Skip to content
Thoughtful, detailed coverage of everything Apple for 32 years
and the TidBITS Content Network for Apple professionals

Category: Security

Adam Engst 3 comments

Additional GoTo Data Stolen in the LastPass Breach

The repercussions of the LastPass breach continue to resonate, with parent company GoTo now admitting that data associated with its services Central, Pro, join.me, Hamachi, and RemotelyAnywhere was also stolen. Change your passwords and look for alternatives.

Adam Engst 7 comments

Apple Releases iOS 16.3, iPadOS 16.3, and macOS 13.2 Ventura with Hardware Security Key Support

The latest versions of Apple’s main operating systems add Security Keys for Apple ID, celebrate Black History Month with a new Unity Lock Screen wallpaper and Unity Mosaic Apple Watch face, and fix bugs and security vulnerabilities.

Adam Engst 3 comments

iOS 12.5.7 and iOS/iPadOS 15.7.3 Provide Security Fixes

If you’re still using an iPhone or iPad that can’t update to iOS 16, Apple has released security updates for iOS 12 and iOS 15.

Adam Engst 41 comments

An Annotated Field Guide to Identifying Phish

Phishing is one of the main ways that attackers breach corporate systems and compromise individual accounts. Follow along as Adam Engst walks you through six representative phishing messages and explains what aspects of them should trigger warning bells.

Adam Engst 21 comments

International Verify Your Backups Day

What better day than Friday the 13th to check that your backups are actually working by restoring some critical files?

Adam Engst 45 comments

iPhones and iPads Now Require a Passcode on Every Backup/Sync

People who use their Macs to back up or sync their iPhones and iPads have discovered they must enter their device passcode for every connection. What’s up with that?!? Adam Engst explains: it’s Apple’s ham-handed response to a security vulnerability.

Adam Engst 45 comments

LastPass Shares Details of Security Breach

Password management service LastPass announced that attackers stole unencrypted customer account data and encrypted usernames and passwords. This is a terrible, horrible, no good, very bad thing for LastPass, though LastPass users shouldn’t be at significant risk—as long as they heeded the company’s advice and have strong master passwords.

Adam Engst 10 comments

iOS 15.7.2 and iPadOS 15.7.2 Block Exploited Security Vulnerability

Update to these versions of iOS and iPadOS to protect your older iPhone or iPad from malicious Web content that takes advantage of a now-fixed WebKit vulnerability.

Adam Engst 40 comments

Apple Releases iOS 16.2, iPadOS 16.2, macOS 13.1 Ventura, watchOS 9.2, and tvOS 16.2

Apple has updated all of its operating systems, adding the Freeform digital whiteboard app, support for Advanced Data Protection for iCloud, Apple Music Sing, Stage Manager on external displays, and various smaller improvements. A fix for a serious security vulnerability encourages updating soon.

Adam Engst 34 comments

Apple’s Advanced Data Protection Gives You More Keys to iCloud Data

Apple has announced Advanced Data Protection, an optional switch that enables end-to-end encryption for more types of iCloud data, including iCloud Backups, iCloud Drive, Photos, Notes, Reminders, and more.

Adam Engst 18 comments

Eufy Home Security Cameras Caught Uploading Footage to the Cloud

For Anker's Eufy brand, secure design apparently takes a back seat to empty privacy promises. The Verge confirmed the finding by security consultants that Eufy cameras can stream encryption-free video through the cloud, all in violation of the company's claims.

Adam Engst 7 comments

1Password Previews Prospective Passkey Plans

Passkey promises from password-manager 1Password, brought to you by the letter P.

Josh Centers 31 comments

iOS 16.1.1, iPadOS 16.1.1, and macOS 13.0.1 Ventura Plug Two Security Holes

iOS 16.1.1, iPadOS 16.1.1, and macOS 13.0.1 Ventura close a couple of concerning security vulnerabilities related to libxml2. Update soon to protect yourself.

Adam Engst 5 comments

Ventura Bug Disables Real-Time Security Software

A macOS 13.0 Ventura bug revolving around Full Disk Access permissions is preventing real-time protection features in security software from operating. Thomas Reed of Malwarebytes shares a workaround until Apple fixes the bug in macOS 13.1.

Josh Centers No comments

Apple Launches Consolidated Security Site

Apple has created a new Apple Security Research website to centralize all of the company’s security resources.