Skip to main content

Security

See All Stories

Security Bite: iCloud Mail, Gmail, others shockingly bad at detecting malware, study finds

email service providers security malware attachments

Email security today has many shortcomings. It is widely known that email service providers cannot prevent every suspicious email from being received. However, a new study by web browser security startup SquareX reveals how little companies are doing to block malicious attachments and protect users.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close
TikTok national security briefing | Eye looking through a hole in a wall

TikTok national security briefing may have had ‘interesting’ source

A classified TikTok national security briefing given to senators may have been in part based on claims made by a fired member of staff who is now making further … interesting claims.

The former staffer says that his firing was instigated by the US attorney general, and that the FBI and CIA shared his personal information with foreign governments …

Expand Expanding Close

Security Bite: This GTA 6-disguised macOS malware performs heist on Keychain passwords

macos malware gta6 security

During an analysis of various splinter samples of a noteworthy macOS stealer, security researchers at Moonlock discovered one with an alarming level of sophistication. Under the disguise of the unreleased video game GTA 6, once installed, the malware executes rather clever techniques to extract sensitive information, such as passwords from a user’s local Keychain.

In typical Security Bite fashion, here’s the breakdown: how it works and how to stay safe.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

TikTok national security briefings “deeply troubling” and should be made public – senators

TikTok national security briefings | Spy camera and Top Secret folder

Two senators who have received classified TikTok national security briefings say that the information revealed to them has left them “deeply troubled.”

They are calling for the information to be declassified, as they say it is “critically important” that the American people can consider the issues for themselves – especially if they currently use the Chinese-owned app …

Expand Expanding Close

Security Bite: Here’s why Apple is being vague with iOS 17.4.1 details

Apple iOS 17.4.1 security fixes

Update: Apple released details on the security patches for iOS 17.4.1, iPadOS 17.4.1, visionOS 1.1.1, as well as macOS 14.4.1. They all patch an integer overflow vulnerability in two separate frameworks. Apple didn’t say whether it was being actively exploited. More details can be found here.

Last week, Apple released iOS 17.4.1 with rather vague release notes claiming to include important bug fixes and security patches. Two days later, the company has yet to add any specifics. This is unusual for Apple, which typically lists critical security patches hours after a release and suggests that the ones in iOS 17.4.1 could be significant or something else entirely…

Expand Expanding Close

Unpatchable security flaw in Apple Silicon Macs breaks encryption

Unpatchable security flaw in Apple Silicon Macs | MacBook with chaotic colorful wallpaper

University researchers have found an unpatchable security flaw in Apple Silicon Macs, which would allow an attacker to break encryption and get access to cryptographic keys.

The flaw is present in M1, M2, and M3 chips, and because the failing is part of the architecture of the chips, there’s no way for Apple to fix it in current devices …

Expand Expanding Close

Security Bite: Here’s what malware your Mac can remove

Security Bite by 9to5mac

Ever wonder what malware can your Mac detect and remove without any third-party software? Recently, security researchers have correlated some bizarre macOS YARA rules used by the built-in XProtect suite with their public names. Here’s what malware it looks for…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Here’s how to protect against ‘GoldPickaxe’, the first iPhone trojan [U]

protect against iPhone trojan GoldPickaxe

An Android trojan called GoldDigger surfaced last year that can steal biometric data and more from victims to compromise their bank accounts. Now the threat has evolved into the GoldPickaxe trojan that can infect iOS and Android. Fortunately, there are several simple ways to protect against the first iPhone trojan, here’s what you should know.

Expand Expanding Close

Security Bite: Hackers breach CISA, forcing the agency to take some systems offline

CISA - US Cybersecurity Agency

CISA says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrastructure.


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close

Global meta outage: What do we know, and what was the likely cause?

Global meta outage cause | Plug removed from socket

Yesterday’s global meta outage seemingly took out the company’s entire network, with users unable to access Facebook, Messenger, Instagram, Threads, and Quest headsets.

The outage lasted between one and two hours for most users, and while everything now appears back to normal, questions are naturally being asked about what went wrong …

Expand Expanding Close

iOS 17.4 includes 4 important security fixes, 2 were exploited [U]

Regain clarity with CleanMyPhone by MacPaw — the new AI-powered cleaning app that quickly identifies and removes blurred images, screenshots, and other clutter from your device. Download it now with a free trial.


iOS 17.4 is here for all users and comes with lots of changes including new emoji, a CarPlay update, EU App Store changes, quantum security for iMessage, and more. However, there are also important security fixes with the release. Here are all the details.

Expand Expanding Close

Apple on EU iOS changes: Has done its best but DMA makes users less safe

App Store security

Apple is set to release iOS 17.4 to the public next week with a major update for EU users that allows third-party app stores and more. Now ahead of the Digital Markets Act going into effect, Apple has shared the most up-to-date and comprehensive resource about all the changes and its approach and “efforts to protect user security and privacy in the European Union.”

Expand Expanding Close

iPhone spyware company NSO suffers major defeat in US court, in Meta lawsuit

iPhone spyware company NSO must reveal code | Code on monitor viewed through glasses

The Android and iPhone spyware company NSO has suffered a major defeat in a US court, after a judge ruled that the company must hand over its Pegasus code to Meta.

It’s the latest setback for the company, which has been blacklisted in the US, sued by Apple, seen victims alerted by the iPhone maker, and faced severe financial problems

Expand Expanding Close

PSA: Don’t trust Amazon’s Choice video doorbells – some allow anyone to spy on you

Consumer Reports found that some Amazon’s Choice video bells have security so bad that a complete stranger can pair their phone to your doorbell simply by holding the exterior button for eight seconds.

Bad actors can even access still images from thousands of miles away, without needing any credentials for your account, creating a privacy nightmare …

Expand Expanding Close

Security Bite: Jamf warns cyber hygiene among many Apple-using businesses is ‘abysmal’

Hey, Arin here. Last week was the busiest for security so far this year. We saw an unprecedented offensive on the LockBit ransomware gang; Apple moved to make iMessage future-proof with quantum computer protection, and the topic of this week, Jamf’s new report highlighting some alarming statistics around Apple-using businesses. So, grab your drink of choice. Let’s get into it…


9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.


Expand Expanding Close