Apple News, Articles and Updates

Researchers create mask that defeats iPhone Face ID feature

Barely one week after the highly anticipated launch of Apple's new iPhone X, security researchers are claiming they were able to defeat its Face ID facial recognition security feature using a carefully crafted mask worth approximately $150.

Apple issues new security update for macOS High Sierra

Apple issued a supplemental security update for macOS High Sierra 10.13 to patch two issues one of which fixes a keychain

Apple's iOS 11 release prevents backdoor exploit on Wi-Fi chips

Apple's release of iOS 11 patched an out-of-bounds write vulnerability in Wi-Fi chips that, if exploited, could have allowed attackers within range to execute arbitrary code on the firmware.

Apple exterminates bugs in iCloud for Windows, macOS High Sierra, macOS Server

Apple on Monday issued security updates for its iCloud for Windows, macOS High Sierra operating system, and macOS Server products, fixing 67 vulnerabilities.

Remotely locked Apple devices being held for ransom

Some Apple product owners have found themselves on the receiving end of a new ransom attack that has someone locking their device most likely using stolen iCloud credentials and the initiating the Find My iPhone remote lock feature.

Report: WhatsApp began encrypting back-ups to iCloud Drive in late 2016

WhatsApp added another layer of protection for users in late 2016, quietly introducing a new feature that encrypts messages and contacts when uploading this data to Apple's iCloud servers, according to a Forbes report.

Attackers sabotage HandBrake's download for Macs to deliver Proton RAT

The developers of HandBrake have advised Mac-based users that they may be infected with a backdoor after an unknown attacker replaced a HandBrake software installation package with a variant of the Proton RAT malware.

Pickpockets and hackers, the latest cybercrime marriage

A Trend Micro researcher may have stumbled across a new alliance in place between petty criminals and their more sophisticated cyber cousins that could prove mutually beneficial.

New 'Dok' dropper variant found, even after Apple revokes cert for Mac malware

A researcher has discovered a new variant of the "Dokument.app" dropper that was recently found delivering OSX/Dok Mac malware, but Apple reportedly neutralized the threat by revoking the malware's the ill-gotten certificate.

Pandora Apple app vulnerable to MITM attacks

A vulnerability note was issued by CERT/CC for the Pandora music streaming service Apple iOS app for failing to properly validate SSL certificates provided by HTTPS connection.

Apple patches bugs, reportedly reconfigures iOS to stifle pop-up scam

Apple on Monday released security updates for multiple products, and in the process also reconfigured iOS to address a pop-up issue that scammers were abusing to lock users out of their Safari mobile browsers in an attempt to extort money.

Proton RAT malware not a positive development for Mac users

Questions continue to swirl surround a mysterious Mac-based remote-access trojan (RAT) malware program called Proton, which Apple addressed in a recent update to its anti-malware program XProtect.

Award for Best Phish goes to: iTunes movie scammers

A phishing scam impersonating iTunes is attempting to trick Canadian Apple users into giving away their personally identifiable information, in order to get a refund on movies they never actually paid for.

Fingerprints to unlock iPhone? Judge says no.

A federal judge in Chicago issued an opinion last week that would deny the government's attempt to force Apple device owners from providing a fingerprint to unlock their device.

XAgent malware linked to DNC hackers can now attack Macs

Macs are officially no longer immune to XAgent, a backdoor malware linked to the Russian threat group APT 28, as researchers have now discovered a version targeting machines running on OS X.

Linux IoT, Android and MacOS expected in 2017, SophosLabs

The attacks that took place and malware spotted during last several months of 2016 were a harbinger of things to come in 2017, with more IoT attacks, Mac products being targeted and more Android malware.

Mac malware reportedly first to infect machines using macros

Researchers have identified what they believe is the first in-the-wild instance of hackers using malicious macros in Word documents to execute malware on Mac computers, instead of Windows-based machines.

Data on 76 iOS TLS-protected apps vulnerable to MITM attack

A researcher has reported finding 76 iOS programs that, despite using the TLS security protocol, are vulnerable to man-in-the-middle attacks that intercept and modify data in motion

Apple removes Activation Lock, possibly used for hacking

Apple quietly removed the Activation Lock Status checker feature leaving some speculating it may have been used for hacking. .

Apple issues updates for almost all its products

Anyone owning an Apple device probably needs to patch it.

Vulnerability helps iPad thieves bypass Activation Lock security feature

Researchers are warning about a buffer overflow vulnerability in iPads that would an allow an attacker to bypass Apple's Activation Lock.

iCloud calendar spammers seize the day, sending junk invites

Apple users over the last few weeks have reportedly been besieged with spam hitting their iCloud calendars in the form of unwanted invites, after cybercriminals figured out that they could send their junk offers directly to recipients' iCloud accounts.

Analyzing the Masque Attack that replaces apps with imposters

iPhones running on iOS 9.3.5 and earlier remain vulnerable to the Masque Attack, through which unscrupulous third-parties replace genuine App Store apps with their own malformed, yet seemingly authentic software programs.

Remote switch-on enlists Mac webcams as spies

Without users noticing, a new attack enables malware to switch on Apple webcams.