A new tool recently submitted to GitHub can allegedly perform password dictionary attacks on iCloud accounts, without being detected by Apple’s brute-force protections that are supposed to prevent such attacks.
The iCloud.com Photos app has disappeared from the site. The “Beta” app’s icon no longer appears on the main menu of the iCloud website.
While Apple’s two-factor authentication used to reset a password does provide additional security to a user’s Apple ID, it also makes it virtually impossible to reset your password or access your account in the event that your account has been hacked and you forget your recovery key.
The iCloud.com photos upload feature has emerged from developer-only testing, and is available to all iCloud.com users.
Apple has added the ability to upload images to its iCloud.com beta site for developers. The public site allows users to view, download, and delete their iCloud Photo Library images, but doesn’t currently allow uploading of photos to the library.
Apple CEO Tim Cook is reported to have met in Beijing with a top Chinese government on Wednesday to discuss user data security.
Apple confirms that it knows about the “intermittent organized network attacks” on Chinese iCloud users, but assures users that its own servers have not been compromised.
GreatFire reports that the Chinese government is targeting iCloud users in China in an attempt to access their login information. The attack, via the man-in-the-middle method, redirects users to a fake iCloud.com login page.
Apple has begun sending email reminders to iCloud users that a new security related requirement of app-specific passwords for third-party software that accesses iCloud data goes into effect on Thursday.
Apple’s iCloud is down for some users, with reports of issues logging into iCloud.com and gaining access to iCloud services such as Calendar, Mail, and Notes.
Apple knew about a brute force security vulnerability in their iCloud service six month before it was used to hack numerous celebrities’ accounts on the service. The company’s security team had been notified of the flaw in emails from independent security researcher Ibrahim Balic.
Just ahead of the launch of both iOS 8 and OS X Yosemite, and the launch of iCloud Drive, Apple has put in place new iCloud storage plans and pricing. Customers can continue to get 5GB of storage free, or can store up to 1TB for $19.99 per month.
Apple CEO Tim Cook was quoted last week as saying Apple would be beefing up iCloud security measures as a response to the compromised celebrity iCloud accounts.
A forensics consult and researchers says that after analyzing metadata from leaked photos of Kate Upton, it appears that the photos were obtained using Elcomsoft Phone Password Breaker (EPPB) – software intended for use by law enforcement officials – which allows users to download a complete backup of all data on an iPhone once the iCloud ID and password have been obtained.
Apple has released a media advisory concerning the celebrity photo leaks over the weekend. The company says that after over 40 hours of investigation, their engineers have found that the leaks were the result of “very targeted attacks” on user names, passwords, and security questions.
Apple has confirmed that it is in the process of investigating if iCloud security breaches were responsible for the release of hundreds of private celebrity photos and videos over the weekend.