Skip to content
Thoughtful, detailed coverage of everything Apple for 33 years
and the TidBITS Content Network for Apple professionals

Category: Security

Adam Engst 69 comments

How a Passcode Thief Can Lock You Out of Your iCloud Account, Possibly Permanently

A follow-up to the Wall Street Journal’s investigation into Apple’s problematic iPhone security design reveals that victims are being locked out of their iCloud accounts.

Adam Engst No comments

iOS 15.7.5 and iPadOS 15.7.5 Address Serious Security Vulnerabilities

Playing catchup with last week's urgent updates, Apple has now released iOS 15.7.5 and iPadOS 15.7.5 to address two concerning security vulnerabilities that are actively being exploited in the wild.

Adam Engst 13 comments

iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 Address Serious Security Vulnerabilities, Fix Bugs

We recommend updating iPhones, iPads, and Macs to protect against two security vulnerabilities that are actively being exploited in the wild. iOS and iPadOS also address issues with Siri, and macOS fixes problems with Auto Unlock with an Apple Watch.

Adam Engst 4 comments

iOS 15.7.4 and iPadOS 15.7.4 Provide Security Fixes

Alongside its current operating systems, Apple has released iOS 15.7.4 and iPadOS 15.7.4 to address a slew of security vulnerabilities, one of which is actively being exploited in the wild.

Adam Engst 58 comments

Apple Releases iOS 16.4, iPadOS 16.4, macOS 13.3 Ventura, watchOS 9.4, tvOS 16.4, and HomePod Software 16.4

It’s update day at Apple again, with updates to all the company’s operating systems. A few changes may be particularly welcome, including Voice Isolation for cellular calls, duplicate handling in an iCloud Shared Photo Library, and Web app notifications.

Adam Engst 36 comments

LastPass Publishes More Details about Its Data Breaches

LastPass was heavily criticized for communicating insufficient details after it lost customer vault data in a breach. A collection of new posts attempt to rectify that mistake—but it’s not enough for Adam Engst, who shares his experiences switching from LastPass to 1Password.

Adam Engst 44 comments

How a Thief with Your iPhone Passcode Can Ruin Your Digital Life

The Wall Street Journal reports on a spate of attacks in which iPhone thieves obtain your passcode and then change your Apple ID password, disable Find My, make purchases with Apple Pay, and more. Some attacks are as simple as the miscreants surreptitiously watching you enter your passcode; others involve violence. Read on to learn how to protect yourself.

Adam Engst 20 comments

iOS 16.3.1, iPadOS 16.3.1, macOS 13.2.1 Ventura, watchOS 9.3.1, tvOS 16.3.2, and HomePod Software 16.3.2 Fix Bugs and Security Vulnerabilities

Responding to a nasty WebKit vulnerability that is being actively exploited in the wild, Apple has released updates to all its current operating systems. We recommend updating soon.

Adam Engst 3 comments

Additional GoTo Data Stolen in the LastPass Breach

The repercussions of the LastPass breach continue to resonate, with parent company GoTo now admitting that data associated with its services Central, Pro, join.me, Hamachi, and RemotelyAnywhere was also stolen. Change your passwords and look for alternatives.

Adam Engst 31 comments

Apple Releases iOS 16.3, iPadOS 16.3, and macOS 13.2 Ventura with Hardware Security Key Support

The latest versions of Apple’s main operating systems add Security Keys for Apple ID, celebrate Black History Month with a new Unity Lock Screen wallpaper and Unity Mosaic Apple Watch face, and fix bugs and security vulnerabilities.

Adam Engst 3 comments

iOS 12.5.7 and iOS/iPadOS 15.7.3 Provide Security Fixes

If you’re still using an iPhone or iPad that can’t update to iOS 16, Apple has released security updates for iOS 12 and iOS 15.

Adam Engst 67 comments

An Annotated Field Guide to Identifying Phish

Phishing is one of the main ways that attackers breach corporate systems and compromise individual accounts. Follow along as Adam Engst walks you through six representative phishing messages and explains what aspects of them should trigger warning bells.

Adam Engst 53 comments

iPhones and iPads Now Require a Passcode on Every Backup/Sync

People who use their Macs to back up or sync their iPhones and iPads have discovered they must enter their device passcode for every connection. What’s up with that?!? Adam Engst explains: it’s Apple’s ham-handed response to a security vulnerability.

Adam Engst 46 comments

LastPass Shares Details of Security Breach

Password management service LastPass announced that attackers stole unencrypted customer account data and encrypted usernames and passwords. This is a terrible, horrible, no good, very bad thing for LastPass, though LastPass users shouldn’t be at significant risk—as long as they heeded the company’s advice and have strong master passwords.

Adam Engst 10 comments

iOS 15.7.2 and iPadOS 15.7.2 Block Exploited Security Vulnerability

Update to these versions of iOS and iPadOS to protect your older iPhone or iPad from malicious Web content that takes advantage of a now-fixed WebKit vulnerability.