A vulnerability in iOS 8, 9, 10, and even the most recent beta version, 10.2 beta 3, could allow an attacker to access photos and contacts on a locked iPhone.

An issue in iOS WebView that is trivial to exploit can give an attacker the ability to trigger phone calls from a targeted device, researcher Collin Mulliner said.

A phishing campaign aimed at Apple users in China that relies heavily on typosquatting has resurfaced.

Apple said over the weekend it would soon distrust certificates issued by WoSign’s Free SSL Certificate G2 intermediate CA on macOS.

The latest on the Yahoo breach, Germany’s problem with WhatsApp-Facebook, Facebook’s osquery tool for Windows, and Zerodium’s $1.5M iOS bounty are all discussed.

The news of the week is discussed, including Schneier’s DDoS article, a patched IE/Edge zero day, a new OS X malware detection method, and Google’s Project Zero prize.

Apple has finally moved its iOS security update mechanism to HTTPS with today’s release of iOS 10. Previously, updates were sent to devices over HTTP and attackers already present on a network could potentially intercept and manipulate updates. “An issue existed in iOS updates, which did not properly secure user communications. This issue was addressed...

When it comes to detecting OS X malware, the future may not be rooted in machine learning algorithms, but patterns and heatmap visualization, a researcher posits. In an academic paper published by Virus Bulletin on Monday, Vincent Van Mieghem, a former student at the Delft University of Technology in the Netherlands, describes how a recurring pattern...

Researchers on Wednesday confirmed that an OS X variant of a recently discovered family of cross-platform backdoors exists. Stefan Ortloff, a researcher with Kaspersky Lab’s Global Research and Analysis Team, identified the family of backdoors called Mokes in January, but it wasn’t until Tuesday that an OS X variant was discovered. Ortloff wrote a technical breakdown of the...

The disclosure a week ago that three Apple iOS zero days were used to spy on a political dissident from the United Arab Emirates included high-profile exposes of the activities of a cyber arms-dealing outfit in Israel known as the NSO Group and an emergency update for iOS. Last night, Apple expanded the scope of...