Apple ID | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers on Thursday disclosed two distinct design and implementation flaws in Apple's crowdsourced Bluetooth location tracking system that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, thereby deanonymizing users. The  findings  are a consequence of an exhaustive review undertaken by the Open Wireless Link (OWL) project, a team of researchers from the Secure Mobile Networking Lab at the Technical University of Darmstadt, Germany, who have historically taken apart Apple's wireless ecosystem with the goal of identifying security and privacy issues. In response to the disclosures on July 2, 2020, Apple is said to have partially addressed the issues, stated the researchers, who used their own data for the study citing privacy implications of the analysis. How Find My Works? Apple devices come with a feature called  Find My  that makes it easy for users to locate other Apple devices...

Just like 'login with Google,' 'login with Facebook,' Twitter, LinkedIn or any other social media site, you would now be able to quickly sign-up and log into third-party websites and apps using your Apple ID. What's the difference? Well, Apple claims that signing-in with Apple ID would protect users' privacy by not disclosing their actual email addresses to the 3rd-party services and also limiting personal information to the minimum necessary data. While announcing 'Sign in with Apple' today at WWDC, the company revealed that the feature has been designed to randomly generate a new unique email address for each different service a user sign-up with, and will forward all emails to your primary email ID, internally. "It [randomly generate emails] is a smart jab against spam: Not only will you be able to turn off spammy email more easily, but you'll also be able to see who exactly is sharing and selling your email widely when that random a...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...