Security News

Apple macOS X users with HP printers are left unable to print from their computers after Apple revoked a certificate that signed HP's print drivers. As observed by BleepingComputer, when printing a document from a MacBook running macOS Catalina and Mojave users with HP printers.

A massive data breach suffered by the Nitro PDF service impacts many well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank. On October 21st, Nitro Software issued an advisory to the Australia Stock Exchange, stating that they were affected by a "Low impact security incident" but that no customer data was impacted.

Apple has inadvertently given the thumbs up to six new malware variants, according to researchers at Mac security solutions provider Intego. Application developers have the possibility to submit their software to Apple for scanning purposes and have it automatically notarized if deemed malware-free.

Five researchers hacked Apple Computer's networks - not their products - and found fifty-five vulnerabilities. They have received $289K. One of the worst of all the bugs they found would have allowed criminals to create a worm that would automatically steal all the photos, videos, and documents from someone's iCloud account and then do the same to the victim's contacts.

A team of vulnerability spotters have netted themselves a six-figure payout from Apple after discovering dozens security holes in the Cupertino giant's computer systems, some of which could have been exploited to steal iOS source code, and more. Curry said the group decided to target Apple's public-facing networks in July, a few weeks after seeing the story of Bhavuk Jain, who earned $100,000 for finding a bug in Apple's customer sign-in system.

A team of researchers has received hundreds of thousands of dollars in bug bounties from Apple for reporting 55 vulnerabilities, including ones that exposed source code, employee and customer apps, warehouse software, and iCloud accounts. Researchers Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb and Tanner Barnes decided in early July to take part in Apple's bug bounty program and attempt to find as many vulnerabilities as possible in the tech giant's systems and services.

Among the flaws found in core portions of Apple's infrastructure includes ones that would have allowed an attacker to: "Fully compromise both customer and employee applications; launch a worm capable of automatically taking over a victim's iCloud account; retrieve source code for internal Apple projects; fully compromise an industrial control warehouse software used by Apple; and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources," he wrote. iCloud is an automatic storage mechanism for photos, videos, documents, and app related data for Apple products.

A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws - including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities - could have allowed an attacker to "Fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources."

Apple's T2 security chip is insecure and cannot be fixed, a group of security researchers report. Over the past three years, a handful of hackers have delved into the inner workings of the custom silicon, fitted inside recent Macs, and found that they can use an exploit developed for iPhone jailbreaking, checkm8, in conjunction with a memory controller vulnerability known as blackbird, to compromise the T2 on macOS computers.

A researcher is claiming that Apple devices - with a macOS operating system and a T2 security chip - are open to an exploit that could give bad actors root access. The flaw stems from the T2 chip, which is the second-generation version of Apple's chip that provides bolstered security - including securing its Touch ID feature, as well as providing the foundation for encrypted storage and secure boot capabilities.