Apple Reports Major Spike in Government Requests for Information

Who wants information about you? Digital security practices revolve in large part around restricting your data based on the answer to that question. We try to protect our systems so that only those with authorization can access sensitive personal information of all kinds. Most frequently, hackers are the ones we must worry about looking to learn something about us, whether it’s a password or a credit card number. However, it’s important to consider that requests from the government for user information occur on a frequent basis, and these can …

Beware the New iOS Phishing Attack

If you use iOS, you are used to the Apple popups that ask you to enter your Apple ID password. These popups are standard any time you go to download a new application from the App Store, login into iCloud, or buy a song on iTunes. Unfortunately, it looks like attackers could potentially use a similar popup strategy to gain access to a user’s Apple ID account.

So far, this style of attack hasn’t been seen out in the wild. App developer Felix Krause recently shared a proof-of-concept on …

Checklist 58: SecureMac Roundup: Even More Listener Questions Answered

This week on the Checklist, we take on some of your questions and comments. Topics include: – Scam pop-us – App specific password requirements – Issues with SS7 – Oddity around an email address.

Checklist 57: SecureMac Roundup: More Questions from Our Listeners

Part 1 of a 2 episode series where we go over various questions from our listeners!

WannaCrypt: An Overview of 2017’s Biggest Cybersecurity Threat

This past May, a malicious software attack known as WannaCrypt (or WannaCry, depending on your source) hit the computer systems at major organizations and businesses around the globe. WannaCrypt is a ransomware attack. Once it infects a machine or computer system, it encrypts all the data hosted on those machines. (Hence the name WannaCrypt.)

Once the files are encrypted, the attack prompts the owner of the machine or computer system to pay a ransom to unlock the data. The ransom offer has a time limit, giving users a …

Hacker Gains Access to iPhone 5 Secure Enclave Key, Opens Door for More

While the iPhone’s fingerprint scanner and its associated TouchID functionality provide a wealth of convenience to users, it also brings some unique security challenges. Biometric data is one of the most personally identifiable and irreplaceable types of information out there. While someone who steals your fingerprint data may not be able to unlock many doors right now, that doesn’t mean it will always be the case. As a result, Apple put serious effort into developing a method for securely handling the verification of fingerprint data. The result was the …

Checklist 56: Online Threats to Privacy

This week, we’re tackling threats to your online privacy as well as online threats to your physical privacy.

Popular Terminal App Patches Severe Bug That Leaked Tons of Data

For power users, nothing is quite as useful in the macOS ecosystem as the Terminal app. Whether you are working on a simple project or trying to create extensively customized functionality for your machine, it opens many doors for the savvy user. Those same users sometimes find the default Terminal app to be lacking, though, and thus alternatives, like the popular iTerm2 software, have sprung up over the years. With a recently issued security patch, however, the developer of iTerm2 acknowledged that the program had been leaking all kinds …

Elcomsoft Phone Breaker 8.0 with iOS 11 Support: What You Need to Know

Are you thinking about upgrading your iPhone this fall—either to the standard iPhone 8/8 Plus or the luxury model iPhone X? If so, you’re in luck: Elcomsoft has already updated its Phone Breaker software to support the new phones. Elcomsoft Phone Breaker 8.0 includes support for iOS 11 and will allow for backup data extraction from Apple’s iPhone 8 and iPhone X models.

Why Use Elcomsoft Phone Breaker?

Elcomsoft Phone Breaker has been a favorite tool among iOS users for a little while now. After all, the new incarnation …

iOS 11 Includes Patches for Several Vulnerabilities

September 19, 2017, marked the arrival of iOS 11, just in time for the release of the iPhone 8 and 8 Plus. The big annual update of Apple’s mobile operating system added a few new features into the mix for users, from a brand new Control Center to a keyboard made for one-handed texting.

However, amidst the new features, it turns out that iOS 11 is also an important security update. The updated operating system includes important patches for a variety of iOS vulnerabilities. Apple also patched bugs …

Collaborative Power: Security Teams Work Together to Destroy Botnet

Of all the major cyber security threats out there today, few are as frustrating and complicated to contend with as botnets. From the malware that spreads the infection from device to device, enslaving them to a remote command and control server, to the many malicious purposes hackers use them for, they’re a tough threat to combat. Recently, however, the security community got a firsthand look at the value of collaborating to take down threats to users. Six firms set aside the competitiveness of their industry to work together to …

Researchers Uncover Spambot With More Than 700 Million Emails

Does it seem like your spam folder fills up almost as soon as you empty it? That’s true for many of us, but where is all that spam coming from these days? The answer is that surprisingly few people are involved in the sending of most of the spam on the web. With anti-spam efforts growing stronger every year, new methods have risen to the forefront, and spam is deeply entangled with many of the other malicious efforts ongoing around the Web. Spambots — malware that gathers together data …

Checklist 55: Putting the “S” in HTTPS

The “S” in HTTPS stands for secure. But why? And how does it work? All you need to know about secure browsing.

What You Need to Know about Email Spam

If you feel like you’ve been getting more email spam than usual lately, you’re probably right. According to a recent report from Fortune, a sophisticated spambot called “Onliner” has figured out a way to bypass spam filters and has used that advantage to target some 711 million email addresses.

About the Onliner Spambot Attack

Onliner sends emails to users, disguised as stuff they would usually open—such as hotel reservation info, communications from the government, and more. Each email includes an attachment. If a user downloads the attachment, malware called Ursnif …

The Internet of Things: The Future of Tech or One Bridge Too Far?

For years, tech enthusiasts have been calling the Internet of Things “the future of technology.” But is it? On the one hand, there is some appeal to a world where everything is digitally connected. Being able to control your home’s lights, thermostat, irrigation system, security system, and a slew of other appliances and systems from your home is convenient and useful. Business enterprises can also use IoT solutions to collect data on everything from concrete strength to wastewater treatment.

Simply put, the Internet of Things is already making …

Apple Adds New Touch ID Option in iOS 11

Since the addition of the fingerprint reader to the iPhone, the convenience of Touch ID has been hard to deny. From unlocking our phones to instantly authorizing an in-app purchase, it’s a rapid and convenient way to authenticate yourself to your device. Now with iOS 11 just around the corner, Apple has been dropping many announcements about what will be a part of the new operating system. Meanwhile, developers have discussed what they’ve experienced in the beta builds. One of the most exciting recent developments is the news that …

Mac Gamers Beware: A Trojan Lurks Inside a New Cheat Program for CSGO

Cheating in online video games is nothing new — it’s been an almost permanent fixture of the scene for years. Despite consistent anti-cheat efforts, new hacks continue to crop up for popular games all the time. It’s an arms race, much in the same way security researchers and malware authors battle against each other on a regular basis. Dabbling in these hacks has always been risky business; after all, how can you trust the author to provide the cheat you want, without some nasty extras packaged inside?

The reality …

Checklist 51: Five of the Most Notable Data Breaches in History

Today, we are looking at five of the biggest data breaches and most notable hacks in history. Who got hit? What data was stolen? How did they happen?

Apple Removes VPNs from Chinese App Store

One of Apple’s most famous marketing campaigns revolved around the catchphrase “There’s an app for that”—to the point that Apple eventually had the slogan trademarked. However, for users living in China, that statement is no longer true. According to a recent report from CNBC, Apple has removed most of the VPN apps from its Chinese App Store.

The removals weren’t random: China made unauthorized connections—including those made possible by virtual private networks—illegal in January of this year. VPNs allow users to access restricted parts of the Internet and surf …

Securing Your Data with macOS and Keychain

Every time a new version of Apple’s operating system arrives, every tech-focused publication on the Internet does a deep dive on the new key features. Occasionally, though, cool bells and whistles go overlooked. Such is the case with the macOS Keychain Access application, which, in addition to storing passwords and account information, can also be used to store and secure sensitive data.

Keychain Access gives users the option to store what it calls “Secure Notes,” alongside passwords and other valuable data. Say you need to store something like a …