Apple News, Articles and Updates

Apple release security updates shortly after releasing another KRACK fix

Apple released security updates for its mobiles, set top box and Window's iCloud platform shortly after rolling out another patch for the KRACK exploits.

Apple addresses KRACK exploits in AirPort Base Station firmware

Apple has continued to roll out patches to fix the KRACK (Key Reinstallation AttaCKs) series of vulnerabilities, this time in its AirPort Base Station firmware.

Apple releases security updates for multiple products

Apple released security updates to patch vulnerabilities in its iOS, mac OS, tvOS and watchOS platforms, some of which could have been used to remotely exploit the affected devices.

MailSploit bugs let spoofed emails bypass DMARC, spam detectors

A collection of vulnerabilities dubbed Mailsploit, found by German security researcher Sabri Haddouche in 30 types of email client applications - from Apple Mail to Mozilla Thunderbird - lets hackers bypass anti-spoofing mechanisms.

Apple issues emergency fix for High Sierra root access flaw

A day after a developer revealed a root access flaw in macOS High Sierra version 10.13.1, Apple released an emergency patch, which it plans to push out today.

Flaw in macOS High Sierra allows easy access

A root access flaw in Apple's macOS High Sierra 10.13.1 makes it possible for anyone to log into the system by typing "root" into the name field.

Smartphone QR code scanners pose new cyber-threat

Apple iOS 11, Apple has QR scanning functionality enabled by default which Elad Ben-Meir says can effectively make anyone scanning the QR code matrices with Apple devices vulnerable to unknowingly uploading malicious code.

Apple addresses KRACK exploits in iOS and macOS updates

Apple has finally addressed the KRACK vulnerabilities in its latest macOS High Sierra, Sierra, El Capitan, iOS 11.1, tvOS and watchOS.

Apple denies claims that it lowered iPhone X face-recognition accuracy

Apple is disputing claims that it ordered manufacturers to lower the accuracy of its face-recognition to make the iPhone X easier to make.

Iphone iOS 11 QR code scanner provides 'backdoor' exploitable by criminals

Apple's new operating system for iPhones and iPads contains a Quick Response (QR)-scanning based 'backdoor' that could be used by cyber-criminals.

Apple issues new security update for macOS High Sierra

Apple issued a supplemental security update for macOS High Sierra 10.13 to patch two issues, one of which fixes a keychain password issue discovered last week.

Apple's iOS 11 release prevents backdoor exploit on Wi-Fi chips

Apple's release of iOS 11 patched an out-of-bounds write vulnerability in Wi-Fi chips that, if exploited, could have allowed attackers within range to execute arbitrary code on the firmware.

Apple patches a potentially critical vulnerability with iOS 11.0.01 update

Apple's iOS 11.01 seems to have addressed previous problems that prevented users from sending emails from and Exchange accounts along with at least one potentially critical security flaw.

MacOS can be exploited to reveal keychain passwords, researcher warns

Launched just days ago, the latest release of Apple's operating system for Macs contains a known zero-day vulnerability that could allow attackers to exfiltrate passwords from the user's keychain.

Apple kills bugs in iCloud for Windows, macOS High Sierra, macOS Server

Apple has issued security updates for its macOS operating system, macOS Server, and iCloud for Windows products, fixing 67 vulnerabilities.

Remotely locked Apple devices being held for ransom

Some Apple product owners have found themselves on the receiving end of a new ransom attack that has someone locking their device most likely using stolen iCloud credentials and initiating the Find My iPhone remote lock feature.

iOS 11 and Apple Watch Series 3, the good, the bad, and the unsecure

With the launch of iOS 11 and the Apple Watch, researchers note Apple's iOS 11 update included eight CVEs that patched vulnerabilities in iBooks, Mail MessageUI, Messages, MobileBackup, Safari, and Webkit.

Apple iOS 11 makes it harder for law enforcement to access data

Apple is doubling down on its privacy beliefs with the latest iOS 11 which will reportedly add at least two new features designed to safeguard its owners' privacy.

MacOS security reputation challenged by new ransomware-as-a-service

Once viewed as nigh-on impregnable, Apple's reputation for secure products is being challenged once again, this time by ransomware-as-a-service.

iOS 10: Is Apple starting a new era of collaborative security?

Kevin Bocek argues that by decrypting the kernel and inviting developers to root around in its OS, Apple will actually make users more secure as any vulnerabilities will instantly be brought to light.

What's behind backdoor #3? Mac version of Mokes malware follows Linux, Windows variants

Kaspersky Lab today released an analysis of a newly discovered version of Mokes - a malicious, cross-platform backdoor with spying functionality - this one targeting Apple's OS X operating system.

Survey: Hackers believe strongly in privacy... unless they're paid to crack passwords

Four out of five surveyed hackers agreed that Apple was right to refuse the FBI's request for a backdoor into the San Bernardino shooter's iPhone. Yet 52 percent said they would help the FBI crack an iPhone's password for a fee.

Updated: Remote Apple jailbreak - with just one click

IOS zero day spyware discovered, more capable than any previously reported - patch launched today, immediate update advised.

Black Hat Las Vegas: Apple offers bug bounty programme

Apple is offering up to $200,000 to researchers reporting critical security vulnerabilities in Apple software, including its underlying operating system.

WhatsApp chats aren't getting deleted completely

Researcher finds that WhatsApp leaves traces of all chats in the database of iOS devices, leaving the user vulnerable should the phone be forensically examined.

Ammyy Admin site delivers drive-by-download attacks

Kaspersky Lab researchers spotted the Ammyy Admin being used as a dropper trajan to install the Lurk trojan and other malware.

Apple patches remote code execution flaws

Apple patches critical vulnerabilities in iOS and OS X that could allow remote code execution.

Updated: Apple reveals potential iOS security flaws in unencrypted kernel release

Apple has released an unencrypted version of its latest operating system for iOS 10, giving security researchers an unprecedented opportunity to scour the kernel for security flaws.

FireEye researchers warn of 'Apple-like phishing domains' aimed at UK users

FireEye researchers observed phony Apple domains registered during the first quarter of 2016 used to execute phishing attacks against Apple iCloud users located in China and the UK.