macOS Big Sur 11.0.1 Patches 60 Vulnerabilities
macOS Big Sur 11.0 was officially launched on November 12 and on the same day Apple released its first update, version 11.0.1. The company has advised customers to update to this version — macOS Big Sur 11.0 comes preinstalled on certain Mac models — but there have been reports that the Big Sur update is…
Holiday gifts getting smarter, but creepier when it comes to privacy and security
A Hamilton Beach Smart Coffee Maker that could eavesdrop, an Amazon Halo fitness tracker that measures the tone of your voice, and a robot-building kit that puts your kid’s privacy at risk are among the 37 creepiest holiday gifts of 2020 according to Mozilla. Researchers reviewed 136 popular connected gifts available for purchase in the…
iOS Mail bug allows remote zero-click attacks
On Monday, ZecOps released a report about a couple concerning vulnerabilities with the Mail app in iOS. These vulnerabilities would allow an attacker to execute arbitrary code in the Mail app or the maild process that assists the Mail app behind the scenes. Most concerning, though, is the fact that even the most current version…
Apple Is Top Pick for Brand Phishing Attempts
Apple was the brand most commonly used in spoofing attacks during the first quarter of 2020, when 10% of all brand phishing attempts related to the tech giant, researchers report. Check Point’s “Brand Phishing Report” for the first quarter of 2020 highlights the brands that cybercriminals most frequently imitate to steal personal and financial data….
Apple and Google Team Up on Virus ‘Contact Tracing’ by Smartphone
The move brings together the largest mobile operating systems in an effort to use smartphone location technology to track and potentially contain the global COVID-19 outbreak. The move would allow apps to be created enabling smartphones powered by Apple software and Google-backed Android operating system to exchange information with a joint “opt in system” using…
Apple Awards Researcher $75,000 for Camera Hacking Vulnerabilities
Researcher Ryan Pickren identified a total of seven vulnerabilities in Apple’s Safari web browser, three of which can be exploited to spy on users through the camera and microphone of their iPhone, iPad or Mac computer. The attack only requires the targeted user to access a malicious website — no other interaction is needed. Apple…
Apple Patches Code Execution Vulnerabilities Across Product Portfolio
A total of 27 bugs were squashed with the release of macOS Catalina 10.15.4, affecting components such as Bluetooth, Call History, CoreFoundation, FaceTime, Kernel, libxml2, Mail, sudo, and Time Machine, among others. The patched flaws could result in the execution of arbitrary code with system or kernel privileges, leak of kernel memory, privilege escalation, leak…
High-risk vulnerabilities found in 1/3 of iOS apps, nearly half of Android apps
Expert testing of iOS and Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in mobile apps. Positive Technologies’ yearly report, Vulnerabilities and Threats in Mobile Applications 2019, found that critical vulnerabilities are slightly more common in Android applications, compared to their iOS counterparts (43% vs. 38%)….
Apple iOS 13 will better protect user privacy, but more could be done
Last week, Apple introduced several new privacy features to its latest mobile operating system, iOS 13. The Internet, predictably, expressed doubt, questioning Apple’s oversized influence, its exclusive pricing model that puts privacy out of reach for anyone who can’t drop hundreds of dollars on a mobile phone, and its continued, near-dictatorial control of the App…
Consumers have few legal options for protecting privacy
There are no promises in the words, “We care about user privacy.” Yet, these words appear on privacy policy after privacy policy, serving as disingenuous banners to hide potentially invasive corporate practices, including clandestine data collection, sharing, and selling. This is no accident. It is a strategy. In the US, companies that break their own…