{"id":71791,"date":"2017-11-01T08:56:27","date_gmt":"2017-11-01T15:56:27","guid":{"rendered":"https:\/\/www.intego.com\/mac-security-blog\/?p=71791"},"modified":"2024-04-18T03:15:14","modified_gmt":"2024-04-18T10:15:14","slug":"month-in-review-apple-security-in-october-2017","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/","title":{"rendered":"Month in review: Apple security in October 2017"},"content":{"rendered":"<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/RyDnuql3-hs?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p>October has been another busy month! There&#8217;s a new variant of the Proton malware, a Wi-Fi &#8220;KRACK&#8221; attack affecting Apple devices, warnings about potential attacks against iOS device users, and plenty more.<\/p>\n<h3>Eltima Software Infected with OSX\/Proton.C Malware<\/h3>\n<p><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-71176\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Eltima-Elmedia-player-Proton325x250-150x115.jpg\" alt=\"\" width=\"150\" height=\"115\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Eltima-Elmedia-player-Proton325x250-150x115.jpg 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Eltima-Elmedia-player-Proton325x250-300x231.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Eltima-Elmedia-player-Proton325x250.jpg 325w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/>One of the most significant bits of Mac-specific news in October was the discovery of another legitimate software developer whose download server was distributing compromised (infected) versions of the company&#8217;s apps.<\/p>\n<p>You may recall that the same thing happened back in May with the popular <a href=\"https:\/\/www.intego.com\/mac-security-blog\/handbrakes-server-compromised-download-installs-complex-trojan\/\" target=\"_blank\" rel=\"noopener\">Handbrake<\/a>\u00a0video-encoding software, and in 2016 the\u00a0<a href=\"https:\/\/www.intego.com\/mac-security-blog\/topic\/transmission\/\" target=\"_blank\" rel=\"noopener\">Transmission<\/a>\u00a0BitTorrent client was compromised on two separate occasions.<\/p>\n<p><img loading=\"lazy\" class=\"alignleft size-thumbnail wp-image-71800\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/folx-logo-150x150.png\" alt=\"\" width=\"140\" height=\"140\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/folx-logo-150x150.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/folx-logo-32x32.png 32w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/folx-logo-50x50.png 50w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/folx-logo-64x64.png 64w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/folx-logo-96x96.png 96w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/folx-logo-128x128.png 128w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/folx-logo.png 160w\" sizes=\"(max-width: 140px) 100vw, 140px\" \/>This time, Eltima Software was the target\u2014specifically its Mac apps <strong>Elmedia Player<\/strong> and <strong>Folx<\/strong> (a download manager and BitTorrent client).<\/p>\n<p>If an unsuspecting Mac user downloaded and installed one of the infected apps, a new variant of the <strong>OSX\/Proton<\/strong> malware would be installed as well. This malware gives an attacker virtually complete control over an infected Mac, and it attempts to steal a victim&#8217;s passwords, cryptocurrency wallets, browsing history and login data, and more.<\/p>\n<p>For more information, including how to find out whether your Mac was infected, see Intego&#8217;s main article <a href=\"https:\/\/www.intego.com\/mac-security-blog\/osxproton-malware-is-back-heres-what-mac-users-need-to-know\/\" target=\"_blank\" rel=\"noopener\">OSX\/Proton Malware is Back! Here\u2019s What Mac Users Need to Know<\/a>.<\/p>\n<h3>Wi-Fi KRACK Attack<\/h3>\n<p><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-71803\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/KRACK-logo-118x150.png\" alt=\"\" width=\"118\" height=\"150\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/KRACK-logo-118x150.png 118w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/KRACK-logo-236x300.png 236w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/KRACK-logo.png 644w\" sizes=\"(max-width: 118px) 100vw, 118px\" \/>A security researcher recently found a series of vulnerabilities in most implementations of the WPA2 Wi-Fi security protocol. Dubbed &#8220;<strong>KRACK attacks<\/strong>&#8221; (short for &#8220;key reinstallation attacks&#8221;), the vulnerabilities could enable a nearby attacker\u2014within Wi-Fi range of a victim\u2014to spy on all wirelessly transmitted data, and in some cases even inject and manipulate data.<\/p>\n<p>As discussed in the <a href=\"http:\/\/podcast.intego.com\/3\" target=\"_blank\" rel=\"noopener\">third\u00a0episode<\/a> of the <a href=\"http:\/\/podcast.intego.com\" target=\"_blank\" rel=\"noopener\">Intego Mac Podcast<\/a>,\u00a0it is important to note that WPA2 with AES is still the safest Wi-Fi encryption standard available for most users, but you&#8217;ll want to check to see whether any firmware updates are available for your wireless access point (and if there aren&#8217;t any available, ask the manufacturer when to expect an update).<\/p>\n<p><img loading=\"lazy\" class=\"alignleft size-thumbnail wp-image-71809\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac-150x150.png\" alt=\"\" width=\"150\" height=\"150\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac-150x150.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac-300x300.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac-32x32.png 32w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac-50x50.png 50w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac-64x64.png 64w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac-96x96.png 96w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac-128x128.png 128w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-AirPort-Extreme-802.11ac.png 400w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/>Apple has not stated whether its <a href=\"https:\/\/www.apple.com\/compare-wifi-models\/\" target=\"_blank\" rel=\"noopener\">AirPort<\/a> wireless base stations will be updated, according to <a href=\"http:\/\/appleinsider.com\/articles\/17\/10\/16\/apple-confirms-krack-wi-fi-wpa-2-attack-vector-patched-in-ios-tvos-watchos-macos-betas\" target=\"_blank\" rel=\"noopener\">AppleInsider<\/a>.<\/p>\n<p>It&#8217;s not just wireless base stations that are affected, though.<\/p>\n<p>According to the discoverer of the vulnerabilities, <strong>just about every device with Wi-Fi is likely vulnerable to KRACK attacks, including Mac and iOS devices.<\/strong><\/p>\n<p>Earlier in the month, Apple stated that its developer\u00a0betas of upcoming &#8220;.1&#8221; versions of macOS, iOS, watchOS, and tvOS had already been updated to patch the KRACK vulnerabilities on the client side.<\/p>\n<p>On October 31, Apple released <strong>macOS High Sierra 10.13.1<\/strong> (and related security updates for macOS Sierra 10.12.6 and OS X El Capitan 10.11.6), <strong>iOS 11.1<\/strong>, <strong>tvOS 11.1<\/strong>, and <strong>watchOS 4.1<\/strong>, which addressed\u00a0KRACK and other vulnerabilities.\u00a0 (See our article\u00a0<a href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-releases-macos-10-13-1-high-sierra-ios-11-1-with-security-fixes\/\" target=\"_blank\" rel=\"noopener\">Apple Releases macOS 10.13.1 High Sierra, iOS 11.1 with Security Fixes<\/a> for\u00a0further details on the security content of these updates.)<\/p>\n<p>Strangely, however, it appears that Apple may not have addressed KRACK for all supported hardware, including several older models of the iPhone and\u2014most bizarre of all\u2014even the current generation of Apple Watch.<\/p>\n<p>As of today, the following devices that are capable of running\u00a0the latest version of iOS, tvOS, or watchOS may\u00a0nevertheless still be vulnerable to KRACK attacks:<\/p>\n<ul>\n<li>Apple TV (4th generation)<\/li>\n<li>Apple Watch (1st generation)<\/li>\n<li>Apple Watch Series 3<\/li>\n<li>iPhone 5s<\/li>\n<li>iPhone 6<\/li>\n<li>iPhone 6 Plus<\/li>\n<li>iPhone 6s<\/li>\n<li>iPhone 6s Plus<\/li>\n<li>iPhone SE<\/li>\n<li>iPad Air<\/li>\n<li>iPad Air 2<\/li>\n<li>iPad mini 2<\/li>\n<li>iPad mini 3<\/li>\n<li>iPad mini 4<\/li>\n<li>iPod touch 6th generation<\/li>\n<\/ul>\n<p>We&#8217;ve reached out to Apple for clarification and comment, and will update this article\u00a0if and when Apple responds.<\/p>\n<p>In the mean time, if you haven&#8217;t yet upgraded to the latest OS, or if your device is on the list\u00a0above (or if your device is an older model that cannot be upgraded to the latest OS), it&#8217;s best to avoid using public Wi-Fi networks if possible\u2014but if you must use them, use a <a href=\"https:\/\/www.intego.com\/mac-security-blog\/topic\/vpn\/\" target=\"_blank\" rel=\"noopener\">VPN<\/a> and follow <a href=\"https:\/\/www.intego.com\/mac-security-blog\/how-to-keep-your-mac-safe-at-universities-and-public-networks\/\" target=\"_blank\" rel=\"noopener\">these best practices<\/a>.<\/p>\n<p>For more information on KRACK attacks, see Intego&#8217;s article <a href=\"https:\/\/www.intego.com\/mac-security-blog\/wi-fi-krack-vulnerabilities-faq-for-mac-iphone-and-ipad-users\/\" target=\"_blank\" rel=\"noopener\">Wi-Fi KRACK Vulnerabilities: FAQ for Mac, iPhone and iPad Users<\/a> and the <a href=\"https:\/\/www.krackattacks.com\/\" target=\"_blank\" rel=\"noopener\">official KRACK Attacks site<\/a>.<\/p>\n<h3>Apple Patches Disk Utility APFS Flaw and Keychain Stealing Vulnerability<\/h3>\n<p>On October 5, Apple released &#8220;macOS High Sierra 10.13 Supplemental Update,&#8221; a patch to address two serious vulnerabilities in the new Mac operating system.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" class=\"aligncenter size-full wp-image-71806\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Disk-Utility-APFS-password-as-password-hint.png\" alt=\"\" width=\"503\" height=\"267\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Disk-Utility-APFS-password-as-password-hint.png 503w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Disk-Utility-APFS-password-as-password-hint-150x80.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Disk-Utility-APFS-password-as-password-hint-300x159.png 300w\" sizes=\"(max-width: 503px) 100vw, 503px\" \/>Disk Utility stored actual APFS volume passwords as hints. Image: <a href=\"https:\/\/hackernoon.com\/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79\" target=\"_blank\" rel=\"noopener\">Hacker Noon<\/a><\/p>\n<p>The first vulnerability was a serious flaw in Disk Utility that would cause an APFS volume password to be visible when a user would click on Show Hint. For more information, see Intego&#8217;s article <a href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-emergency-update-to-fix-disk-utility-bug-in-macos-high-sierra\/\" target=\"_blank\" rel=\"noopener\">Apple Issues Emergency Update to Fix Disk Utility Bug in macOS High Sierra<\/a>.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" class=\"aligncenter size-large wp-image-70684\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/keychain-stealer-1024x553.jpg\" alt=\"\" width=\"1024\" height=\"553\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/keychain-stealer-1024x553.jpg 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/keychain-stealer-150x81.jpg 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/keychain-stealer-300x162.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/keychain-stealer-768x415.jpg 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/keychain-stealer-657x355.jpg 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/keychain-stealer.jpg 1382w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>Malware can potentially steal all your Keychain passwords. Image: <a href=\"https:\/\/www.patreon.com\/posts\/mr-steal-yo-14556409\" target=\"_blank\" rel=\"noopener\">Patrick Wardle<\/a><\/p>\n<p>The second vulnerability fixed in this patch is one that I covered in our <a href=\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-september-2017\/\" target=\"_blank\" rel=\"noopener\">September month in review<\/a>: a Keychain password-stealing vulnerability discovered by Patrick Wardle. Although this vulnerability affects older versions of macOS too, Apple has so far only patched it for High Sierra, so be sure to upgrade to High Sierra if your Mac is capable of running it (<a href=\"https:\/\/www.intego.com\/mac-security-blog\/what-to-do-if-your-mac-cant-run-macos-sierra\/\" target=\"_blank\" rel=\"noopener\">here&#8217;s how to find out<\/a>).<\/p>\n<h3>iOS Attack #1: Apple ID Phishing Dialogs<\/h3>\n<p>An iOS developer named Felix Krause has warned about two potential attacks against iOS users.<\/p>\n<p>Krause <a href=\"https:\/\/krausefx.com\/blog\/ios-privacy-stealpassword-easily-get-the-users-apple-id-password-just-by-asking\" target=\"_blank\" rel=\"noopener\">claims<\/a> that it&#8217;s easy for any iOS app to spoof the &#8220;Sign In to iTunes Store&#8221; or &#8220;Sign-In Required&#8221; system dialog boxes and steal the user&#8217;s Apple ID password.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" class=\"aligncenter size-large wp-image-71812\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/iOS-Apple-ID-phishing-PoC-KrauseFx-1024x922.png\" alt=\"\" width=\"1024\" height=\"922\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/iOS-Apple-ID-phishing-PoC-KrauseFx-1024x922.png 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/iOS-Apple-ID-phishing-PoC-KrauseFx-150x135.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/iOS-Apple-ID-phishing-PoC-KrauseFx-300x270.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/iOS-Apple-ID-phishing-PoC-KrauseFx-768x692.png 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/iOS-Apple-ID-phishing-PoC-KrauseFx-657x592.png 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/iOS-Apple-ID-phishing-PoC-KrauseFx.png 1996w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>iOS apps can maliciously simulate Apple\u00a0ID prompts. Image: <a href=\"https:\/\/krausefx.com\/blog\/ios-privacy-stealpassword-easily-get-the-users-apple-id-password-just-by-asking\" target=\"_blank\" rel=\"noopener\">Krause<\/a><\/p>\n<p>There are a number of things that a diligent user can do to mitigate this attack (until or unless Apple takes action to prevent developers from spoofing system dialog boxes):<\/p>\n<ol>\n<li><strong>When one of these dialog boxes appears<\/strong> prompting you for your credentials, <strong>press the Home button<\/strong>; if you&#8217;re taken to the iOS home screen showing your list of installed apps, then the dialog box you saw was a phishing attempt originating from the app you were using when the dialog box appeared, according to Krause.<\/li>\n<li><strong>Don&#8217;t even start typing your password<\/strong> into the dialog box until after you&#8217;ve followed step 1 to verify that it&#8217;s legitimate. If it&#8217;s a phishing attempt, then even if you click Cancel instead of Sign In, the app can still steal whatever portion of your password you&#8217;ve already typed.<\/li>\n<li><strong><a href=\"https:\/\/www.intego.com\/mac-security-blog\/apples-new-icloud-security-requirements-what-to-expect\/\" target=\"_blank\" rel=\"noopener\">Enable two-factor authentication<\/a> for your Apple ID<\/strong>, if you haven&#8217;t already done so. Although an attacker could potentially trick you into giving them a verification code to allow them to sign into your account, at least it gives you one more chance to realize you&#8217;ve made a mistake, back out, and change your Apple ID password before any harm\u00a0can be done.<\/li>\n<li><strong>Use a unique password for your Apple ID account.<\/strong> That way, if your Apple ID password does get stolen, an attacker won&#8217;t be able to successfully use that password to break into your other accounts (e-mail, etc.). And, of course, if you have any reason to suspect that some third party has obtained your password, be sure to reset your password to something completely different.<\/li>\n<\/ol>\n<p><a name=\"iOSAttack2\"><\/a><br \/>\nKrause has reported the vulnerability to Apple.<\/p>\n<h3>iOS Attack #2: Apps Can Do Creepy Things with Your Camera<\/h3>\n<p>Krause also warned that if you&#8217;ve ever authorized an iOS app to use your device&#8217;s camera, the app retains that permission until or unless you explicitly revoke it.<\/p>\n<p>While that may not seem like a bad thing (and usually isn&#8217;t), it could be a problem for apps from less\u00a0ethical\u00a0developers. Once a user has granted an app permission to use the camera, any time the app is in the foreground it has complete access to your front and back cameras. According to Krause, an app&#8217;s developer could exploit this functionality to do some creepy things without the user&#8217;s knowledge, including such things as:<\/p>\n<ul>\n<li><strong>secretly take pictures or stream video of the user<\/strong> whenever the user has the app open<\/li>\n<li><strong>determine the exact location of the user<\/strong> (via a captured photo or video&#8217;s metadata)<\/li>\n<li><strong>create a 3D model of the user&#8217;s face<\/strong><\/li>\n<li><strong>predict the user&#8217;s mood based on facial expressions<\/strong> (which a developer could use as a factor in deciding what to show the user on the screen)<\/li>\n<\/ul>\n<p style=\"text-align: center;\"><img loading=\"lazy\" class=\"aligncenter size-large wp-image-71815\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Analyze-iOS-user-face-KrauseFx-576x1024.jpg\" alt=\"\" width=\"288\" height=\"512\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Analyze-iOS-user-face-KrauseFx-576x1024.jpg 576w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Analyze-iOS-user-face-KrauseFx-84x150.jpg 84w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Analyze-iOS-user-face-KrauseFx-169x300.jpg 169w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Analyze-iOS-user-face-KrauseFx-657x1169.jpg 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Analyze-iOS-user-face-KrauseFx.jpg 750w\" sizes=\"(max-width: 288px) 100vw, 288px\" \/>Apps with camera access can secretly analyze a user&#8217;s mood. Image: <a href=\"https:\/\/krausefx.com\/blog\/ios-privacy-watchuser-access-both-iphone-cameras-any-time-your-app-is-running\" target=\"_blank\" rel=\"noopener\">Krause<\/a><\/p>\n<p>Unlike MacBooks and iMacs, <strong>the iPhone, iPad, and iPod touch do not have indicator lights that warn a user whenever a camera is active.<\/strong> Krause implies that it may behoove Apple to either include such lights on future revisions of iOS device hardware, or to update iOS to force the status bar to always be visible and show an indicator icon whenever the camera is active. Krause also suggests that Apple could change the behavior of iOS to include a way to grant apps only temporary access to the camera.<\/p>\n<p>Until or unless Apple takes measures like these, there are a few ways that a user can mitigate such attacks or unwanted uses of their camera:<\/p>\n<ol>\n<li><strong>Never grant a new app access to the camera unless it&#8217;s absolutely necessary.<\/strong> If you later decide that an app really does need to use the camera, you can always turn on the feature for that app temporarily via the Settings app.<\/li>\n<li>In the Settings app, scroll to the bottom and review the list of apps that are currently installed, and tap on each one to see which permissions you&#8217;ve granted. <strong>Revoke any permissions that you feel are unnecessary<\/strong> (permissions may include things like Camera, Photos, Location, or Cellular Data).<\/li>\n<li>If you&#8217;re still concerned, you can always <strong>physically block the camera lenses on your device<\/strong> whenever you&#8217;re not using them. You can find a variety of options for sale online by searching for phrases such as iPhone camera cover.<\/li>\n<\/ol>\n<p>Krause has also reported this issue to Apple.<\/p>\n<h3>Other Security News, in Brief<\/h3>\n<p>There were other notable goings-on in the security world in October. Some highlights:<\/p>\n<ul>\n<li><strong><a href=\"https:\/\/itunes.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\"><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-71818\" style=\"border-color: white; clear: right; float: right; margin: 0pt 0pt 0px 0px;\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-150x150.png\" alt=\"\" width=\"30\" height=\"30\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-150x150.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-32x32.png 32w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-50x50.png 50w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-64x64.png 64w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-96x96.png 96w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-128x128.png 128w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile.png 300w\" sizes=\"(max-width: 30px) 100vw, 30px\" \/><\/a>Intego launched a new <a href=\"http:\/\/podcast.intego.com\" target=\"_blank\" rel=\"noopener\">audio podcast<\/a><\/strong>\u00a0featuring hosts Kirk McElhearn and me, Josh Long; you can read more about it <a href=\"https:\/\/www.intego.com\/mac-security-blog\/intego-launches-new-podcast-series-intego-mac-podcast\/\" target=\"_blank\" rel=\"noopener\">here<\/a> and <strong><a href=\"https:\/\/itunes.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" target=\"_blank\" rel=\"noopener\">subscribe via iTunes<\/a><\/strong>.<\/li>\n<li><strong><a href=\"https:\/\/www.youtube.com\/subscription_center?add_user=IntegoVideo\"><img loading=\"lazy\" class=\"alignright size-full wp-image-71821\" style=\"border-color: white; clear: right; float: right; margin: 0pt 0pt 0px 0px;\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/follow-youtube.jpg\" alt=\"\" width=\"30\" height=\"30\" \/><\/a>Intego has a new YouTube video series<\/strong> based on my month-in-review column. Check out <a href=\"https:\/\/www.youtube.com\/watch?v=PlnMGp6Hnz4\" target=\"_blank\" rel=\"noopener\">September&#8217;s video<\/a>, and be sure to <strong><a href=\"https:\/\/www.youtube.com\/subscription_center?add_user=IntegoVideo\" target=\"_blank\" rel=\"noopener\">subscribe<\/a> and then click on the bell icon<\/strong> (?) to get notified when each new episode is available.<\/li>\n<li>A <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2017-10-25\/inside-apple-s-struggle-to-get-the-iphone-x-to-market-on-time\" target=\"_blank\" rel=\"noopener\">Bloomberg<\/a> report <strong>alleged that Apple had lowered its accuracy standard for Face ID security<\/strong> in the new iPhone X due to supply issues; however, Apple released a statement to <a href=\"https:\/\/www.theverge.com\/circuitbreaker\/2017\/10\/25\/16545764\/apple-face-id-quality-change-report-bloomberg-false-accuracy\" target=\"_blank\" rel=\"noopener\">The Verge<\/a>\u00a0and other news outlets the same day claiming that <strong>Bloomberg&#8217;s report was &#8220;completely false.&#8221;<\/strong><\/li>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/eva-galperin-on-responsible-encryption.png\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" class=\"alignright size-medium wp-image-71836\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/eva-galperin-on-responsible-encryption-300x169.png\" alt=\"\" width=\"284\" height=\"160\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/eva-galperin-on-responsible-encryption-300x169.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/eva-galperin-on-responsible-encryption-150x84.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/eva-galperin-on-responsible-encryption-768x432.png 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/eva-galperin-on-responsible-encryption-1024x576.png 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/eva-galperin-on-responsible-encryption-657x370.png 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/eva-galperin-on-responsible-encryption.png 1127w\" sizes=\"(max-width: 284px) 100vw, 284px\" \/><\/a>High-ranking <strong>U.S. Department of Justice official Rod Rosenstein called for &#8220;responsible encryption,&#8221;<\/strong> meaning weakened encryption that governments could bypass (along with any malicious party who gains access to a government&#8217;s method of entry). The EFF&#8217;s cybersecurity director <strong>Eva Galperin told CNET that &#8220;Calling it &#8216;responsible encryption&#8217; is hypocritical. Building insecurity in your encryption is irresponsible.&#8221;<\/strong> You can read <a href=\"https:\/\/www.cnet.com\/au\/news\/responsible-encryption-deputy-attorney-general-rod-rosenstein-back-doors\/\" target=\"_blank\" rel=\"noopener\">CNET<\/a> and <a href=\"https:\/\/arstechnica.com\/tech-policy\/2017\/10\/trumps-doj-tries-to-rebrand-weakened-encryption-as-responsible-encryption\/\" target=\"_blank\" rel=\"noopener\">Ars Technica<\/a>&#8216;s coverage of the story.<\/li>\n<li><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-71824\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/google_2015_logo_detail-150x50.png\" alt=\"\" width=\"150\" height=\"50\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/google_2015_logo_detail-150x50.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/google_2015_logo_detail-300x100.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/google_2015_logo_detail-768x256.png 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/google_2015_logo_detail-657x219.png 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/google_2015_logo_detail.png 1000w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/>Google released a three-part series of blog postings sharing <strong>technical details of several Broadcom chipset vulnerabilities<\/strong> that Apple mitigated in iOS 11, watchOS 4, and tvOS 11. You can find them here: <a href=\"https:\/\/googleprojectzero.blogspot.com\/2017\/09\/over-air-vol-2-pt-1-exploiting-wi-fi.html\" target=\"_blank\" rel=\"noopener\">Part 1<\/a>, <a href=\"https:\/\/googleprojectzero.blogspot.com\/2017\/10\/over-air-vol-2-pt-2-exploiting-wi-fi.html\" target=\"_blank\" rel=\"noopener\">Part 2<\/a>, <a href=\"https:\/\/googleprojectzero.blogspot.com\/2017\/10\/over-air-vol-2-pt-3-exploiting-wi-fi.html\" target=\"_blank\" rel=\"noopener\">Part 3<\/a>.<\/li>\n<li><strong>Google rolled out a new &#8220;Advanced Protection&#8221; program<\/strong> detailing how users can improve their two-factor authentication when logging into Google though the use of two physical security keys. If you have a Google account, check out this\u00a0<a href=\"https:\/\/www.nytimes.com\/2017\/10\/25\/technology\/personaltech\/google-keys-advanced-protection-program.html\" target=\"_blank\" rel=\"noopener\">New York Times<\/a>\u00a0article and <a href=\"https:\/\/landing.google.com\/advancedprotection\/\" target=\"_blank\" rel=\"noopener\">Google&#8217;s site<\/a> for further details.<\/li>\n<li><strong><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-71827\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/facebook-2015-logo-150x29.png\" alt=\"\" width=\"150\" height=\"29\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/facebook-2015-logo-150x29.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/facebook-2015-logo-300x58.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/facebook-2015-logo-768x149.png 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/facebook-2015-logo-1024x199.png 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/facebook-2015-logo-657x128.png 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/facebook-2015-logo.png 1623w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/>Facebook users should beware of a scam<\/strong> that may\u00a0enable a friend (or an attacker who&#8217;s posing as your friend, or who has hijacked your friend&#8217;s account) to\u00a0gain control of\u00a0your Facebook account\u00a0after alleging that that you&#8217;re one of their Trusted Contacts. For details on the attack, see <a href=\"https:\/\/thehackernews.com\/2017\/10\/facebook-account-hacking-scam.html\" target=\"_blank\" rel=\"noopener\">The Hacker News<\/a>&#8216; article.<\/li>\n<li><strong>Flash had a zero-day vulnerability<\/strong> (again). If you use Flash Player in Safari or Firefox on your Mac, <a href=\"https:\/\/get.adobe.com\/flashplayer\/about\/\" target=\"_blank\" rel=\"noopener\">check<\/a> to make sure it&#8217;s updated.<\/li>\n<li><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-70696\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/800px-Equifax_Logo-150x30.png\" alt=\"\" width=\"150\" height=\"30\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/800px-Equifax_Logo-150x30.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/800px-Equifax_Logo-300x59.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/800px-Equifax_Logo-768x152.png 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/800px-Equifax_Logo-657x130.png 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/800px-Equifax_Logo.png 800w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/>Speaking of Flash, <strong>the Equifax site was caught distributing a malware-laden fake Flash update<\/strong> to visitors using Windows. It is unclear whether the site may have also attempted to foist malware on Mac-using visitors during the time the site was compromised. See <a href=\"https:\/\/arstechnica.com\/information-technology\/2017\/10\/equifax-website-hacked-again-this-time-to-redirect-to-fake-flash-update\/\" target=\"_blank\" rel=\"noopener\">Ars Technica<\/a>&#8216;s report for details. (As mentioned briefly in <a href=\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-september-2017\/\" target=\"_blank\" rel=\"noopener\">September&#8217;s update<\/a>, <a href=\"https:\/\/www.intego.com\/mac-security-blog\/topic\/equifax\/\" target=\"_blank\" rel=\"noopener\">Equifax<\/a> has recently had several severe security problems come to light.)<\/li>\n<li><strong><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-71833\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/netgear_logo_2014-150x23.png\" alt=\"\" width=\"150\" height=\"23\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/netgear_logo_2014-150x23.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/netgear_logo_2014-300x45.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/netgear_logo_2014-768x115.png 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/netgear_logo_2014-1024x154.png 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/netgear_logo_2014-657x99.png 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/netgear_logo_2014.png 2000w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/>More than 50 vulnerabilities have been mitigated in Netgear devices<\/strong> including wireless access points, routers, switches, and network-attached storage, as reported by <a href=\"https:\/\/threatpost.com\/netgear-fixes-50-vulnerabilities-in-routers-switches-nas-devices\/128230\/\" target=\"_blank\" rel=\"noopener\">Threatpost<\/a>. If you use Netgear products, be sure to check for a firmware update.<\/li>\n<li><a href=\"http:\/\/www.reuters.com\/article\/us-microsoft-cyber-insight\/exclusive-microsoft-responded-quietly-after-detecting-secret-database-hack-in-2013-idUSKBN1CM0D0\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-71830\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/microsoft_logo_2012-150x32.png\" alt=\"\" width=\"150\" height=\"32\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/microsoft_logo_2012-150x32.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/microsoft_logo_2012-300x64.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/microsoft_logo_2012-768x164.png 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/microsoft_logo_2012-1024x219.png 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/microsoft_logo_2012-657x140.png 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/microsoft_logo_2012.png 2000w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/>Reuters<\/a>\u00a0reported about an <strong>alleged breach at Microsoft that happened in 2013<\/strong>, about which Microsoft has declined to comment. The breach of an internal bug-tracking database allegedly occurred <strong>after a Java vulnerability was exploited on Microsoft employees&#8217; Macs<\/strong>.<\/li>\n<li><strong>Dell lost control of a customer support domain<\/strong> for a month, and there&#8217;s evidence that it may have been used for malicious intent during that time, as reported by <a href=\"https:\/\/krebsonsecurity.com\/2017\/10\/dell-lost-control-of-key-customer-support-domain-for-a-month-in-2017\/\" target=\"_blank\" rel=\"noopener\">Krebs on Security<\/a>. (No, this story isn&#8217;t in any way Apple related, but\u00a0part of me can&#8217;t help but\u00a0be amused by Dell&#8217;s misfortunes ever since Michael Dell&#8217;s infamous <a href=\"https:\/\/en.wikiquote.org\/wiki\/Michael_Dell\" target=\"_blank\" rel=\"noopener\">slam<\/a> of Apple in 1997. Also, there are very good lessons here for business owners when it comes to domain registration.)<\/li>\n<\/ul>\n<h3>Stay Tuned! Subscribe to The Mac Security Blog<\/h3>\n<p>Be sure to subscribe to The Mac Security Blog to stay informed about Apple security throughout each month.<\/p>\n<p>If you missed Intego&#8217;s previous Apple security news roundups for 2017, you can check them out\u00a0<a href=\"https:\/\/www.intego.com\/mac-security-blog\/topic\/month-in-security\/\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/p>\n<p>Also,\u00a0be sure to <a href=\"https:\/\/www.youtube.com\/subscription_center?add_user=IntegoVideo\" target=\"_blank\" rel=\"noopener\">subscribe<\/a> to our YouTube channel to get these monthly updates in video form, and click on\u00a0YouTube&#8217;s bell\u00a0icon (?) to get notified when each new episode is available!<\/p>\n<p><em>Have something to say about this story? Share your comments below!<\/em><br \/>\n<span style=\"font-size: x-small;\">Eva Galperin photo credit: <a href=\"https:\/\/www.youtube.com\/watch?v=4ddJKJtS-mA\" target=\"_blank\" rel=\"noopener\">USENIX Enigma Conference<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>October has been another busy month! There&#8217;s a new variant of the Proton malware, a Wi-Fi &#8220;KRACK&#8221; attack affecting Apple devices, warnings about potential attacks against iOS device users, and plenty more. Eltima Software Infected with OSX\/Proton.C Malware One of the most significant bits of Mac-specific news in October was the discovery of another legitimate [&hellip;]<\/p>\n","protected":false},"author":14,"featured_media":71911,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[190,5],"tags":[1297,3670,3733,60,1645,3694,86,87,3250,3706,3469,4722],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"https:\/\/www.youtube.com\/watch?v=RyDnuql3-hs October has been another busy month! There&#039;s a new variant of the Proton malware, a Wi-Fi &quot;KRACK&quot; attack\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Month in review: Apple security in October 2017 - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"https:\/\/www.youtube.com\/watch?v=RyDnuql3-hs October has been another busy month! There&#039;s a new variant of the Proton malware, a Wi-Fi &quot;KRACK&quot; attack\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/JoshLong\" \/>\n<meta property=\"article:published_time\" content=\"2017-11-01T15:56:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-18T10:15:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@theJoshMeister\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Joshua Long\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg\",\"width\":400,\"height\":260},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/\",\"name\":\"Month in review: Apple security in October 2017 - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#primaryimage\"},\"datePublished\":\"2017-11-01T15:56:27+00:00\",\"dateModified\":\"2024-04-18T10:15:14+00:00\",\"description\":\"https:\/\/www.youtube.com\/watch?v=RyDnuql3-hs October has been another busy month! There's a new variant of the Proton malware, a Wi-Fi \\\"KRACK\\\" attack\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Month in review: Apple security in October 2017\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\"},\"headline\":\"Month in review: Apple security in October 2017\",\"datePublished\":\"2017-11-01T15:56:27+00:00\",\"dateModified\":\"2024-04-18T10:15:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#webpage\"},\"wordCount\":2274,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg\",\"keywords\":[\"Disk Utility\",\"Equifax\",\"Felix Krause\",\"Google\",\"iOS Vulnerability\",\"KRACK\",\"Malware\",\"Microsoft\",\"Month in Security\",\"OSX\/Proton.C\",\"Proton\",\"Stealer Malware\"],\"articleSection\":[\"Malware\",\"Security News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\",\"name\":\"Joshua Long\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"caption\":\"Joshua Long\"},\"description\":\"Joshua Long (@theJoshMeister), formerly Intego\\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \\u2014\",\"sameAs\":[\"https:\/\/security.thejoshmeister.com\",\"https:\/\/www.facebook.com\/JoshLong\",\"https:\/\/www.instagram.com\/thejoshmeister\/\",\"https:\/\/www.linkedin.com\/in\/thejoshmeister\",\"https:\/\/www.pinterest.com\/thejoshmeister\/\",\"https:\/\/twitter.com\/theJoshMeister\",\"https:\/\/www.youtube.com\/@theJoshMeister\"],\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"https:\/\/www.youtube.com\/watch?v=RyDnuql3-hs October has been another busy month! There's a new variant of the Proton malware, a Wi-Fi \"KRACK\" attack","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/","og_locale":"en_US","og_type":"article","og_title":"Month in review: Apple security in October 2017 - The Mac Security Blog","og_description":"https:\/\/www.youtube.com\/watch?v=RyDnuql3-hs October has been another busy month! There's a new variant of the Proton malware, a Wi-Fi \"KRACK\" attack","og_url":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/","og_site_name":"The Mac Security Blog","article_author":"https:\/\/www.facebook.com\/JoshLong","article_published_time":"2017-11-01T15:56:27+00:00","article_modified_time":"2024-04-18T10:15:14+00:00","og_image":[{"width":400,"height":260,"url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_creator":"@theJoshMeister","twitter_misc":{"Written by":"Joshua Long","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg","width":400,"height":260},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/","name":"Month in review: Apple security in October 2017 - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#primaryimage"},"datePublished":"2017-11-01T15:56:27+00:00","dateModified":"2024-04-18T10:15:14+00:00","description":"https:\/\/www.youtube.com\/watch?v=RyDnuql3-hs October has been another busy month! There's a new variant of the Proton malware, a Wi-Fi \"KRACK\" attack","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Month in review: Apple security in October 2017"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1"},"headline":"Month in review: Apple security in October 2017","datePublished":"2017-11-01T15:56:27+00:00","dateModified":"2024-04-18T10:15:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#webpage"},"wordCount":2274,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg","keywords":["Disk Utility","Equifax","Felix Krause","Google","iOS Vulnerability","KRACK","Malware","Microsoft","Month in Security","OSX\/Proton.C","Proton","Stealer Malware"],"articleSection":["Malware","Security News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-october-2017\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1","name":"Joshua Long","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","caption":"Joshua Long"},"description":"Joshua Long (@theJoshMeister), formerly Intego\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \u2014","sameAs":["https:\/\/security.thejoshmeister.com","https:\/\/www.facebook.com\/JoshLong","https:\/\/www.instagram.com\/thejoshmeister\/","https:\/\/www.linkedin.com\/in\/thejoshmeister","https:\/\/www.pinterest.com\/thejoshmeister\/","https:\/\/twitter.com\/theJoshMeister","https:\/\/www.youtube.com\/@theJoshMeister"],"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/Apple-Security-Month-in-Review-Oct2017.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-iFV","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/71791"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=71791"}],"version-history":[{"count":12,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/71791\/revisions"}],"predecessor-version":[{"id":88264,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/71791\/revisions\/88264"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/71911"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=71791"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=71791"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=71791"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}