Security

DYLD_PRINT_TO_FILE and malware: What you need to know

DYLD_PRINT_TO_FILE is an OS X 10.10 Yosemite vulnerability that could allow malicious code on your Mac escalate its privileges—gain "root" access—and potentially exploit the system. Now, an anti-malware company has reported finding just such malicious code "in the wild", meaning already being used to try and install malware on Macs.

More →

10
10
75
0

Thunderstrike 2: What you need to know

Thunderstrike 2 is the latest in a line of Mac security vulnerabilities that, due to sensationalized reporting, are often a greater risk to customer stress levels than they are actual physical hardware. Still, Thunderstrike 2 is absolutely something every Mac owner should be aware of and informed about.

More →

19
9
48
0

Apple Pay to the rescue!

Last week, Iconfactory developer Craig Hockenberry received an all-too-familiar call: One of his credit cards had been used to make a fraudulent transaction, and he didn't have a backup card available. But he did have Apple Pay on his iPhone—and Apple Pay was all he needed.

More →

8
56
103
0

Security writer says 'Goodbye Android', switches to iPhone

Lorenzo Franceschi-Bicchierai is a longtime Android aficionado, security journalist, and historically not a fan of Apple. And yet he's switching to iPhone. Find out why!

More →

2
63
100
0

DYLD_PRINT_TO_FILE exploit: What you need to know

DYLD_PRINT_TO_FILE is a recently-disclosed privilege escalation vulnerability on OS X Yosemite. Here's what you need to know about it.

More →

15
21
79
0

Two-factor authentication in iOS 9 and OS X El Capitan: What you need to know

The idea behind two-factor authentication in iOS 9 and OS X El Capitan is exactly what the name implies: Your password alone is no longer enough to access your account, you need something else as well. So what happens if something goes wrong and you get locked out? What happens if someone tries to hack their way in?

More →

10
15
81
0

Apple comments on XARA exploits, and what you need to know

XARA—an acronym for unauthorized cross-app resource access on Mac OS X and iOS—describe a series of exploits that you need to know about. Update: Apple has provided iMore with a comment.

More →

31
127
372
0

XARA, deconstructed: An in-depth look at OS X and iOS cross-app resource attacks

Does the Indiana University XARA whitepaper make your head hurt? Here's an in-depth look at what "cross-app resource attacks" actually mean for your iOS and OS X systems.

More →

25
110
224
0

1Password and the XARA WebSocket exploit

The makers of 1Password have gone into detail about how the unauthorized cross-resource attack (XARA), specifically the WebSockets exploit, affects their app

More →

2
10
58
0

Understanding Apple and privacy

A lot of people are getting a lot of things wrong about Apple's stance on privacy and security, and what it means for the future.

Last week Apple's CEO, Tim Cook, once again reiterated the company's belief that people have a right to privacy and security, and that the cost of free-as-in-paid-for-by-your-data services isn't always clearly understood. Those for who believe the conversation about privacy and security is the most important of our generation appreciated someone as powerful and influential as Cook giving it the spotlight it deserves. Those who believe the advancement of technology requires the relinquishing of previously held beliefs about privacy and security, however, reacted harshly. The problem is, many of them also reacted in a way that's just plain wrong.

More →

168
62
180
0

Pages