#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

Apple privacy | Breaking Cybersecurity News | The Hacker News

Apple Under Fire Over Sending Some Users Browsing Data to China's Tencent

Apple Under Fire Over Sending Some Users Browsing Data to China's Tencent

Oct 14, 2019
Do you know Apple is sending iOS web browsing related data of some of its users to Chinese Internet company Tencent? I am sure many of you are not aware of this, neither was I, and believe me, none of us could expect this from a tech company that promotes itself as a champion of consumer privacy. Late last week, it was widely revealed that starting from at least iOS 12.2 , Apple silently integrated the " Tencent Safe Browsing " service to power its " Fraudulent Website Warning " feature in the Safari web browser for both iOS and macOS. Just like the Safe Browsing feature in Chrome and Mozilla Firefox, Safari's fraudulent website warning feature has also been designed to protect users from various online threats by simply checking every website they visit against a regularly updated list of malicious websites. Until iOS 12.2, Apple primarily relied on the database of "blacklisted websites" provided by Google's Safe Browsing service, whic
New FaceTime Bug Lets Callers Hear and See You Without You Picking Up

New FaceTime Bug Lets Callers Hear and See You Without You Picking Up

Jan 29, 2019
If you own an Apple device, you should immediately turn OFF FaceTime app for a few days. A jaw-dropping unpatched privacy bug has been uncovered in Apple's popular video and audio call app FaceTime that could let someone hear or see you before you even pick up your call. The bug is going viral on Twitter and other social media platforms with multiple users complaining of this privacy issue that can turn any iPhone into an eavesdropping device without the user's knowledge. The Hacker News has tested the bug on iPhone X running the latest iOS 12.1.2 and can independently confirm that it works, as flagged by 9to5Mac on Monday. We were also able to replicate the bug by making a FaceTime call to a MacBook running macOS Mojave. Here's How Someone Can Spy On You Using FaceTime Bug The issue is more sort of a designing or logical flaw than a technical vulnerability that resides in the newly launched Group FaceTime feature. Here's how one can reproduce the bug:
Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution

Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution

Apr 15, 2024Active Directory / Attack Surface
To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to  privileged identity management  aims to mitigate the risks associated with prolonged high-level access by granting privileges temporarily and only when necessary, rather than providing users with continuous high-level privileges. By adopting this strategy, organizations can enhance security, minimize the window of opportunity for potential attackers and ensure that users access privileged resources only when necessary.  What is JIT and why is it important?   JIT privileged access provisioning  involves granting privileged access to users on a temporary basis, aligning with the concept of least privilege. This principle provides users with only the minimum level of access required to perform their tasks, and only for the amount of time required to do so. One of the key advantages of JIT provisioning
Cybersecurity Resources