By Cody Lee on Apr 8, 2015
In addition to a lengthy change log of improvements, today’s iOS 8.3 release also includes several security patches. In fact, as MuscleNerd points out, the new firmware features 39 security patches, rivaling the amount found in the jump from iOS 7 to iOS 8.
Among the patches is one of particular interest, to us anyway, that is credited to the TaiG Jailbreak Team. It’s labeled CVE-2015-1087, and described as a backup bug that can allow an attacker to use the backup system to access restricted areas of the file system. Read More
By Jeff Benjamin on Mar 23, 2015
Well-known iOS jailbreak developer and hacker Majd Alfhaily was intrigued when read about MDSec’s black box hardware brute force for iOS devices. The tool, which runs over a USB connection, tries every possible passcode combination in an attempt to unlock an iPhone secured with a simple passcode.
The downside of such a tool, is that each PIN entry takes approximately 40 seconds, so it could take more than 110 hours to brute force an iPhone. Majd, being the curious person that he is, devised a way to do it in a fraction of the time using only software. The only caveat, if you even want to call it that given what it does, is that the device must be able to run unsigned code, i.e., the device must be jailbroken. Read More
By Christian Zibreg on Mar 19, 2015
Thursday, Apple issued a new security update for Mac users running OS X Yosemite 10.10.2. The update, titled ‘Security Update 2015-003 1.0,’ is available right now through the Updates tab of the Mac App Store and is recommended for all users as it improves the security of OS X.
If you’re running a public beta of OS X Yosemite 10.10.3, you won’t see this update because the stable OS X Yosemite 10.10.3 release is bound to include contents of today’s security update. Read More
By Cody Lee on Mar 18, 2015
A new device is causing commotion around the interwebs today, that has the ability to unlock PIN-protected iOS devices. The tool, first spotlighted by security firm MDSec, is being used in the phone repair markets to brute-force iPhone and iPad Lock screens.
According to MDSec, these ‘IP Boxes’ are about the size of an Apple TV, and you can acquire one for around $300. It works by simulating the PIN entry on a device over a USB connection, and is able to sequentially bruteforce every possible PIN combination. Read More
By Jake Smith on Mar 10, 2015
The Intercept reports the Central Intelligence Agency has been working for years to find ways to break through the security of Apple devices, with work spanning a year before the first iPhone was released. The Intercept basis its report on leaked documents, that explain a yearly gathering of CIA officials, called the “Jamboree”, to talk about flaws in commercial electronics. Read More
By Cody Lee on Mar 9, 2015
Apple on Monday issued a security update for OS X to address a handful of vulnerabilities, including the high profile SSL flaw known as “FREAK.” Spotlighted last week, the bug allows would-be attackers to spy on communications made through Safari.
More specifically, FREAK stands for Factoring RSA Export Keys, and it affects certain embodiments of web encryption technologies SSL and TLS. If used maliciously, the flaw could leave systems open to what are known as man-in-the-middle attacks. Read More
By iDB Deals on Mar 4, 2015
Hacking often boils down to identifying weak points in digital security systems and infrastructure. Ethical hacking (aka White Hat hacking) is all about plugging those holes before someone with nefarious intentions exploits them. So how do you get started working with the “good guys” and protecting your own systems when it comes to hacking? With the White Hat Security Hacker Bundle, of course.
Offering access to six comprehensive online courses, this is your last chance to take advantage of the White Hat Security Hacker Bundle at the price of $49 – saving more than 90% off the $622 MSRP. The deal ends tomorrow. Read More
By Christian Zibreg on Mar 4, 2015
A new exploit dubbed ‘FREAK Attack’ — which stands for “Factoring attack on RSA-EXPORT Keys” — that takes advantage of a security flaw dating back to the 1990s will be patched soon by Apple.
As we speak, the iPhone maker is readying a fix in iOS and OS X that will be available in software updates next week, a spokesperson for the Cupertino firm told iMore.
Plagued by this security flaw, users of Mac, iPhone, iPad, iPod touch and Android devices are at risk when visiting vulnerable websites that downgrade a secure HTTPS connection to a weaker encryption method. Read More
By Christian Zibreg on Mar 3, 2015
Following the outcry in Silicon Valley regarding the treatment of part-time employees, and in general people who work for technology companies, Apple is now moving to “dramatically expand” its in-house security team by giving contracted workers the same benefits as other employees, as per Mercury News Tuesday.
A company spokesperson confirmed to the paper that Apple has now decided to hire the majority of its day-to-day security staff in Silicon Valley as full-time workers, following a yearlong review. Read More
By Oliver Haslam on Feb 28, 2015
Apple CEO Tim Cook is on the final leg of his tour of Isreal and Europe and has been speaking to UK publication The Telegraph about a range of things including Apple customers’ privacy and of all things, terrorism.
Known for his unusual stance on privacy – one which doesn’t jive with other high profile tech executives who are happy to share everything about you – Cook told the publication during an interview that he feels people’s information is being “trafficked around” in ways that they just don’t yet understand. Read More
By Christian Zibreg on Feb 26, 2015
Apple, along with other leading Western technology companies, has been taken off the list of approved tech companies for state purchases in China, Reuters reported last evening.
Apparently in response to widespread Western cyber-surveillance, companies like Apple, network equipment maker Cisco Systems and chip giant Intel have now been removed from the Central Government Procurement Center’s (CGPC) list.
The list, maintained and approved by China’s Ministry of Finance, covers regular spending by central ministries. Read More
By Jeff Benjamin on Feb 14, 2015
Big news for the hacking community, and by extension, iPhone jailbreakers. Apple’s Lightning connector—a proprietary bus and power connector found in all modern iPhones, iPads and iPod touches—has had its security compromised by a team of resourceful hackers. What does this mean for the jailbreak community? Read More
By Sébastien Page on Feb 13, 2015
As Apple CEO Tim Cook spoke at the President Obama’s Summit on Cybersecurity on Friday, the White House announced that Apple Pay will be enabled for federal payment cards, including Social Security and veterans benefits that are issued via debit cards.
The news represents a major vote of confidence for Apple Pay and Apple in general. While it shouldn’t be considered a proper endorsement from the White House, it is still a major win for Apple. Read More
By Oliver Haslam on Feb 13, 2015
You just can’t take security too seriously these days, because even if you don’t think your personal information is all that interesting to others, you’re probably wrong. Whether it’s people selling your banking data or trawling your emails for ways to get into all of your social media accounts, you really don’t want anyone having access to your data when they don’t have your permission.
Recent high profile so-called hacks have highlighted the need for improved personal online security, with numerous celebrities having their personal photographs stolen and then leaked online. It transpired that the photos had been acquired via compromised iCloud accounts, and with the move to iCloud Photo Library and the soon to be released Photos app for the Mac, we’re likely to have more and more of our digital lives sat on Apple’s servers.
Throw the data Google has into the mix, especially if you use Gmail, and things can get scary, fast.
Strong passwords are obviously the way to go here, but that isn’t always going to be enough to stop bad people from doing bad things, especially if they manage to get that password via another compromised service. But you’re OK, because you don’t re-use passwords, right? Right. Read More
By iDB Deals on Feb 12, 2015
The Sesame 2 automatically locks your Mac as soon as you walk away, providing peace of mind and security, as well as protection against fraud and other malicious attacks. Better yet, it automatically unlocks your Mac when you return for a quick and convenient privacy solution.
The Sesame 2 enables you to customize its parameters, providing bespoke security solutions for the house, office or coffee shop. Utilizing the clear, simple and accessible interface, you’ll be is in control: whether it’s 5 or 50 feet, with the Sesame 2, you can lock down your Mac according to your schedule. Read More
By iDB Deals on Feb 10, 2015
With news of the massive Anthem/Blue Cross hack last week, another huge corporation has been crippled by a digital security breach, exposing private data for millions of customers. At this point, taking steps to protect oneself online is just common sense, and utilizing a VPN service is an easy way to decrease your risk when browsing the web.
Whether it’s keeping your browsing history hidden, staying protected when using an unsecured or public wi-fi connection, or accessing content outside of geographic restrictions, a VPN is the safe and sensible choice for browsers across the world. With these offers from iDownloadBlog Deals, you’ll be able to get several years of a VPN service at a heavily discounted (and affordable) price. Read More
By Lory Gil on Jan 30, 2015
Thanks to Bluetooth LE connectivity, users are able to connect their smartphones to their computers to share content between devices quickly, easily, and without being too taxing for battery life. On iOS and OS X, you can even do stuff like lock or unlock your Mac. Mac ID for iOS is one such app. Not only can you set it up to unlock your computer, but you can also lock it and wake the screen remotely. We’ve got a hands-on review of MacID for iOS for you today. Read More
By Lory Gil on Jan 24, 2015
Most of us have at least one extra iOS device lying around somewhere that doesn’t get used as much as the others. Instead of letting it sit around, slowly losing battery life, why not set it up to be a home security monitor?
Manything is a free app that you can download onto two iOS devices. One device acts as the camera to record everything, while the other acts as the remote viewer so you can check in to see what your cat is up to while you are away. Read More
By Christian Zibreg on Jan 23, 2015
CEO Tim Cook has agreed to allow Chinese government officials to conduct security audits on Apple devices sold in China, IDG News Service reported yesterday.
The surprising development comes amid tensions that have erupted in the 1.33 billion people country, Apple’s second largest market by revenue, over allegations that other governments are using Apple devices for surveillance and accusations of state-sponsored phishing attacks on Apple’s iCloud users. Read More