Apple has finally fixed a serious OS X security vulnerability that had left millions of users exposed to potential eavesdropping or account hijacking.
In a terse note this morning accompanying a system software update, the company acknowledged that "an attacker" could "capture or modify data" transferred with Safari, Mail, iCloud and other Apple-created applications even though the communication streams were supposed to be securely encrypted.
The security vulnerability quickly became known as the "gotofail" bug after a review of Apple's publicly posted code showed an errant duplicate statement created the glitch. Apple previously … Read more
Every tap, touch, and press you make on your iPhone and iPad could be monitored and captured remotely due to an iOS security flaw. At least, that's the claim from security firm FireEye.
In a blog posted Monday, FireEye researchers said they conducted a test on non-jailbroken iOS 7.0.x devices in which they installed a "monitoring" app. This app was able to record all touch and press events in the background, including screen touches, home button presses, volume button presses, and TouchID presses. Based on its findings, the team concluded that an attacker could use … Read more
Promising to make advanced home security easier and more accessible, Swann Security is introducing SwannSecure, a new wireless IP camera kit due in retail outlets this April.
Based in Australia, Swann has been manufacturing cameras and security devices for over 25 years. It was just last year, though, that they launched SwannLink, a peer-to-peer network designed to help consumers connect their security systems with devices like phones and tablets via the internet. The SwannSecure kit is the latest offering to fall in line with that initiative, consisting of an indoor/outdoor, Wi-Fi ready camera that you'll be able to … Read more
Samsung unveiled its new Galaxy S5 smartphone on Monday and it's full of bells and whistles, like a bigger display, improved camera, and built-in fingerprint sensor.
By no means is Samsung the first smartphone maker to debut fingerprint authentication, but it has done something different -- the Galaxy S5's sensor will also act as password protection for PayPal payments.
Samsung and PayPal announced Monday that they've partnered on the Galaxy S5 to let users pay for items password-free at all online and brick-and-mortar stores that accept PayPal. Users only need their fingerprint to buy goods.
This type … Read more
TextSecure is a far cry from driving a multibillion-dollar buyout. But for people who care about having their SMS and instant messages protected from prying eyes, it's an app that just got easier to use and more secure.
The new Android version of TextSecure, announced Monday, still uses the TextSecure v2 protocol that debuted with its CyanogenMod integration last year. Open WhisperSystems' founder, a security researcher and developer who goes by the pseudonym Moxie Marlinspike, said that the partnership has helped his company.
"It's been great," he said. "Their userbase is enormous, and it's … Read more
A password manager is such an essential tool nowadays, I'm surprised Apple and Microsoft don't build one into OS X and Windows.
Because, seriously, virtually everything you do on the Web requires a password: Amazon, eBay, Evernote, Facebook, Gmail, your bank, your airline, and on and on. And most people are terrible about creating and managing passwords, which is understandable because it's a pretty big hassle.
Eye-scanning firm EyeVerify is adding its eye-vein technology to AirWatch's Secure Content Locker -- a business-centric app that keeps your work documents secure from prying eyes.
Unveiling its latest tie-up at mobile mega-show Mobile World Congress in Barcelona, EyeVerify says that businesses who use AirWatch's technology can enable the biometric security from the AirWatch console, saving users the hassle of typing in a passcode by scanning their eyes instead.
Apple said it will fix a bug "very soon" that allows hackers to spy on financial, e-mail, and other personal data on computers from its Mac desktop and notebook lineup.
The Cupertino, Calif.-based technology giant confirmed in an e-mail to Reuters that it was aware of the issue and already has a software fix that will be released likely in the next few days.
SSL, or Secure Sockets Layer, is one of the most basic forms of encrypting Internet traffic. Without it, almost anybody can see what you're doing online. According to Apple's full description of the update, the software previously had problems validating the authenticity of the connection, and the software fix restores steps that were missing in the validation process.
The company said the fix would stop an attacker from capturing and modifying … Read more