Apple today reminded Mac developers that it is encouraging them to have their apps notarized, meaning that the apps have been scanned by Apple and checked for malware and other security issues.
Notarization is not currently a requirement for apps distributed outside of the Mac App Store, but Apple says it will „more prominently highlight notarization status“ starting in the spring of 2019. And in an unspecified „upcoming macOS release,“ Apple will require any Developer ID-signed apps to be notarized.
When users on macOS Mojave first open a notarized app, installer package, or disk image, they’ll see a more streamlined Gatekeeper dialog [...]
In a statement issued Saturday evening, the U.S. Department of Homeland Security said it has „no reason to doubt“ the companies who denied this week’s Bloomberg Businessweek report about China tampering with servers manufactured by Supermicro.
”The Department of Homeland Security is aware of the media reports of a technology supply chain compromise. Like our partners in the UK, the National Cyber Security Centre, at this time we have no reason to doubt the statements from the companies named in the story. Information and communications technology supply chain security is core to DHS’s cybersecurity mission and we are committed to the security [...]
The United Kingdom’s National Cyber Security Centre has backed Apple’s and Amazon’s denials of a Bloomberg Businessweek report that claimed Chinese spies planted tiny chips the size of a pencil tip on motherboards manufactured by Supermicro, which both Apple and Amazon used at one time in data center servers.
„We are aware of the media reports but at this stage have no reason to doubt the detailed assessments made by AWS and Apple,“ the agency, a unit of the GCHQ, said in a statement provided to Reuters today.
„The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these [...]
Facebook this morning announced that its engineering team on Tuesday discovered that hackers have exploited a vulnerability in its code, allowing hackers to steal Facebook access tokens for almost 50 million accounts.
According to Facebook, hackers took advantage of security flaws in its „View As“ code, which is a feature designed to let people see what their profile looks like to someone else. The Facebook access tokens that were stolen are digital keys that allow people to stay logged in to Facebook.
This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in [...]