Apple security

'Apple security' Articles

Researchers Uncover Multiple OS X and Safari Exploits at Pwn2Own 2016

The sixteenth annual CanSecWest security conference is underway in downtown Vancouver, British Columbia, and researchers participating in the Pwn2Own computer hacking contest have already discovered multiple vulnerabilities in OS X and the Safari web browser on the desktop. On day one of the event, independent security researcher JungHoon Lee earned $60,000 after exploiting both OS X and Safari. Lee uncovered four vulnerabilities in total, including one exploit in Safari and three other vulnerabilities within the OS X operating system, according to security firm Trend Micro.JungHoon Lee (lokihardt): Demonstrated a successful code execution attack against Apple Safari to gain root privileges. The attack consisted of four new vulnerabilities: a use-after-free vulnerability in Safari and three additional vulnerabilities, including a heap overflow to escalate to root. This demonstration earned 10 Master of Pwn points and US$60,000.Meanwhile, the report claims that the Tencent Security Team Shield group successfully executed code that enabled them to gain root privileges to Safari using "two use-after-free vulnerabilities," including one in Safari and the other in a "privileged process." The researchers were awarded $40,000 in prize money. The five participating teams earned a total of $282,500 in prizes on day one, including a leading $132,500 earned by the 360Vulcan Team, according to the report. Other web browsers and plugins that were successfully targeted include Adobe Flash, Google Chrome, and Microsoft Edge on Windows. Apple representatives have attended

Apple Shifting Security Team From Contractors to Full-Time Employees

Apple has decided to hire the majority of its day-to-day security staff in Silicon valley as full-time employees, a company spokeswoman confirmed to the San Jose Mercury News. Many of the security guards that Apple has hired in the past as contractors will become part of the company's expanded in-house security team and receive the same benefits as other employees, including full health insurance, retirement contributions and a leave of absence for new parents. Apple security guard in dispute with photographer at iPad event (via The Australian) Apple will continue using contractors as security guards for special events, such as the upcoming 9">"Spring Forward" media event at the Yerba Buena Center for the Arts on March 9th. Apple is believed to have begun constructing an extension on the Yerba Buena Center over the weekend, possibly as an Apple Watch demo area, and security guards wearing "Apple Security" shirts were spotted monitoring the premises."We will be hiring a large number of full-time people to handle our day-to-day security needs," the spokeswoman told the San Jose Mercury News. "We hope that virtually all of these positions will be filled by employees from our current security vendor and we're working closely with them on this process." Apple has faced increasing pressure to provide individuals who cook, clean and monitor security for the company with the same benefits as other employees. Local union United Service Workers West staged a protest on Apple's headquarters in Cupertino, California in December over complaints that its security contractor