New Round of Updates Issued for Many Apple Products

We recently shared a story concerning the release of iOS 10.3.3 and the critical Wi-Fi vulnerabilities it corrected within the Broadcom chips used in many iPhones. That update, released July 19th, also accompanied updates for many other Apple products, including macOS Sierra, tvOS, and Safari. The “Broadpwn” bug corrected in the latest version of iOS was also fixed in many of these updates as well. Users who apply these updates are no longer at risk from malicious Wi-Fi networks that can use Broadpwn to take over devices. However, these …

Apple Releases iOS 10.3.3, Patching Critical Wi-Fi Vulnerability

Apple pushed a new round of security updates to many of its products on July 19, including macOS and iOS. While both updates provide important security updates, the iOS update is especially critical.  In version 10.3.3, Apple fixed a critical vulnerability affecting the device’s operations surrounding wireless networks. How does it work and what is the threat?

Inside each iPhone, from the iPhone 5 to the current iPhone 7, a dedicated chip by Broadcom powers the device’s Wi-Fi functionality. These chips handle important tasks to provide users with quick …

Widely Reported WhatsApp Vulnerability Not as Serious as Initially Thought

Back in January, prominent British publication, The Guardian, printed a story in which they claimed the popular messaging app, WhatsApp, had a critical flaw. They claimed it had a “backdoor” that could allow a malicious third-party to defeat the app’s end-to-end encryption and thus read your messages at will. With millions of users depending on WhatsApp as a safe way to privately message others, including people in war-torn countries and under oppressive governments, the report caused much alarm. At the same time, it also triggered a vocal outcry from …

Google Ends Controversial Practice of Scanning Emails to Target Ads

It’s no secret that advertisers want to know more about us, and that “targeted ads” have become the bread and butter of the Internet economy. As advertisers go, Google might be one of the biggest ones out there, and the company has always put forward “personalization” as an admirable goal for everyone’s web browsing experience. So, did you know that Google algorithms have been scanning your email to pick up on better ways to advertise to you?

It’s true. Though Google’s commercial email offerings are exempt from this practice, …

Growth of Dishonest iOS Apps Highlight Need for Strong Mobile Threat Defense

How much should you be concerned about malware infections on your iOS devices? For most people, the answer will be “not at all” — but as we know, there is a danger in thinking this way. The lack of a clear and present threat from mobile malware also creates two problems of its own.

First, it can foster an environment of complacency for users towards actual exploits, which can and do occur. Apple’s regular security patches for iOS in which they close many loopholes highlights this fact. Second, …

Members of UK Parliament Have Their Emails Hacked in Brute Force Attack

Email isn’t just one of the most convenient ways to communicate — it’s also the easiest way for a hacker to uncover information about you. In the final week of June, the Parliament of the United Kingdom experienced its very own cyber attack. The attack focused solely on Parliament email addresses and was not sophisticated in nature: it was a regular brute force attempt. However, the attack brought the network to a standstill.

By trying common passwords and as many other combinations as possible, the hackers eventually compromised roughly …

Another Ransomware Attack Spreads Around the Globe

At the end of June, the world awoke to another widespread ransomware attack locking down machines across the globe. This time, the bulk of the attack centered on Ukraine, although countries such as Germany, the UK, and the USA also saw infections. Initially, the media reported that this was an attack executed by ransomware known as “Petya.” Petya was originally discovered and detailed back in 2016, spreading through infected emails and employing the typical demand of a ransom paid in Bitcoin.

The attacks of June 27, however, were very …

WannaCry Locked Down Australian Traffic Cameras, Caused Voided Citations

Do you think that ransomware attacks only affect personal computers and business systems? Think again — the recent widespread infections caused by the WannaCry ransomware touched more than just hospitals in the UK and unpatched Windows PCs. In the Australian state of Victoria, hundreds of traffic cameras, meant to enforce speed limits, were knocked offline after the malware infected the system. Instead of encrypting data for ransom, the system instead became locked in a continuous cycle of rebooting.

Because of the infection, police in Victoria announced that they would …

Ransomware on the Rise: What Should You Know?

After the massive outbreak of the WannaCry malware that took down hospitals in the UK and spread around the world, we knew it was only a matter of time before similar attacks took place. With the recent outbreak of new ransomware, dubbed Petya, affecting computers in Ukraine and spreading to other countries, it’s a good time to take a step back and look at some hard facts about ransomware. What do Mac users need to know about this rising threat?

Who does ransomware affect?

Windows users are the ones who …

Apple Announces Transition to New File System at WWDC

Last year, Apple announced that it was in the final stages of development for a new file system to replace the current architecture, which has begun showing its age. At this year’s WWDC, one of Apple’s major announcements was that this new “Apple File System” (or APFS) is finally ready. It’s coming to users soon with the release of macOS High Sierra, and it brings with it a host of improvements in both performance and security.

On the performance side, we can expect to see much faster disk …

Malware from Compromised Handbrake Servers Leads to Stolen Source Code

Back at the end of May, we reported on a story about a malware threat to Mac users delivered via the popular DVD ripping software Handbrake. In that incident, hackers broke in to one of the download servers Handbrake used to serve installers to users. They replaced the genuine Mac installer with one that would drop a backdoor onto your machine, allowing the authors free reign to crawl through your data. The infected server was serving up this malware for four days, and now we know that it actually …

Apple Covers All the Bases with Over 100 Security Updates in May

In mid-May, while the world was waking up to deal with the chaos caused by the WannaCry ransomware spreading over the web, Apple was making its users safer again. Released on May 15th, a new set of patches dropped for iOS, macOS Sierra, and both the El Capitan and Yosemite version of OS X. So many different fixes were implemented that  it would be difficult to cover exactly what each of them accomplishes. However, of particular note in this update is the fact that ethical hackers previously identified more …

Darkweb Hackers Begin Offering Functional Mac Malware and Ransomware as a...

With the popularity of both ransomware and the creation of macOS malware on the rise with hackers, Apple users face a growing number of threats. It now appears that others have turned their attention to the creation of new malware to spy on Mac users — but these programmers have gone a step further. Rather than developing a tool and deploying it personally, they have taken to the dark web to offer their products for sale. Known respectively as MacSpy and MacRansom, the hackers provide the malware to users …

New Version of iOS Makes Quiet Changes to How Apps Use Your Location

At Apple’s annual WWDC event this year, the company made a host of big announcements. Chief among them was the unveiling of the next iteration of iOS, version 11. While they highlighted many of iOS 11’s new features during the conference, some other changes flew under the radar. One of those is a big tweak to the way apps on your phone can use your GPS location information. If you have ever used Uber, you may have encountered problems with its functionality if you’ve disabled location services. Uber is …

Apple Adds New Password Rules to Secure iCloud Accounts

iCloud users will soon need to abide by a new set of password requirements, put in place by Apple to fight against account breaches. In mid-May, Apple sent out a support email to iCloud customers, explaining the new requirements. The new requirements went into effect on June 15th.

The new policy concerns third party apps that need to access iCloud data to function. Such apps include Microsoft Outlook and other similar programs used for email, calendar management, and contacts. Apple will require app-specific passwords for such programs, instead …

Apple Reveals That Government Security Requests Are Becoming More Common

The government is getting more comfortable asking tech companies to hand over user data. At least, that’s the conclusion that you might draw after reading Apple’s recent “Report on Government and Private Party Requests for Customer Information” from the second half of 2016.

According to the report, Apple received about twice as many United States Government National Security Requests between July 1 and December 31, 2016, as it did from January 1 to June 30. In the first half of the year, Apple received 2,999 national security requests …

Siri Voice Command Bug Could Let Thieves Hide from Find My iPhone

The theft of smartphones is a large problem, especially with high-value items like iPhones. Whether a thief takes a phone to use or to resell, they’ll need to wipe the device first. Normally, the iPhone passcode and access control restrictions prevent that from happening. Meanwhile, a user can activate Find My iPhone to uncover its location or remotely wipe a device—a useful anti-theft mechanism, as it renders the phone useless to a thief intent on stealing your private information.

However, a freshly discovered bug in iOS versions 10.1 …

SecureMac Continues Pushing Mac Security Forward with Release of MacScan 3.1

Las Vegas, Nevada — With malware making headlines nearly every week, users everywhere wonder how to keep their computers safe. Today, SecureMac released the latest version of its flagship security software, MacScan 3.1. Since its initial release over a year ago, MacScan 3 has led the way with user-friendly and intuitive anti-malware protection. Its original support for OS X 10.8 (Mountain Lion) through OS X 10.11 (El Capitan) has since been expanded to include the latest version of macOS 10.12 (Sierra). With last year’s emergence of the KeRanger ransomware …

Compromised Download Server Infects Handbrake Users with Malware

People with an extensive DVD or Blu-Ray collection can enjoy a wide variety of media at home, but what happens when you want to take it with you? The simple solution is to “rip” your favorite DVDs to create digital media files you can play back on your MacBook, or perhaps store on your home media server. Many Mac users dabble with this. Most people use the popular software, Handbrake, to digitize their media. Unfortunately, hackers recently compromised one of Handbrake’s download servers. For four days, an unknown quantity …

Uber Breaks Apple Rules by Fingerprinting iPhones After Deletion

Our phones today are home to dozens of apps providing both entertainment and utility. Each of these apps requests permissions from the system to access certain types of data. Apple makes it easy to see what apps use which permissions through the settings page on all iOS devices. However, how can you be sure that apps are playing by the rules?

According to a recent report by the New York Times, Uber recently landed itself in more hot water when Apple uncovered efforts to circumvent the App Store’s Terms …