affected by the cybersecurity attack, and it’s possible that personal data may be leaked if companies refuse to give in to ransom demands …

If there’s one type of company you definitely don’t want to see left vulnerable to hackers it’s an identity verification service with access to photo ID documents like driver’s licenses – but that’s exactly what appears to have happened with AU10TIX.

The cybersecurity company’s past or present clients include PayPal, Coinbase, X, TikTok, Uber, LinkedIn, Upwork, and Fiverr …

We’ve seen carriers and the FTC work to reduce the problem of robocalls in recent years but imposter calls remain a top scam. Want to protect yourself and your family? Incogni makes removing your personal information from the web and blocking spam calls easy.

Apple has fixed a Vision Pro bug which would have allowed a website to fill your room with an unlimited number of virtual 3D objects. Those objects – flying bats in the proof of concept – would then persist even after you quit Safari.

The bug was discovered by a cybersecurity researcher who says Apple took a lot of care to protect against this type of exploit, but it forgot one thing …

Both the EU and Australia have backed down on separate proposals to force tech companies to carry out CSAM scanning within messaging apps, which would have meant breaking end-to-end encryption.

It’s the latest development in the ongoing battle between tech companies and politicians who don’t understand how encryption works …

Following up on advanced sharing options landing for Proton Drive last week, the company is out with its latest update today for iOS users. Its end-to-end encrypted Proton Drive app for iPhone now offers automatic photo and video backup to securely store and protect your most important memories.

Notorious threat actor IntelBroker, who previously claimed responsibility for other high-profile data breaches, including those of U.S. government systems in April, allegedly leaked the source code of several internal tools used at Apple via a post on a dark web forum.

Apple Intelligence privacy is a key differentiator for the company’s own AI initiative, with the company taking a three-step approach to safeguard personal data.

But Apple says we won’t have to take the company’s word for it: It is taking an “extraordinary step” to enable third-party security researchers to fully and independently verify the privacy protections in place …

Today at WWDC 2024, Apple introduced a slew of new iPhone features that will be available on all compatible devices later this Fall. While Apple Intelligence and enhanced customization were among the most heavily showcased, iOS 18 will also introduce some nice new privacy features, including improved Contacts permissions, the ability to lock and hide apps, Private Cloud Compute, a standalone Passwords app, and more.