Apple’s Box security scare shows the risk of shadow IT

Credit to Author: Jonny Evans| Date: Tue, 12 Mar 2019 10:25:00 -0700

Until enterprise IT truly gets to understand that its own internal systems need to be as easy to use as any iOS app and as easy to learn as an iPhone, potentially damaging data breaches will take place, threatening business confidentiality. Apple is not immune.

Apple and the human interface

The news is that information from some of the world’s biggest names in business – including Apple, Edelman and Discovery Channel – could have been accessed through Box Enterprise, which offers companies bespoke company name-based file archiving and sharing services using this URL construction:

https://<companyname>.app.box.com/v/<filename>

To read this article in full, please click here

Read more

Now you can buy police-grade iPhone hacking tools on eBay

Credit to Author: Jonny Evans| Date: Thu, 28 Feb 2019 06:25:00 -0800

If you want to hack your way into an old iPhone you can get hold of a law enforcement-grade system to do just that for a bargain price on eBay.

I think that’s a crime

I can’t stress this enough.

The very existence of tools like these is a threat to every smartphone user. This is because no matter how many times people argue that these solutions will only see use by law enforcement, these things always proliferate.

The fact that Celebrate systems law enforcement was until recently spending heavily on acquiring are now available on the open market for as little as $100 is a perfect illustration of this.

To read this article in full, please click here

Read more

Apple is losing value and that’s a good thing

Credit to Author: Jonny Evans| Date: Fri, 22 Feb 2019 08:50:00 -0800

Apple must be doing something right as the cost of Apple ID data on the Dark Web has dropped, even as the value of Fortnite, Facebook, Netflix and Uber accounts has increased.

Apple is losing value

Last year, I reported that online scammers were spending up to $15 per account on Apple ID information, making Apple customers, “the most appealing targets” for scammers.

That’s changed.

The latest edition of Top10VPN’s ​Dark Web Market Price Index​ claims scammers are only willing to spend up to $11 for this information today and are targeting arguably less well-secured services instead.

To read this article in full, please click here

Read more

Apple is learning why shortcut security is a bad idea

Credit to Author: Evan Schuman| Date: Wed, 20 Feb 2019 11:00:00 -0800

When Apple launched its enterprise developer certificate program — which helps enterprises make their homegrown apps for employee use-only available through iTunes — it had to make a difficult convenience-vs.-security decision: how much hassle to put IT managers through to get their internal apps posted. It chose convenience and, well, you can guess what happened.

Media reports say pirate developers used the enterprise program to improperly distribute tweaked versions of popular apps — including Spotify, Angry Birds, Pokemon Go and Minecraft — while others used the platform to distribute porn apps along with real-money gambling apps. And all the bad guys had to do was lie to Apple reps about being associated with legitimate businesses. Apple didn’t bother to investigate or otherwise verify the answers.

To read this article in full, please click here

Read more

How to stay as private as possible on Apple's iPad and iPhone

Credit to Author: Jonny Evans| Date: Fri, 08 Feb 2019 09:39:00 -0800

Apple believes in your right to privacy. Here is some advice on how to use the tools it has given you to protect your privacy on an iOS device.

Use a better passcode

You probably already use a 4-digit passcode, but you can improve that with a 6-digit or alphanumeric code.

You change this in Settings>Touch ID/Face ID & Passcode, select Change Passcode and then tap the small Passcode Options dialog. Alphanumeric codes are harder to decipher, just make sure you remember the code.

To read this article in full, please click here

Read more

Why Apple is disabling Safari’s Do Not Track feature

Credit to Author: Jonny Evans| Date: Thu, 07 Feb 2019 03:34:00 -0800

Apple takes privacy very seriously. It takes its leadership in that care seriously, and getting rid of the voluntary ‘Do Not Track’ setting in its Safari browser is the right decision.

Why disabling Safari’s Do Not Track feature is the right thing to do

Apple introduced support for Do Not Track (DNT) in iOS 7, but removed the feature in Safari 12.1.

The problem with DNT is that the signal it sends to websites, analytics firms, plug-in makers and ad networks is a voluntary request, and can be ignored.

To read this article in full, please click here

Read more

Apple publica la primera actualización del año para iOS y macOS ¡Actualiza ya!

Credit to Author: Naked Security| Date: Fri, 25 Jan 2019 12:32:41 +0000

Apple ha publicado las actualizaciones de enero que solucionan la mayoría de las CVE que afectan iOS y macOS con unas pocas que afectan a Safari, watchOS, tvOS e iCloud para Windows. iOS v12.1.3 Esta última versión arregla una lista de CVEs para el iPhone 5 y posteriores, iPad e iPod Touch 6th Generation. Casi [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/KwaI2t9xcYo” height=”1″ width=”1″ alt=””/>

Read more

Apple’s Group FaceTime: A place for spies?

Credit to Author: Jonny Evans| Date: Tue, 29 Jan 2019 05:30:00 -0800

Apple has disabled Group FaceTime following discovery of a flaw that could potentially let people hear audio from other people’s devices without permission. What’s going on and what can you do about it?

The bug, in brief

9to5Mareport based on a video published to Twitter by @BmManski revealed that this flaw lets a user listen to audio captured using another person’s device before they accept or reject the call requesting a FaceTime chat. The problem only affects iOS devices running iOS 12.1 or later (pending an update).

To read this article in full, please click here

Read more