Apple has introduced a new two-factor authentication system designed to help protect users’ iTunes and App Store accounts and prevent attackers or unauthorized users from taking over users’ accounts. The system is similar to the one that Google has implemented for Gmail, utilizing verification codes sent via SMS.
Browsing Category: Apple
Apple has patched a handful of security vulnerabilities in iOS, including a bug that was used for the latest iPhone jailbreak tool, called Evasion. Apple iOS 6.1.3 has patches for six vulnerabilities, including the screen lock bypass bug and a flaw in WebKit that can be used to execute arbitrary code.
Apple on Thursday released a large batch of security fixes for its OS X operating system, one of which patches a flaw that allowed Java Web Start applications to run even when users had Java disabled in the browser. OS X 10.8.3 fixes 21 total vulnerabilities, and also includes a new version of the malware removal tool for Apple machines.
Apple has fixed several App Store security issues that first arose last summer, but it hasn’t explained why it took so long to start encrypting communications using public Wi-Fi networks.
It’s getting hard to keep track of all the bugs piling up for Apple’s iPhone. Now it seems a glitch in the iOS kernel of Apple’s much maligned iOS 6.1 is responsible for yet another passcode bypass vulnerability, the second to surface this month. Attackers can apparently access users’ photos, contacts and more by following a series of steps on an iPhone running iOS 6.1.
UPDATE – The missing link connecting the attacks against Apple, Facebook and possibly Twitter is a popular iOS mobile developers’ forum called iPhoneDevSDK which was discovered hosting malware in an apparent watering hole attack that has likely snared victims at hundreds of organizations beyond the big three.
Apple is the latest major American company to enter the security confessional and disclose it has been breached. The company told Reuters today it was attacked by the same crew that hit Facebook, which disclosed its breach last Friday, and that like the social media giant, no data had been stolen.
UPDATE – With enough work, users can bypass the lockscreen on Apple’s ubiquitous iPhone by exploiting a flaw on its most recent operating system iOS 6.1. By simply making an emergency call and holding down the power button on an iPhone twice, users can gain access to the device’s phone feature, view and edit contacts, check voicemail and look through photos, according to reports today.
Apple has fixed dozens of security vulnerabilities in iOS with the release of version 6.1, including a serious flaw in the kernel and a number of bugs in the WebKit framework. The company also revoked trust in the bad TurkTrust certificates that were discovered late last year.
Apple has made updates to its malware definitions to address yesterday’s news of a new OS X Trojan, SMSSend.3666, that was disguising itself as legitimate software and confounding Russian users.