Don't-Miss Security Stories

computer security stock image

OpenSSL fixes severe flaw that could enable man-in-the-middle attacks

The vulnerability allows attackers to generate rogue certificates that pass OpenSSL's validation

icloud security primary

Apple drops Recovery Key in new two-factor authentication for El Capitan and iOS 9

Apple said at WWDC it would build a more integrated and comprehensive two-factor security system into its next OS releases, and today explains what that means.

hacking team

Hacking Team hack reveals why you shouldn't jailbreak your iPhone

A massive breach in the private data of a firm that sells software to governments to spy on communications shows that jailbroken iPhones are vulnerable.

cloak vpn icon ios

Private I: Hijacked DNS puts iOS virtual private networks at slight risk

A new research paper revealed a method of fooling a VPN that two iOS developers found applies to iOS. The scope is critical, but it should be hard to exploit.

istock 000027776618large

Make the most of your Mac by adding NAS

Pair your Mac with NAS to save time and reduce stress through easier downloads, improved organization, smoother backups, and more.

apple music connect primary

Podcast 463: Apple Music launch and security updates galore

Glenn helps Susie feel safer with his copious knowledge of OS X security. Susie helps Glenn figure out Apple Music. That's what friends are for.

Apple releases tons of security updates for recent flaws and exploits

Along with Apple Music came fixes for a laundry list of exploits and a long-overdue change to Apple's digital certificate policy.

mediumsignin

Medium stays firmly anti-password with radical e-mail-based logins

The blogging platform no longer requires a Twitter or Facebook account, but still won't let you create a password.

adobe flash logo

Adobe patches zero-day Flash Player flaw used in targeted attacks

The vulnerability has been exploited by a China-based cyberespionage group for several weeks, security firm FireEye says.

mac app store

Zero-day exploit lets App Store malware steal OS X and iOS passwords

A new research paper reveals methods for OS X and iOS malware that makes it into the App Store to steal passwords and app data, as well as hijack session tokens.

lastpass

Online password locker LastPass hacked

Users will need to change their master passwords after the company detected a breach.

phish fake icloud login

A Trojan horse to phish iCloud passwords lurks in an iOS Mail bug

A researcher finds that Mail in iOS improperly filters HTML, allowing a pop-up menu to appear that closely mimics the iCloud log in.

icloud drive web

Apple Mail flaw could pose risk to iCloud passwords

A researcher says he notified Apple in January but the flaw has yet to be patched.

officeipad 2

With iOS 9, developers will be able to limit their apps to newer devices

New functionality means that devices like the iPad 2 and iPad mini will be blocked from installing certain apps