Security News

Apple has removed a contentious macOS feature that allowed some Apple apps to bypass content filters, VPNs and third-party firewalls. The feature, first uncovered in November in a beta release of the macOS Big Sur feature, was called "ContentFilterExclusionList" and included a list of at least 50 Apple apps - including Maps, Music, FaceTime, the App Store and its software update service.

Apple has removed the Parler social network app from the App Store for violating policies, including not providing an updated moderation plan or an updated app with objectionable content removed. "To ensure there is no interruption of the availability of your app on the App Store, please submit an update and the requested moderation improvement plan within 24 hours of the date of this message. If we do not receive an update compliant with the App Store Review Guidelines and the requested moderation improvement plan in writing within 24 hours, your app will be removed from the App Store," Apple warned in the email.

Intel has gingerly dipped a toe into the face-based authentication market with the launch of its RealSense ID product. In terms of security, Chipzilla has made some bold claims, stating RealSense ID has a one-in-one-million false acceptance rate and can withstand the usual attempts to circumvent face-based authentication tools, like masks and photographs, with - according to its RealSense webpage - a spoof acceptance rate of less than 0.1 per cent.

A federal judge Tuesday dismissed Apple's copyright infringement lawsuit against cybersecurity startup Corellium in a case which could have implications for researchers who find software bugs and vulnerabilities. Judge Rodney Smith said Apple failed to show a legal basis for protecting its entire iOS operating system from security researchers.

Apple users are experiencing problems setting up new devices or accessing files stored on the cloud due to an ongoing iCloud outage that has lasted for more than 24 hours. Starting yesterday at 4:45 AM EST, Apple has been experiencing an outage with its iCloud service that prevents users from logging into the service, accessing files, or setting up new devices.

All of the operators used the NSO Group's infamous Pegasus spyware as their final payload. Pegasus is a mobile phone-surveillance solution that enables customers to remotely exploit and monitor devices. The latest version of the Pegasus implant has a number of capabilities, according to Citizen Lab, including: Recording audio from the microphone including both ambient "Hot mic" recording and audio of encrypted phone calls; taking pictures; tracking device location; and accessing passwords and stored credentials.

Jack Wallen shows you how easy it can be to encrypt text to be sent via email, using Apple Mail and the GPG Suite. With the right pieces in place in macOS, you can copy a block of text from any application, encrypt it, paste it into the body of an email, and send it to any user that has shared their public key with you.

Facebook is again pushing back on new Apple privacy rules for its mobile devices, this time saying in full page newspaper ads that the social media giant is standing up for small businesses. In ads that ran in The New York Times, The Wall Street Journal and other national newspapers Wednesday, Facebook said Apple's new rules "Limit businesses' ability to run personalized ads and reach their customers effectively."

The next time you try to download an app from the App Store onto your iPhone or iPad, you may notice a new App Privacy section that seeks to clue you in on certain details. With the release of iOS/iPadOS 14.3 this past Monday, any new or updated app must include a privacy label, otherwise it won't be allowed on the App Store.

Updates released this week by Apple for its macOS operating systems patch a total of 59 vulnerabilities, including roughly 30 that could lead to the execution of arbitrary code. Some of the bugs, Apple explains in its advisory, could be exploited to execute code with system or kernel privileges.