Checklist 229: Zero-Days and WebKit with August Trometer

0-days, WebKit, and Apple’s intentional vagueness. We discuss this week’s updates (and what they mean) with August Trometer.

Mac 0-day bug can bypass key macOS security features

A Mac 0-day bug can bypass key macOS security features — and it’s being actively exploited by the bad guys. Background | Details | Staying Safe

Checklist 228: Updates, Transparency, and Security

On this week’s Checklist: How to unlock an iPhone while wearing a mask; App Tracking Transparency; and a BIG security update for macOS.

Apple releases major updates for macOS, iOS, and more

macOS 11.3, iOS 14.5, and more: major security updates from Apple (including a critical patch for macOS and a big privacy change in iOS).

Facebook Finds New iOS Spyware Phenakite

The iOS spyware threat Phenakite was discovered by Facebook. In this article: What it is | How it works | What iOS users should know.

Checklist 227: Playing AirTag

AirTag is finally here. On this Checklist, we’ll tell you what it is, why some competitors are crying foul, and how it protects your privacy.

iMacs, AirTag, and More at Apple’s Spring Loaded Event

Apple’s Spring Loaded event brings new iMacs, new iPad Pros, AirTag, and more. Details, Prices, Specs, and Availability.

What is Google’s FLoC (and does it harm privacy)?

What is Google’s FLoC? In this article, we’ll explain what FLoC is, why it may be a privacy threat, and how to check for it in your browser.

Checklist 226: Yet Another Facebook Data Breach

A Facebook data breach has exposed 500 million + users. On this episode of the Checklist: Details, how to check if you were affected, and staying safe.

FBI accessed hundreds of private computers in Microsoft Exchange remediation bid

The FBI accessed hundreds of vulnerable computers using remote backdoors installed by hackers — with the goal of collecting evidence against the hackers and removing the backdoors. In a press release issued Tuesday, the U.S. Department of Justice announced the operation and explained the rationale behind it. 

The 2021 Microsoft Exchange Server breach

Earlier this year, several critical zero-day vulnerabilities for Microsoft Exchange Server were discovered (Exchange is email server software common in enterprise environments).

The zero-days resulted in the hacks of thousands of organizations worldwide, with malicious actors accessing users’ email accounts …

TextEdit flaw could have let hackers create malicious TXT files

A flaw in macOS TextEdit could have let attackers create malicious TXT files — files that could have led to DOS attacks, IP leaks, and more.

Facebook data breach exposes details of 500 million users

A Facebook data breach has exposed the personal information of more than 500 million users. In this article: Details | Impact | Staying Safe