This malicious Lightning cable lets an attacker remotely tap into your computer
Neither you nor your computer will ever notice a difference between this and a legitimate Lightning cable until an attacker wirelessly takes control of your Mac.
Hacking
Apple to announce a Mac bounty program soon
Apple’s head of security Ivan Krstić is expected to make an announcement at the upcoming Black Hat security conference kicking off in Las Vegas, Nevada later this week.
Independent Super Micro audit finds absolutely no evidence of Chinese spy chips
An outside audit seems to have confirmed claims by Apple, Amazon and US and UK officials who have all said they have no knowledge of any hardware attacks via Super Micro.
Tim Cook calls for Bloomberg to retract its Big Hack story
Tim Cook says Bloomberg should retract its Oct. 4 Businessweek story that said Chinese spies breached the supply chain of 30 U.S. companies including Apple.
Apple apologizes over Apple ID account hacks in China
The iPhone maker has issued an apology to its customers in China over the recent scams which have helped nefarious users hack into Apple ID accounts that weren’t protected with two-factor authentication.
DHS says it has ‘no reason to doubt statements’ from Apple and Amazon about Big Hack
The U.S. DHS says it has no reason to doubt the denials made by Apple and others about whether there was Chinese hacking of America’s supply chain.
Hacker learns how to brute force iPhone passwords [update: false alarm]
A hacker has successfully brute force a password on an iOS device. In doing so, he was able to bypass security mechanisms, putting encrypted data at risk.
iOS 11.4’s Restricted Mode may defeat physical data access by hacking tools like GrayKey
iOS 11.4 disables USB data over the Lightning port after seven days to help defeat physical data access by forensic firms and specialized hacking tools and hardware devices.
Under Armour announces MyFitnessPal data breach of 150 million accounts
Under Armour announced on Thursday that its popular diet tracking app MyFitnessPal has been hacked. The company said that the data breach occurred in February, and involved the usernames, email addresses and [hashed] passwords of some 150 million user accounts.
Apple’s developer site was not hacked
Contrary to some previous reports that suggested that the Apple Developer website had been hacked, Apple said in a statement that there was no security breach and that the issue was caused by a bug.
New iOS vulnerability enables brute-force passcode attacks on iPhone 7
This tiny $500 device used by the police takes advantage of an exploit discovered in iOS 10.3.3 and iOS 11 beta that’s specific to iPhone 7 and doesn’t work on older hardware.
Apple won’t release a fix for Secure Enclave’s exposed decryption key
A source says Apple doesn’t plan to roll out a fix for the iPhone 5s Secure Enclave’s exposed decryption key at this time.
