SEARCH
Archive
Apple Fixes Passcode Bypasses in iOS 12.01
In a small update to iOS, Apple has fixed two bugs that allowed someone to bypass the passcode on a locked iPhone.
Don’t Skip User Authentication on MDM Even With Apple’s DEP
Duo Labs researchers discovered that Apple was using serial numbers to authenticate devices with its Device Enrollment Program (DEP). If organizations treat DEP as a trust broker and assume DEP-registered devices are trusted, they expose themselves to a variety of risks, including rogue devices receiving internal network configuration settings.
How iOS 11.4.1 Stops USB Attacks and Bad Emojis
In its latest release of iOS, Apple has included a new feature called Restricted Mode that can prevent USB-based attacks.
A Privacy Tradeoff of the macOS QuickLook Cache
A convenient feature in macOS called QuickLook can leak information about files that users preview, even in encrypted containers.
Bug Allows Bypass of Code-Signing Tools on Macs
An issue with the way third-party tools implement Apple's code-signing API can allow malicious files to pass as legitimate ones.