Skip to content
Thoughtful, detailed coverage of everything Apple for 33 years
and the TidBITS Content Network for Apple professionals

Category: Security

Adam Engst 12 comments

OS Security Updates Address Three More Exploited Vulnerabilities

Updates for macOS 13 Ventura, macOS 12 Monterey, iOS 17 and 16, iPadOS 17 and 16, and watchOS 10 and 9 fix a trio of security vulnerabilities likely being used to install the NSO Group's Pegasus spyware. Install the updates soon.

Adam Engst 87 comments

Five Unexpected Announcements from Apple’s Wonderlust Event

Sure, Apple announced the iPhone 15, Apple Watch Series 9, and Apple Watch Ultra 2 at its Wonderlust event on 12 September 2023. But we weren’t expecting these additional announcements.

Adam Engst 15 comments

OS Security Updates Plug Image and Wallet Vulnerabilities Exploited by Pegasus Spyware

Updates for macOS 13 Ventura, iOS 16, iPadOS 16, watchOS 9, and older Apple operating systems fix a pair of zero-click security vulnerabilities that are being used to install the NSO Group's Pegasus spyware. Install the updates soon.

Adam Engst 4 comments

Apple Explains Pullback from CSAM Photo-Scanning

In a letter responding to a child safety group, Apple has outlined its reasons for dropping its proposed scanning for child sexual abuse material in iCloud Photos. Instead, the company is focusing on its Communication Safety technology, which detects nudity in transferred images and videos.

Adam Engst 16 comments

Backblaze Raises Prices, Makes Extended Version History Standard

Online backup company Backblaze has announced that it will be raising prices on 3 October 2023 for new purchases and renewals, but everyone will be able to get the $2-per-month 1-year extended version history for free.

Adam Engst 6 comments

Apple Releases 24-Jul-2023 Security Updates for All Active Operating Systems

Updates to new and old versions of macOS, iOS, iPadOS, watchOS, tvOS, and HomePod Software address numerous security vulnerabilities, several of which have been exploited in the wild. Install them soon.

Adam Engst 13 comments

BookBITS: “Red Team Blues” by Cory Doctorow

Adam Engst recommends Cory Doctorow’s latest thriller. It’s an exciting read set in the tech world of today but populated by characters whose history dates back to the 1990s. It’s all fiction, but broad swaths ring surprisingly true.

Adam Engst 20 comments

Rapid Security Responses for iOS/iPadOS 16.5.1 (c) and macOS Ventura 13.4.1 (c)

Apple has re-released the recent Rapid Security Responses for its flagship operating systems to plug a WebKit vulnerability that’s being exploited without causing website loading issues. Install the updates as soon as feasible.

Adam Engst 17 comments

Apple Pulls Rapid Security Responses Due to Website Loading Issues

If you're experiencing website loading issues—notably with Facebook and Instagram—after installing the recent Rapid Security Responses, you may want to remove them until Apple fixes the problem and releases new ones.

Adam Engst 15 comments

Two-Factor Authentication, Two-Step Verification, and 1Password

Is it true two-factor authentication if 1Password auto-fills security codes for you? Thanks to a 1Password blog post, we now know the answer: No, it’s two-step verification instead.

Adam Engst 24 comments

Rapid Security Responses for iOS/iPadOS 16.5.1 (a) and macOS Ventura 13.4.1 (a)

Apple has released Rapid Security Responses for its flagship operating systems to plug a WebKit vulnerability that’s being exploited. Install them as soon as feasible.

Adam Engst 8 comments

How to Identify and Eliminate Abusive Web Notifications

There’s nothing new about notification adware, system-level alerts from malicious websites that try to lure you into sharing login credentials, credit card info, or other personal information. A recent uptick in reports caused Adam Engst to explore the topic more deeply to help readers learn to identify and eliminate abusive notifications.

Adam Engst 14 comments

Apple Updates All Active Operating Systems to Block Exploited Security Vulnerabilities

Updates to new and old versions of macOS, iOS, iPadOS, and watchOS address kernel and WebKit security vulnerabilities actively exploited in the wild. Install them as soon as you reasonably can.

Adam Engst 10 comments

Google’s .zip Provides Another Reason to Beware of Wacky Top-Level Domains

Google's new .zip top-level domain has raised concerns from the security community due to the ease with which it enables ambiguous URLs that could be used in phishing attacks.

Adam Engst 9 comments

Sports and Bugs in tvOS 16.5, macOS 13.4 Ventura, iOS 16.5, iPadOS 16.5, watchOS 9.5, and HomePod Software 16.5

The latest updates to Apple’s operating systems increase the visibility of sports in Apple News and bring four-up multiview sports games to the Apple TV 4K. Otherwise, there are just a few bug fixes and a new Pride Celebration wallpaper and watch face. Most important are the security updates, which explain the Rapid Security Responses and address another zero-day exploit.