Apple on Monday rolled out a series of patches for nearly all of its operating systems, OS X, iOS, its smart watch operating system, watchOS, and Apple TV’s tvOS, along with fixes for both iTunes and Safari. OS X received the lion’s share of the updates, 67 in total, bringing Apple’s operating system El Capitan to...

A Twitter business partner, whose service sifts through Twitter’s so-called fire hose of tweets as well as data from other sources to ascertain patterns in breaking news events, has been told to no longer provide its services to the U.S. intelligence community. The Wall Street Journal on Sunday reported that the arrangement between Dataminr—Twitter owns...

Apple has updated its Xcode development environment, patching two vulnerabilities in its implementation of git. Git is a version control system, and in March its handlers patched two flaws that exposed the software to remote code execution. The new version of Xcode, 7.3.1, is available for El Capitain v 10.11 and later. Apple said it...

Mike Mimoso and Chris Brook discuss the news of the week, including BlackBerry CEO’s stance on lawful access principles, the FBI/Apple hearing, Viber adding end-to-end crypto, Teslacrypt, and more. http://traffic.libsyn.com/digitalunderground/Threatpost_News_Wrap_April_22_2016.mp3 Download: Threatpost_News_Wrap_April_22_2016.mp3 Music by Chris Gonsalves

Apple’s latest transparency report published on Wednesday shows a big increase in the number of law enforcement and government requests for account and device data. Publication of the report comes on the heels of the latest chapter in the Apple-FBI tussle over encryption and privacy. Tuesday’s hearing before the House Energy and Commerce Committee dredged up...

Representatives from Apple and the FBI testified Tuesday at a House Energy and Commerce Committee hearing on the ongoing encryption debate. Both vowed to work cooperatively to move past the current encryption impasse and find common ground. They also used the hearing to clarify stances on encryption and set the record straight on the FBI’s use...

The Zero Day Initiative has publicly disclosed a pair of serious vulnerabilities in Apple QuickTime for Windows that will not be patched because Apple is deprecating the product for the Microsoft platform. US-CERT today pushed out an alert advising QuickTime for Windows users that the only mitigation is to uninstall the software. “Computers running QuickTime...

At the height of the Apple-FBI battle, researchers at Johns Hopkins University tunneled their way through the encryption protocol protecting iMessage to get at content sent via the Apple application Last week, a decidedly less complicated approach surfaced. Rather than having to learn crypto, inject malware or establish a man-in-the-middle position on the network, a...

Mike Mimoso and Chris Brook recap the week in news, including how the FBI cracked that iPhone, the barrage of ransomware hitting hospitals, and the Hack the Pentagon bug bounty trial program announcement. Download: Threatpost_News_Wrap_-_April_1_2016.mp3 Music by Chris Gonsalves

Apple’s Developer Enterprise Program has been abused in the recent past to push malicious apps onto iOS devices, most notably with the WireLurker, XcodeGhost and YiSpecter attacks. In all three cases, attackers legitimately obtained certificates under the program, which is available to enterprises wishing to develop and internally distribute mobile apps for their workforces without...