{"id":75274,"date":"2018-02-07T13:22:23","date_gmt":"2018-02-07T21:22:23","guid":{"rendered":"https:\/\/www.intego.com\/mac-security-blog\/?p=75274"},"modified":"2019-06-15T02:59:00","modified_gmt":"2019-06-15T09:59:00","slug":"month-in-review-apple-security-in-january-2018","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/","title":{"rendered":"Month in review: Apple security in January 2018"},"content":{"rendered":"<p><img loading=\"lazy\" class=\"aligncenter size-full wp-image-75397\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Apple-Security-News-Jan-2018.png\" alt=\"Apple Security News in January 2018\" width=\"600\" height=\"300\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Apple-Security-News-Jan-2018.png 600w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Apple-Security-News-Jan-2018-150x75.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Apple-Security-News-Jan-2018-300x150.png 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/p>\n<p>Well, 2018 has sure started off with a bang!\u00a0January brought to light\u00a0major vulnerabilities affecting modern processor architectures, newly discovered Mac malware, and more. Read on for the details.<\/p>\n<h3>Meltdown and Spectre Vulnerabilities<\/h3>\n<p><img loading=\"lazy\" class=\"aligncenter size-large wp-image-74008\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/meltdown-spectre-apple-1024x576.png\" alt=\"\" width=\"800\" height=\"449\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/meltdown-spectre-apple-1024x576.png 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/meltdown-spectre-apple-150x84.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/meltdown-spectre-apple-300x169.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/meltdown-spectre-apple-768x432.png 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/meltdown-spectre-apple-657x370.png 657w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>Months ago, multiple groups of researchers independently discovered serious vulnerabilities\u00a0related to a\u00a0feature\u00a0of modern microprocessors known as speculative execution.<\/p>\n<p>In early January, details\u00a0about the\u00a0two classes of vulnerabilities\u2014namely, Meltdown and Spectre\u2014were released to the public. Multiple hardware platforms were affected, including personal computers, mobile phones, and more.<\/p>\n<p>Apple was among the companies that had received\u00a0early notification\u00a0about the vulnerabilities before they were publicly disclosed,\u00a0so Meltdown\u00a0mitigations were already present in December\u00a0for macOS High Sierra 10.3.2, iOS 11.2, and tvOS 11.2 (Apple said that watchOS was unaffected).<\/p>\n<p>In January, Apple also released Spectre-mitigating patches for Safari, as well as Meltdown mitigation for the two previous versions of macOS: Sierra and El Capitan.<\/p>\n<p>For lots more details, be sure to\u00a0listen to our <a href=\"http:\/\/podcast.intego.com\/13\" target=\"_blank\" rel=\"noopener\">podcast\u00a0discussion<\/a> and read our featured article on Meltdown and Spectre:<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"ze4VzHN9qY\"><p><a href=\"https:\/\/www.intego.com\/mac-security-blog\/meltdown-and-spectre-what-apple-users-need-to-know\/\">Meltdown and Spectre: What Apple Users Need to Know<\/a><\/p><\/blockquote>\n<p><iframe class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" src=\"https:\/\/www.intego.com\/mac-security-blog\/meltdown-and-spectre-what-apple-users-need-to-know\/embed\/#?secret=ze4VzHN9qY\" data-secret=\"ze4VzHN9qY\" width=\"500\" height=\"282\" title=\"&#8220;Meltdown and Spectre: What Apple Users Need to Know&#8221; &#8212; The Mac Security Blog\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<h3>OSX\/MaMi: First Mac Malware of 2018<\/h3>\n<p><img loading=\"lazy\" class=\"alignright size-medium wp-image-75304\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Evil-Woman-MaMi-300x260.jpg\" alt=\"\" width=\"200\" height=\"173\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Evil-Woman-MaMi-300x260.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Evil-Woman-MaMi-150x130.jpg 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Evil-Woman-MaMi.jpg 468w\" sizes=\"(max-width: 200px) 100vw, 200px\" \/>The first Mac malware\u00a0discovered in 2018 was OSX\/MaMi, DNS-hijacking malware found\u00a0by a forum user on\u00a0his coworker&#8217;s computer.<\/p>\n<p>DNS is the\u00a0technology that\u00a0translates a domain (for example, apple.com) into the IP address of a\u00a0server on the Internet. If\u00a0malware\u00a0forces a Mac to use rogue DNS servers, it&#8217;s\u00a0possible\u00a0for\u00a0bad guys to monitor, intercept, redirect, or inject malicious code into your Internet traffic.<\/p>\n<div id=\"attachment_74242\" style=\"width: 346px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-74242\" loading=\"lazy\" class=\"size-full wp-image-74242\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/MITM-Diagram.png\" alt=\"\" width=\"336\" height=\"293\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/MITM-Diagram.png 336w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/MITM-Diagram-150x131.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/MITM-Diagram-300x262.png 300w\" sizes=\"(max-width: 336px) 100vw, 336px\" \/><p id=\"caption-attachment-74242\" class=\"wp-caption-text\">Diagram of a man-in-the-middle attack. Image: <a href=\"https:\/\/commons.wikimedia.org\/wiki\/File:MITM_Diagramm.png\" target=\"_blank\" rel=\"noopener\">Nasanbuyn,<\/a>\u00a0<a href=\"https:\/\/store.storeimages.cdn-apple.com\/4974\/as-images.apple.com\/is\/image\/AppleInc\/aos\/published\/images\/r\/ef\/refurb\/2017\/refurb-2017-imac-215-retina-gallery?wid=1144&amp;hei=1144&amp;fmt=jpeg&amp;qlt=95&amp;op_sharpen=0&amp;resMode=bicub&amp;op_usm=0.5%2C0.5%2C0%2C0&amp;iccEmbed=0&amp;layer=comp&amp;.v=1499116835523\" target=\"_blank\" rel=\"noopener\">Apple<\/a><\/p><\/div>\n<p>OSX\/MaMi also installs a root certificate authority, allowing man-in-the-middle interception of even TLS\/SSL-encrypted communications, in particular\u00a0HTTPS connections to Web sites\u00a0that are normally considered secure.<\/p>\n<p><a href=\"https:\/\/www.intego.com\/antivirus-mac-internet-security\" target=\"_blank\" rel=\"noopener\">Intego VirusBarrier<\/a> detects this threat as <strong>OSX\/MaMi.A<\/strong>.<\/p>\n<p>For\u00a0lots more details, including how to\u00a0know whether your Mac is infected, be sure to check out our featured article on OSX\/MaMi:<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"Uwi2eUBnrd\"><p><a href=\"https:\/\/www.intego.com\/mac-security-blog\/ay-mami-new-dns-hijacking-mac-malware-discovered\/\">\u00a1Ay, MaMi! New DNS-Hijacking Mac Malware Discovered<\/a><\/p><\/blockquote>\n<p><iframe class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" src=\"https:\/\/www.intego.com\/mac-security-blog\/ay-mami-new-dns-hijacking-mac-malware-discovered\/embed\/#?secret=Uwi2eUBnrd\" data-secret=\"Uwi2eUBnrd\" width=\"500\" height=\"282\" title=\"&#8220;\u00a1Ay, MaMi! New DNS-Hijacking Mac Malware Discovered&#8221; &#8212; The Mac Security Blog\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<h3>CrossRAT Malware Used for Global Cyber-Espionage<\/h3>\n<p><img loading=\"lazy\" class=\"alignright size-medium wp-image-75259\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/Java-Malware-CrossRAT-279x300.jpeg\" alt=\"CrossRAT Java Malware Used in Global Cyber-Espionage Campaign\" width=\"140\" height=\"150\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/Java-Malware-CrossRAT-279x300.jpeg 279w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/Java-Malware-CrossRAT-139x150.jpeg 139w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/Java-Malware-CrossRAT.jpeg 325w\" sizes=\"(max-width: 140px) 100vw, 140px\" \/>Researchers from the Electronic Frontier Foundation and Lookout published a new report called &#8220;Dark Caracal:\u00a0Cyber-espionage at a Global Scale,&#8221; with details about a &#8220;nation-state level advanced persistent threat (APT).&#8221;<\/p>\n<p>The report includes information about a Java-based, cross-platform remote access Trojan (RAT) that&#8217;s capable of running on Macs and other platforms.<\/p>\n<p>CrossRAT is capable of\u00a0manipulating files, taking screenshots, and gaining persistence (enabling itself to\u00a0run again\u00a0automatically after a reboot).\u00a0<a href=\"https:\/\/www.intego.com\/antivirus-mac-internet-security\" target=\"_blank\" rel=\"noopener\">Intego VirusBarrier<\/a>\u00a0detects this\u00a0threat as\u00a0<strong>Java\/LaunchAgent<\/strong>.<\/p>\n<p>For\u00a0additional details, including how to\u00a0know whether your Mac is infected, be sure to check out our featured article about CrossRAT:<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"I3qbuNbMPe\"><p><a href=\"https:\/\/www.intego.com\/mac-security-blog\/new-crossrat-malware-used-in-global-cyber-espionage-campaign\/\">New CrossRAT Malware Used in Global Cyber-Espionage Campaign<\/a><\/p><\/blockquote>\n<p><iframe class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" src=\"https:\/\/www.intego.com\/mac-security-blog\/new-crossrat-malware-used-in-global-cyber-espionage-campaign\/embed\/#?secret=I3qbuNbMPe\" data-secret=\"I3qbuNbMPe\" width=\"500\" height=\"282\" title=\"&#8220;New CrossRAT Malware Used in Global Cyber-Espionage Campaign&#8221; &#8212; The Mac Security Blog\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<h3>Apple Security Updates<\/h3>\n<p><img loading=\"lazy\" class=\"alignright size-full wp-image-75307\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/iOS-Settings-app-software-update-available.png\" alt=\"\" width=\"111\" height=\"112\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/iOS-Settings-app-software-update-available.png 221w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/iOS-Settings-app-software-update-available-150x150.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/iOS-Settings-app-software-update-available-32x32.png 32w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/iOS-Settings-app-software-update-available-50x50.png 50w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/iOS-Settings-app-software-update-available-64x64.png 64w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/iOS-Settings-app-software-update-available-96x96.png 96w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/iOS-Settings-app-software-update-available-128x128.png 128w\" sizes=\"(max-width: 111px) 100vw, 111px\" \/>Apple issued\u00a0two batches of security updates in January. The first round was on January 8, which notably featured mitigations for the aforementioned Spectre vulnerabilities.<\/p>\n<p>The second round of updates came on January 23. Among other things, Apple\u00a0mitigated the Meltdown vulnerability for macOS Sierra and El Capitan, as well a vulnerability that could allow a specially crafted link to crash an iOS device or a Mac (as discussed in the\u00a0<a href=\"http:\/\/podcast.intego.com\/15\" target=\"_blank\" rel=\"noopener\">January 24 episode<\/a> of the Intego Mac Podcast). Apple also released security updates for both iTunes and iCloud for Windows.<\/p>\n<p>For more details on\u00a0Apple&#8217;s January 23 updates, see our featured article:<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"EtBlWFSGdb\"><p><a href=\"https:\/\/www.intego.com\/mac-security-blog\/macos-sierra-os-x-el-capitan-updates-patch-meltdown-flaw\/\">macOS Sierra, OS X El Capitan Updates Patch Meltdown Flaw<\/a><\/p><\/blockquote>\n<p><iframe class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" src=\"https:\/\/www.intego.com\/mac-security-blog\/macos-sierra-os-x-el-capitan-updates-patch-meltdown-flaw\/embed\/#?secret=EtBlWFSGdb\" data-secret=\"EtBlWFSGdb\" width=\"500\" height=\"282\" title=\"&#8220;macOS Sierra, OS X El Capitan Updates Patch Meltdown Flaw&#8221; &#8212; The Mac Security Blog\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<h3>Other Security News, in Brief<\/h3>\n<p>There were other notable goings-on in the security world in January. Some highlights:<\/p>\n<ul>\n<li>Five episodes of the <strong>Intego\u00a0Mac Podcast<\/strong>\u00a0were published in January.\u00a0<strong>Be sure to\u00a0<a href=\"https:\/\/itunes.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" target=\"_blank\" rel=\"noopener\">subscribe<\/a><\/strong>\u00a0to make sure you don&#8217;t miss\u00a0any future episodes!\u00a0This month&#8217;s topics\u00a0included:\n<ul>\n<li><a href=\"http:\/\/podcast.intego.com\/12\" target=\"_blank\" rel=\"noopener\">What to do if you&#8217;ve been hacked<\/a><\/li>\n<li><a href=\"http:\/\/podcast.intego.com\/13\" target=\"_blank\" rel=\"noopener\">Meltdown and Spectre<\/a><\/li>\n<li><a href=\"http:\/\/podcast.intego.com\/14\" target=\"_blank\" rel=\"noopener\">iPhone battery problems, plus OSX\/MaMi<\/a><\/li>\n<li><a href=\"http:\/\/podcast.intego.com\/15\" target=\"_blank\" rel=\"noopener\">Messages app link crash,\u00a0plus how VPNs can help protect you<\/a><\/li>\n<li><a href=\"http:\/\/podcast.intego.com\/16\" target=\"_blank\" rel=\"noopener\">Malware and vulnerability lingo and naming conventions<\/a><br \/>\n<a href=\"https:\/\/itunes.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" class=\"alignnone size-thumbnail wp-image-73078\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/12\/Get-it-on-iTunes-150x55.png\" alt=\"Get it on iTunes\" width=\"109\" height=\"40\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/12\/Get-it-on-iTunes-150x55.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/12\/Get-it-on-iTunes-300x110.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/12\/Get-it-on-iTunes.png 646w\" sizes=\"(max-width: 109px) 100vw, 109px\" \/><\/a><\/li>\n<\/ul>\n<\/li>\n<li>In the United States, tax season began on January 30;\u00a0<strong>U.S. citizens should file their tax returns as soon as practical<\/strong> to help\u00a0prevent scammers from fraudulently filing for you<img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-61924\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/01\/fruitfly-CC-BY-150x120.jpg\" alt=\"Fruit fly photo by Arian Suresh, https:\/\/www.flickr.com\/photos\/ansk\/26201092112\" width=\"40\" height=\"32\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/01\/fruitfly-CC-BY-150x120.jpg 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/01\/fruitfly-CC-BY-300x240.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/01\/fruitfly-CC-BY-768x614.jpg 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/01\/fruitfly-CC-BY.jpg 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/01\/fruitfly-CC-BY-657x525.jpg 657w\" sizes=\"(max-width: 40px) 100vw, 40px\" \/><\/li>\n<li><strong>The U.S. Department of Justice indicted the alleged author of the Fruitfly Mac malware<\/strong>, <a href=\"http:\/\/www.zdnet.com\/article\/ohio-hacker-indicted-fruitfly-malware-spy-on-thousands-of-mac-users\/\" target=\"_blank\" rel=\"noopener\">reports<\/a> ZDNet; the alleged hacker is 28 years old but was 14 at the time Fruitfly was originally developed<\/li>\n<li><strong><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-75319\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Western-Digital-WD-logo-150x88.jpg\" alt=\"\" width=\"40\" height=\"24\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Western-Digital-WD-logo-150x88.jpg 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Western-Digital-WD-logo-300x175.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Western-Digital-WD-logo-768x448.jpg 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Western-Digital-WD-logo-1024x598.jpg 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Western-Digital-WD-logo-657x383.jpg 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Western-Digital-WD-logo.jpg 1280w\" sizes=\"(max-width: 40px) 100vw, 40px\" \/>Western Digital My Cloud drives have a built-in backdoor<\/strong>\u00a0(with a hard-coded password) that hasn&#8217;t been patched for more than six months, and the discoverer has released the full details to the public, <a href=\"https:\/\/www.techspot.com\/news\/72612-western-digital-cloud-drives-have-built-backdoor.html\" target=\"_blank\" rel=\"noopener\">reports<\/a> Tech Spot<\/li>\n<li><strong><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-75313\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon-150x150.png\" alt=\"\" width=\"40\" height=\"40\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon-150x150.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon-300x300.png 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon-32x32.png 32w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon-50x50.png 50w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon-64x64.png 64w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon-96x96.png 96w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon-128x128.png 128w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/tinder-icon.png 512w\" sizes=\"(max-width: 40px) 100vw, 40px\" \/>Strangers can spy on your Tinder swipes<\/strong>,\u00a0<a href=\"https:\/\/www.wired.com\/story\/tinder-lack-of-encryption-lets-strangers-spy-on-swipes\/\" target=\"_blank\" rel=\"noopener\">reports<\/a>\u00a0Wired<\/li>\n<li><strong>Personal information\u00a0of\u00a0half of Norway&#8217;s population may have been breached<\/strong> due to an intrusion at a healthcare provider,\u00a0<a href=\"https:\/\/www.infosecurity-magazine.com\/news\/half-norways-population-may-have\/\" target=\"_blank\" rel=\"noopener\">reports<\/a>\u00a0Infosecurity Magazine<\/li>\n<li><strong><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-75322\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Seal_of_the_United_States_Department_of_Homeland_Security_DHS-150x150.png\" alt=\"\" width=\"40\" height=\"40\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Seal_of_the_United_States_Department_of_Homeland_Security_DHS-150x150.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Seal_of_the_United_States_Department_of_Homeland_Security_DHS-32x32.png 32w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Seal_of_the_United_States_Department_of_Homeland_Security_DHS-50x50.png 50w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Seal_of_the_United_States_Department_of_Homeland_Security_DHS-64x64.png 64w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Seal_of_the_United_States_Department_of_Homeland_Security_DHS-96x96.png 96w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Seal_of_the_United_States_Department_of_Homeland_Security_DHS-128x128.png 128w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Seal_of_the_United_States_Department_of_Homeland_Security_DHS.png 200w\" sizes=\"(max-width: 40px) 100vw, 40px\" \/>Personal information of 240,000 U.S. Department of Homeland Security employees has been breached<\/strong>, <a href=\"http:\/\/www.theregister.co.uk\/2018\/01\/04\/us_homeland_security_breach_exposed_personal_info_of_200000_staff\/\" target=\"_blank\" rel=\"noopener\">reports<\/a> The Register<\/li>\n<li><strong>Malware was found\u00a0at dozens of gas stations in Russia<\/strong>;\u00a0<a href=\"http:\/\/www.rosbalt.ru\/moscow\/2018\/01\/19\/1675722.html\" target=\"_blank\" rel=\"noopener\">reportedly<\/a>\u00a0the malware skimmed money\u00a0whenever customers used their credit cards at the infected pumps<\/li>\n<\/ul>\n<p><img loading=\"lazy\" class=\"aligncenter size-large wp-image-74893\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/2017-year-in-review-collage-1024x576.jpg\" alt=\"\" width=\"1024\" height=\"576\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/2017-year-in-review-collage-1024x576.jpg 1024w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/2017-year-in-review-collage-150x84.jpg 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/2017-year-in-review-collage-300x169.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/2017-year-in-review-collage-768x432.jpg 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/2017-year-in-review-collage-657x370.jpg 657w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/01\/2017-year-in-review-collage.jpg 1920w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>Also, check out our\u00a0article featuring the\u00a0<a href=\"https:\/\/www.intego.com\/mac-security-blog\/a-look-back-at-the-top-mac-security-stories-of-2017\/\" target=\"_blank\" rel=\"noopener\">top\u00a0Apple\u00a0security stories of 2017<\/a>\u2014there&#8217;s a good chance you&#8217;ve\u00a0missed or forgotten about something!<\/p>\n<h3>Stay Tuned! Subscribe to The Mac Security Blog<\/h3>\n<p>Be sure to subscribe to\u00a0<strong>The Mac Security Blog<\/strong>\u00a0to stay informed about Apple security throughout each month.<\/p>\n<p>Also, each week we discuss Mac and iOS security news and other topics of interest on the\u00a0<strong>Intego Mac Podcast<\/strong>. You&#8217;ll want to\u00a0<a href=\"https:\/\/itunes.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" target=\"_blank\" rel=\"noopener\">subscribe in iTunes\/Podcasts<\/a>\u00a0to make sure you don&#8217;t miss any shows! Show notes are available at\u00a0<a href=\"http:\/\/podcast.intego.com\" target=\"_blank\" rel=\"noopener\">podcast.intego.com<\/a>.<\/p>\n<p>Last but not least,\u00a0be sure to\u00a0<a href=\"https:\/\/www.youtube.com\/subscription_center?add_user=IntegoVideo\" target=\"_blank\" rel=\"noopener\">subscribe<\/a>\u00a0to\u00a0the\u00a0<strong>Intego YouTube channel<\/strong>\u00a0to get monthly updates in video form, and click on\u00a0YouTube&#8217;s bell\u00a0icon (?) so you&#8217;ll get notified when each new episode is available.<br \/>\n<span style=\"font-size: x-small;\">&#8220;Evil mommy&#8221;\/MaMi\u00a0image credit:\u00a0<a href=\"http:\/\/maxpixel.freegreatpicture.com\/Evil-Aggressive-Girl-Female-Costume-Devil-Demon-15682\" target=\"_blank\" rel=\"noopener\">Max Pixel<\/a>.\u00a0Fruit fly photo:\u00a0<a href=\"https:\/\/www.flickr.com\/photos\/ansk\/26201092112\" target=\"_blank\" rel=\"noopener\">Arian Suresh<\/a>.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Well, 2018 has sure started off with a bang!\u00a0January brought to light\u00a0major vulnerabilities affecting modern processor architectures, newly discovered Mac malware, and more. Read on for the details. Meltdown and Spectre Vulnerabilities Months ago, multiple groups of researchers independently discovered serious vulnerabilities\u00a0related to a\u00a0feature\u00a0of modern microprocessors known as speculative execution. In early January, details\u00a0about the\u00a0two [&hellip;]<\/p>\n","protected":false},"author":14,"featured_media":75406,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5],"tags":[3907,3229,3250,3619,3874],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Well, 2018 has sure started off with a bang!\u00a0January brought to light\u00a0major vulnerabilities affecting modern processor architectures, newly discovered Mac\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Month in review: Apple security in January 2018 - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Well, 2018 has sure started off with a bang!\u00a0January brought to light\u00a0major vulnerabilities affecting modern processor architectures, newly discovered Mac\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/JoshLong\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-07T21:22:23+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-06-15T09:59:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@theJoshMeister\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Joshua Long\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png\",\"width\":400,\"height\":260,\"caption\":\"Mac Security News January 2018\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/\",\"name\":\"Month in review: Apple security in January 2018 - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#primaryimage\"},\"datePublished\":\"2018-02-07T21:22:23+00:00\",\"dateModified\":\"2019-06-15T09:59:00+00:00\",\"description\":\"Well, 2018 has sure started off with a bang!\\u00a0January brought to light\\u00a0major vulnerabilities affecting modern processor architectures, newly discovered Mac\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Month in review: Apple security in January 2018\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\"},\"headline\":\"Month in review: Apple security in January 2018\",\"datePublished\":\"2018-02-07T21:22:23+00:00\",\"dateModified\":\"2019-06-15T09:59:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#webpage\"},\"wordCount\":950,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png\",\"keywords\":[\"CrossRAT\",\"Fruitfly\",\"Month in Security\",\"Mughthesec\",\"OSX\/MaMi\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\",\"name\":\"Joshua Long\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"caption\":\"Joshua Long\"},\"description\":\"Joshua Long (@theJoshMeister), formerly Intego\\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \\u2014\",\"sameAs\":[\"https:\/\/security.thejoshmeister.com\",\"https:\/\/www.facebook.com\/JoshLong\",\"https:\/\/www.instagram.com\/thejoshmeister\/\",\"https:\/\/www.linkedin.com\/in\/thejoshmeister\",\"https:\/\/www.pinterest.com\/thejoshmeister\/\",\"https:\/\/twitter.com\/theJoshMeister\",\"https:\/\/www.youtube.com\/@theJoshMeister\"],\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Well, 2018 has sure started off with a bang!\u00a0January brought to light\u00a0major vulnerabilities affecting modern processor architectures, newly discovered Mac","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/","og_locale":"en_US","og_type":"article","og_title":"Month in review: Apple security in January 2018 - The Mac Security Blog","og_description":"Well, 2018 has sure started off with a bang!\u00a0January brought to light\u00a0major vulnerabilities affecting modern processor architectures, newly discovered Mac","og_url":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/","og_site_name":"The Mac Security Blog","article_author":"https:\/\/www.facebook.com\/JoshLong","article_published_time":"2018-02-07T21:22:23+00:00","article_modified_time":"2019-06-15T09:59:00+00:00","og_image":[{"width":400,"height":260,"url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_creator":"@theJoshMeister","twitter_misc":{"Written by":"Joshua Long","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png","width":400,"height":260,"caption":"Mac Security News January 2018"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/","name":"Month in review: Apple security in January 2018 - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#primaryimage"},"datePublished":"2018-02-07T21:22:23+00:00","dateModified":"2019-06-15T09:59:00+00:00","description":"Well, 2018 has sure started off with a bang!\u00a0January brought to light\u00a0major vulnerabilities affecting modern processor architectures, newly discovered Mac","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Month in review: Apple security in January 2018"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1"},"headline":"Month in review: Apple security in January 2018","datePublished":"2018-02-07T21:22:23+00:00","dateModified":"2019-06-15T09:59:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#webpage"},"wordCount":950,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png","keywords":["CrossRAT","Fruitfly","Month in Security","Mughthesec","OSX\/MaMi"],"articleSection":["Security News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/month-in-review-apple-security-in-january-2018\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1","name":"Joshua Long","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","caption":"Joshua Long"},"description":"Joshua Long (@theJoshMeister), formerly Intego\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \u2014","sameAs":["https:\/\/security.thejoshmeister.com","https:\/\/www.facebook.com\/JoshLong","https:\/\/www.instagram.com\/thejoshmeister\/","https:\/\/www.linkedin.com\/in\/thejoshmeister","https:\/\/www.pinterest.com\/thejoshmeister\/","https:\/\/twitter.com\/theJoshMeister","https:\/\/www.youtube.com\/@theJoshMeister"],"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2018\/02\/Mac-Security-Jan-2018.png","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-jA6","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/75274"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=75274"}],"version-history":[{"count":7,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/75274\/revisions"}],"predecessor-version":[{"id":88240,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/75274\/revisions\/88240"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/75406"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=75274"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=75274"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=75274"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}