Apple fixed hundreds of bugs, 223 to be exact, across macOS Sierra, iOS, Safari, watchOS, and tvOS on Monday.
Google pumped more life into the use of physical keys as a second form of authentication when it added Security Key enforcement support to G Suite.
Since the 1st of January, the iPhones in your mobile device fleet are even more secure. Or, at least, they should be based on Apple’s most recent requirements for developers. With the beginning of the new year, all apps that haven’t incorporated the App Transport Security (ATS) function will be unable to offer updates through the official store.
With the ATS system, Apple is attempting to force developers to offer apps that manage data more securely. This new characteristic requires, among other things, all web connections from the app to use an HTTPS protocol.
That way, the information will travel exclusively on an encrypted network, avoiding the most common risks. Paired up with the right protection, this measure taken by Apple could turn iPhones into one of the best options for company mobile devices.
Starting January 1, the iPhone that make up your company’s mobile fleet are even safer devices. Or, at least, they should be based on Apple’s latest demand for application developers. With the start of the new year, all those who have not incorporated their App Transport Security (ATS) tools will not be able to offer updates
But it’s not as simple as it may seem on the surface. For now, developers are not quite dancing Apple’s tune. In fact, a recent study has revealed that only 3% of the 200 most downloaded apps for iOS have already implemented ATS.
This figure is disconcerting. Some other conclusions of the study are also worrisome: about 83% of these 200 popular applications have completely disabled ATS and 55% still allow the use of unencrypted HTTP connections.
Moreover, among the popular apps that have not yet embraced the Apple system are some corporate tools that are common in company mobile phones, such as Microsoft Office products, Facebook and even WhatsApp.
The truth is that Apple is not cracking down too hard on developers in the application of these new rules. In fact, before January 1, developers were able to request justified exceptions that exempt them from adhering to ATS.
Since the beginning of the year, users have been able to continue to use these applications that are frankly not as safe as they should be. The only penalty imposed is to be banned from updating your app until you comply with ATS.
Accordingly, your employees should look for alternative applications that have adopted Apple’s latest security feature. Otherwise, they will not only be using unencrypted connections to deal with corporate data, but will also have their mobile devices plagued with un-updateable programs unable to incorporate changes against future vulnerabilities.
The post Only 3% of the Apps on Your Company iPhones are Secure appeared first on Panda Security Mediacenter.
Have you recently received a lot of invitations to your Apple calendar, too? Do not act on those invitations!
The post Anonymous invitations flooding your Apple calendar appeared first on Avira Blog.
Apple addressed vulnerabilities in iTunes and iCloud for Windows, and Xcode Server on Thursday.
The latest on the Yahoo breach, Germany’s problem with WhatsApp-Facebook, Facebook’s osquery tool for Windows, and Zerodium’s $1.5M iOS bounty are all discussed.