Categories
Apple Hack Hacks News privacy security Software

Hackers uncover two critical Safari vulnerabilities at Pwn2Own conference in Vancouver

Sometimes hacks are a good thing. Over at the Pwn2Own security conference in Vancouver, no less than two major security flaws were discovered in Apple’s Safari web browser. The flaws, if exploited, could allow an outside party to seize full control of a targeted Mac. Demonstrated by the “phoenhex & qwerty” team during the contest, […]

Categories
Apple News privacy security Thunderbolt USB-C

Cyber security researchers detail USB-C Thunderbolt hack, offer advice to avoid the hack

And this is why you don’t plug random devices into the USB-C ports on your Mac. A group of researchers over at Light Blue Touchpaper have detailed a vulnerability through the Thunderbolt interface with USB-C ports. The attack, if executed correctly, can give hackers full access to data that “should never leave the machine. On […]

Categories
Apple Developer macOS Mojave privacy security

macOS Mojave flaw could expose Safari browsing history

A recently discovered flaw in macOS Mojave could expose your Safari browsing history. On February 8th, developer Jeff Johnson noted that certain folders in Mojave have restricted access that is forbidden by default, such as ~/Library/Safari. Only a few apps can access this folder, but according to Mr. Johnson there’s a way to bypass the restriction […]

Categories
Apple FaceTime iOS macOS Mojave privacy security

Apple addresses Group FaceTime bug via iOS 12.1.4, macOS 10.14.3 Supplemental Update releases

With any luck, Apple has nixed the Group FaceTime exploit that led to a wave of criticism in recent weeks. The company has released both iOS 12.1.4 as well as a supplemental update to macOS Mojave with both updates re-enabling Group FaceTime by fixing a security hole that potentially allowed others to listen in to […]

Categories
Apple FaceTime privacy security

Apple could reward teenager who discovered Group FaceTime exploit via its bug bounty program

It looks like the teenager who discovered the Group FaceTime audio bug could be rewarded by Apple’s bug bounty program.

One week after social media picked up on a FaceTime exploit that allowed callers to eavesdrop on a recipient before the call is picked up, the original discoverer has been visited by an unnamed Apple executive.

“They also indicated that Grant would be eligible for the bug bounty program. And we would hear from their security team the following week in terms of what that meant,” said discoverer Grant Thompson’s mother Michele Thompson. “If he got some kind of bug bounty for what he found we’d certainly put it to good use for his college because I think he’s going to go far, hopefully. This is actually a field he was interested in before and even more so now.”