Lucian ConstantinRomania Correspondent, IDG News Service

Lucian Constantin writes about information security, privacy, and data protection for the IDG News Service.

IPhone 6S launch in Palo Alto

Apple fixes iOS lock screen bypass that gives access to photos, contacts

Apple has reportedly fixed a vulnerability that could have allowed hackers to bypass the passcode on iPhone 6s and 6s Plus running iOS 9.3.1 in order to access the address book and photos.

Apple iPhone 5S (1)

Hackers can abuse the iOS mobile device management protocol to deliver malware

Researchers from Check Point Software Technologies found that the communication between MDM products and iOS devices is susceptible to man-in-the-middle attacks and can be hijacked to install malware on non-jailbroken devices.

Apple iPhone 5S (1)

Attackers exploit Apple DRM weakness to infect non-jailbroken iOS devices

Attackers are exploiting a weakness in Apple's digital rights management technology to install malicious apps on non-jailbroken iOS devices.

Digital Key, security, encryption

Mac ransomware KeRanger has flaws that could let users recover files

The KeRanger file-encrypting ransomware program for Mac OS X is based on Linux.Encoder and contains crypto flaws that could allow users to recover their files without paying cybercriminals.

Apple iPhone 5S (1)

Apple goofed in several ways in fight with FBI over data encryption, renowned cryptographer says

Adi Shamir, co-creator of the widely used RSA cryptographic algorithm, believes that Apple should have assisted the FBI in decrypting the iPhone of one of the San Bernardino shooters and choose to resist in a future situation.

Apple iPhone 5S (3)

Chinese devs abuse free Apple app-testing certs to install pirated apps

A Chinese iOS application recently found on Apple's official store contained hidden functionality that allowed users to install pirated apps on non-jailbroken devices, a technique that could also be leveraged by malware in the future.

simplisafe home security system

Popular home security system SimpliSafe can be easily disabled by burglars

Attackers can easily disable SimpliSafe home security systems from up to 30 meters away by using a device that costs around $250 to create, researchers from security firm IOActive found.

Apple iPhone 5S (1)

Increasingly popular "hot patching" update tool for iOS apps puts users at risk

An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through the official app store's review process, an action that poses security risks for users.

Java logo browser

Oracle's killing a favorite security hole for attackers: the Java browser plug-in

Next year, the Java browser plug-in, which is frequently the target of Web-based exploits, will be retired by Oracle.

osxyosemite

Google-owned VirusTotal starts analyzing Mac malware in a sandbox

VirusTotal, the most widely used online file scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.

my passport

Western Digital encrypted external hard drives have flaws that can expose data

The hardware-based encryption built into popular Western Digital external hard disk drives has flaws that could allow attackers to recover data without knowing the user password.

Emergency Flash Player patch fixes critical flaw being exploited in the wild

Adobe released a patch for a critical vulnerability in Flash Player in response to high-profile cyberespionage attacks against governmental targets.

Apple iPhone 5S (1)

Thousands of iOS apps infected by XcodeGhost

Security researchers have identified over 4,000 iOS apps that have malicious code added by a rogue version of the Xcode development tool.

iOS 9 on iPhone 6

$1 million bounty dangled for Apple iOS 9 jailbreak exploits

Zerodium, an exploit acquisition company, promises to pay $1 million to researchers who provide it with an exclusive, browser-based and untethered jailbreak for the latest Apple iOS 9 operating system.

iphone6

Vulnerability in enterprise-managed iOS devices puts business data at risk

A vulnerability in the iOS sandbox for third party applications, like those installed by companies on their employees' devices, can expose sensitive configuration settings and credentials.