Documentation Scanner
TweetFollow Us on Twitter

Documentation Scanner

Friday March 5

08:15
About the security content of iOS 10.3

This document describes the security content of iOS 10.3.

| Read more »
08:09
About the security content of iTunes 12.7.4 for...

This document describes the security content of iTunes 12.7.4 for Windows.

| Read more »
08:05
About the security content of Safari 11.1

This document describes the security content of Safari 11.1.

| Read more »
08:01
About the security content of watchOS 4.3

This document describes the security content of watchOS 4.3.

| Read more »
07:58
About the security content of iCloud for Windows 7.4

This document describes the security content of iCloud for Windows 7.4.

| Read more »
07:54
About the security content of tvOS 11.3

This document describes the security content of tvOS 11.3.

| Read more »
07:50
About the security content of iOS 11.4

This document describes the security content of iOS 11.4.

| Read more »
07:46
About the security content of tvOS 11.4

This document describes the security content of tvOS 11.4.

| Read more »
07:41
About the security content of watchOS 4.3.1

This document describes the security content of watchOS 4.3.1.

| Read more »
07:38
About the security content of iTunes 12.7.5 for...

This document describes the security content of iTunes 12.7.5 for Windows.

| Read more »
07:32
About the security content of iCloud for Windows 7.5

This document describes the security content of iCloud for Windows 7.5.

| Read more »
07:27
About the security content of Safari 11.1.1

This document describes the security content of Safari 11.1.1.

| Read more »
07:22
About the security content of iOS 12.1

This document describes the security content of iOS 12.1.

| Read more »
07:07
About the security content of iOS 12.1.3

This document describes the security content of iOS 12.1.3.

| Read more »
07:01
About the security content of macOS Mojave 10.14.3,...

This document describes the security content of macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra.

| Read more »
06:56
About the security content of tvOS 12.1.2

This document describes the security content of tvOS 12.1.2.

| Read more »
06:48
About the security content of watchOS 5.1.3

This document describes the security content of watchOS 5.1.3.

| Read more »
06:43
About the security content of iOS 12.3

This document describes the security content of iOS 12.3.

| Read more »
06:31
About the security content of watchOS 5.2.1

This document describes the security content of watchOS 5.2.1.

| Read more »

Thursday March 4

06:05
Powershelling Away At Bitlocker

The Enable-BitLocker cmdlet is available in Powershell to encrypt drives. The command is fairly straight forward once we figure out how to do a few things. In the following we’ll use -mountPoint to define that it’s the default C: drive that we’re encrypting, followed by -EncryptionMethod as an Aes128 or an Aes256 and then who can unlock, in this case, the CharlesEdge short name on the Krypted domain, then we’ll prompt (that can be removed) and define a -pin of 2345 to unlock the recovery key and finally drop the key off at a -RecoveryKeyPath. Seems like a lot but it’s not and there are ways to do a password instead of a key but since the target location should be write only we don’t want to put too much of a barrier up for the script in f: that, let’s say, might pick it up and pop it into a database or device management tool:

Enable-BitLocker -MountPoint "C:" -EncryptionMethod Aes256 -AdAccountOrGroup "Krypted\CharlesEdge" -AdAccountOrGroupProtector -Confirm -Pin 2345 -...

| Read more »

Wednesday March 3

10:12
AA21-062A: Mitigate Microsoft Exchange Server...

Original release date: March 3, 2021
Summary

Cybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated attacker to execute arbitrary code on vulnerable Exchange Servers, enabling the attacker to gain persistent system access, as well as access to files and mailboxes on the server and to credentials stored on that system. Successful exploitation may additionally enable the attacker to compromise trust and identity in a vulnerable network. Microsoft released out-of-band patches to address vulnerabilities in Microsoft Exchange Server. The vulnerabilities impact on-premises Microsoft Exchange Servers and are not known to impact Exchange Online or Microsoft 365 (formerly O365) cloud email services.

This Alert includes both tactics, techniques and procedures (TTPs) and the indicators of compromise (IOCs)...

| Read more »
05:02
Riddles in Assembly

global _start

I just got this book ecx, odd_msg

AND holy buckets it’s fun. len2

jmp outprog

The post Riddles in Assembly appeared first on krypted.

| Read more »

Monday March 1

11:40
Developer Mode System Extensions on macOS

System and Network Extensions are fairly easy programmatically. However, there is some nuance around building them. Much of this is in getting the correct entitlements – but also a little in troubleshooting.

To see (or set) those entitlements, look at the .entitlements file located in the root of an Xcode Project. That will be a plist with a few entries. In this one, we’ll see com.apple.developer.networking.networkextension so we’re working on a network extension.

com.apple.security.app-sandbox

com.apple.security.application-groups

$(TeamIdentifierPrefix)com.krypted.firewall

com.apple.developer.networking.networkextension

content-filter-provider

To add one, go to the General screen for the project, and locate the section for Frameworks, Libraries, and Embedded Content.

...

| Read more »

Saturday February 27

11:15
So Long, Fry’s, Thanks For All The Fish

Thursday February 25

09:22
Create Email Aliases in Office 365

The things are always changing. I write less and less how-to things because as the rate of innovation skyrockets (another way to say changes that are sometimes good and sometimes bad) – the second I hit save the article seems out of date, or technical debt. But hey, sometimes I have to look longer than I should for something. So. To create an email alias in Microsoft Online/Office 365.

  • Login to an account with Exchange administrative capabilities
  • Click the Admin tab.
  • Click Exchange in the left sidebar.
  • Click Recipients.
  • Click Mailboxes (or Users in the newer interface).
  • Click the user to create the alias for (in the old interface click the pencil in the new interface simply double-click).
  • At the pop-up (yah, make sure to allow pop-ups if it doesn’t open), select Email Address.
  • You then see a list of existing aliases along with the default email address bolded. Click the + sign. Don’t touch any of the...
| Read more »

Wednesday February 24

06:00
AA21-055A: Exploitation of Accellion File Transfer...

Original release date: February 24, 2021
Summary

This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[5][6] These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance (FTA).[7] This activity has impacted organizations globally, including those in Australia, New Zealand, Singapore, the United Kingdom, and the United States.

Worldwide, actors have exploited the vulnerabilities to attack multiple federal and state, local, tribal...

| Read more »

Monday February 22

11:28
Jamf After Dark: The Language Of Design Systems
11:20
MacAdmins Podcast: School Life
09:40
Some Basic Chromeos Troubleshooting (Under the hood)

Chromeos is one of the easier operating systems to use. It’s matured a lot over the years and there are now some great troubleshooting options under the hood. One thing I hate doing is mashing buttons without at least some semblance of proof of a hypothesis about what a problem is. In other words, I like to start troubleshooting with logs. For this let’s use Ctrl+Alt+F2 to bring up a virtual terminal. From there:

  • A standard place for logs since Unix System V has been /var/log. In there are files such as libcros_log, which is where chromium dumps logs from services.
  • /var/log/messages and subdirectories of /var/log/window_manager/chromeos-wm.LATEST and /home/chronos/user/log/chromoeos-wm.LATEST
  • /home/chronos/user/log/chrome_log which is dedicated chrome logs for the internal login manager
  • Find installed webapps in /opt/google/chrome/resources

To reconfigure the network stack, use the initctl command along with the restart verb...

| Read more »

Sunday February 21

11:14
Apple 1997-2011: The Return Of Steve Jobs

Thursday February 18

11:11
From Moveable Type To The Keyboard

Wednesday February 17

08:29
Reviewing TCC dialog prompts using logs on a Mac

I wrote this awhile back on using the logging facilities in macOS to review and parse logs. The log command provides a number of options to see various events on a Mac. I was recently working on an app that was automatically denying a prompt to generate entitlements and thought I’d post how to find the logs for that. First, let’s find all prompts. We’ll do that using the com.apple.TCC subsystem as a predicate. In the below command we simply pipe the output to grep for Prompting.

/usr/bin/log show -style syslog --predicate 'subsystem == "com.apple.TCC"' --info --last 12h | grep Prompting

I’d much rather use “&& contains” in syslog because I suspect it would be more efficient – but I find I prefer grep. Now that we see the output, let’s swap that Prompting in the above to deny and shorten the window for how long it takes to compile and run the app (typically less than an hour):

/usr/bin/...

| Read more »
08:00
AA21-048A: AppleJeus: Analysis of North Korea’s...

Original release date: February 17, 2021
Summary

This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.

This joint advisory is the result of analytic efforts among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Treasury (Treasury) to highlight the cyber threat to cryptocurrency posed by North Korea, formally known as the Democratic People’s Republic of Korea (DPRK), and provide mitigation recommendations. Working with U.S. government partners, FBI, CISA, and Treasury assess that Lazarus Group—which these agencies attribute to North Korean state-sponsored advanced persistent threat (APT) actors—is targeting individuals and companies,...

| Read more »

Monday February 15

11:27
Jamf After Dark: Jamf Now and an Update On Small...
11:19
MacAdmins Podcast: Alectrona Patch
08:30
NeXT Computer && Apple

The post NeXT Computer && Apple appeared first on krypted.

| Read more »

Friday February 12

07:10
Apple’s Lost Decade

The post Apple’s Lost Decade appeared first on krypted.

| Read more »

Thursday February 11

11:15
AA21-042A: Compromise of U.S. Water Treatment...

Original release date: February 11, 2021
Summary

On February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment plant. The unidentified actors used the SCADA system’s software to increase the amount of sodium hydroxide, also known as lye, a caustic chemical, as part of the water treatment process. Water treatment plant personnel immediately noticed the change in dosing amounts and corrected the issue before the SCADA system’s software detected the manipulation and alarmed due to the unauthorized change. As a result, the water treatment process remained unaffected and continued to operate as normal. The cyber actors likely accessed the system by exploiting cybersecurity weaknesses, including poor password security, and an outdated operating system. Early information indicates it is possible that a desktop sharing software, such as TeamViewer, may have been used...

| Read more »
07:56
Quick and Dirty Avrae and DNDBeyond Commands

Discord is a great service for building quick chat groups, having video chats with multiple people (I’ve even used it to record podcasts), and much more. DNDBeyond has changed the way some of my Dungeons and Dragons groups play the game by allowing us to build character sheets online, giving quick access to information we used to pause games to look up in books, act as an online dice roller for parties where we can all see the results (with buffs added in), and now integrate and stream that to Discord using the Avrae Discord bot.

I don’t think anything has changed the way we play Dungeons and Dragons more since the move from basic to 1st edition or the move to 5e. One thing though, the APIs for DNDBeyond and the Avrae bot keep evolving but there are some really basic game play elements that I can go through to help anyone new to the...

| Read more »

Tuesday February 9

07:09
The Unlikely Rise Of The Macintosh

Thursday January 28

13:26
Set up home theater audio with HomePod and Apple TV...

Use a HomePod or stereo pair with your Apple TV 4K to create a theater experience with Dolby Atmos or surround sound right in your home.

| Read more »

Thursday December 6

22:10
About the security content of iOS 12.1.1

Monday May 3

08:17
iPad: How to transfer or sync content to your...
 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Trend Micro 11.0.2062 - An essential sec...
Trend Micro Antivirus provides essential security for macOS with real-time malware detection and mitigation in an affordable solution with a simple, intuitive interface. However, be aware that more... Read more
Backblaze 7.0.2.490 - Online backup serv...
Backblaze is an online backup service designed from the ground-up for the Mac. With unlimited storage available for $6 per month, as well as a free 15-day trial, peace of mind is within reach with... Read more
Pro Video Formats 2.2.1 - Updates for pr...
Pro Video Formats includes support for the following professional video codecs: Apple Intermediate Codec Apple ProRes AVC-Intra 50 / 100 / 200 / 4:4:4 / LT AVC-LongG XAVC XF-AVC DVCPRO HD HDV XDCAM... Read more
Boom 3D 1.3.11 - $19.99
Boom 3D is a revolutionary app with 3D Surround Sound and phenomenally rich and intense audio that is realistic and works on any headphones. Features 3D surround sound Built-in audio player... Read more
Final Cut Pro 10.5.2 - Professional vide...
Redesigned from the ground up, Final Cut Pro combines revolutionary video editing with a powerful media organization and incredible performance to let you create at the speed of thought.... Read more
Chromium 89.0.4389.72 - Fast and stable...
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. Version 89.0.4389.72: Complete list of changes can... Read more
iMovie 10.2.3 - Edit personal videos and...
With a streamlined design and intuitive editing features, iMovie lets you create Hollywood-style trailers and beautiful movies like never before. Browse your video library, share favorite moments,... Read more
OmniPlan 4.2.5 - Professional-grade proj...
With OmniPlan, you can create logical, manageable project plans with Gantt charts, schedules, summaries, milestones, and critical paths. Break down the tasks needed to make your project a success,... Read more
Compressor 4.5.2 - Adds power and flexib...
Compressor adds power and flexibility to Final Cut Pro X export. Customize output settings, work faster with distributed encoding, and tap into a comprehensive set of delivery features. Features:... Read more
Motion 5.5.1 - Create and customize Fina...
Motion is designed for video editors, Motion 5 lets you customize Final Cut Pro titles, transitions, and effects. Or create your own dazzling animations in 2D or 3D space, with real-time feedback as... Read more

Latest Forum Discussions

See All

Frogger in Toy Town's latest update...
Konami Digital Entertainment has announced today that their Apple Arcade title Frogger in Toy Town has been updated to introduce a new ranked Endurance Mode. This new game variant's arrival is also accompanied by a few other changes. [Read more] | Read more »
Mitoza is surreal adventure toy you can...
The folks behind the Rusty Lake games have just put a new title onto the App Store. Second Maze, Rusty Lake's collaborative publishing brand, has just brought this 10 year old adventure game from Gal Mamalya to mobile. The best part about all of... | Read more »
Pocket Gamer Awards 2021: You have five...
Three weeks ago our sister site, Pocket Gamer, entered the voting stage for the upcoming Pocket Gamer Awards 2021 and is now in the final stretch. You only have a few hours left to vote for the games you’ve enjoyed on mobile in the past year, as... | Read more »
Patty Stack is a casual arcade game, ava...
Patty Stack is a casual arcade title that's available now for iOS and Android. It's the debut game from developer Feeka Games tasks players with making an increasingly giant burger tower. Think of it as Tower Bloxx but more edible. [Read more] | Read more »
Distract Yourself With These Great Mobil...
There’s a lot going on right now, and I don’t really feel like trying to write some kind of pithy intro for it. All I’ll say is lots of people have been coming together and helping each other in small ways, and I’m choosing to focus on that as I... | Read more »
Genshin Impact Guide - Gacha Strategy: W...
This is part 2 of our Genshin Impact gacha strategy guides. See part 1 here. You can check out more guides for Genshin Impact here. | Read more »
Slashy Camp is a new endless runner insp...
Blue Wizard Digital has released Slashy Camp onto iOS and Android after it spent a short amount of time in early access. [Read more] | Read more »
Kinder World is a relaxing game about lo...
Lumi Interactive is releasing a game called Kinder World later this year on iOS and Android, which is all about looking after houseplants. [Read more] | Read more »
Steam Link Spotlight - Fights in Tight S...
Steam Link Spotlight is a feature where we look at PC games that play exceptionally well using the Steam Link app. Our last entry was on Hades. Read about how it plays using Steam Link over here. | Read more »
Lyxo, the light-based puzzler for mobile...
Vienna-based independent game studio Emoak has just released its unique light-based puzzler for iOS and Android. Founded in 2014 by Tobias Sturn, the company is also the creative force behind the infinite climbing game Paper Climb, as well as the... | Read more »

Price Scanner via MacPrices.net

Weekend Sale: $100 off Apple iPad Magic Keybo...
Amazon has Apple iPad Magic Keyboards on sale for $100 off MSRP for a limited time. Amazon’s prices are the lowest available for iPad Magic Keyboard from any Apple reseller this weekend: – Magic... Read more
Gazelle now offering a full line of refurbish...
Gazelle is now offering a full range of discounted, refurbished, unlocked Apple iPhone 12 models starting at $649. iPhones are offered in Fair, Good, and Excellent conditions, and multiple colors are... Read more
These are the latest discounted iPhones Apple...
Apple has a range of Certified Refurbished iPhones available right now starting at only $339. Apple includes a standard one-year warranty, new outer shell, and shipping is free. According to Apple, “... Read more
Save up to $64 on new M1 MacBook Airs at Expe...
Apple reseller Expercom has 2020 13″ M1 MacBook Airs on sale for $51-$64 off Apple’s MSRP with prices starting at $947.96. In addition to their MacBook Air sale prices, take $50 off AppleCare+ when... Read more
Discounts available on 16″ MacBook Pros with...
Upgrade a 16″ 6-Core or 8-Core MacBook Pro from 16GB of standard RAM to 32GB at Adorama, and save $100-$210 over Apple’s price for this custom option: – 16″ 6-Core MacBook Pro/32GB RAM: $2699, save $... Read more
10.9″ iPad Airs on sale for $50-$70 off Apple...
Amazon has new 2020 10.9″ Apple WiFi iPad Airs in stock and on sale today for up to $70 off MSRP with prices starting at $549. Note that Amazon’s sale price might be restricted to certain colors (see... Read more
Apple restocks 2020 27″ 5K iMacs for up to $3...
After an initial offering in January, Apple has restocked a full line of Certified Refurbished 2020 27″ 5K iMacs starting at $1529 and up to $350 off original MSRP. Apple’s one-year warranty is... Read more
Sale! 16″ 8-Core MacBook Pro for $2449, $350...
Apple reseller Adorama has the 16″ 2.3GHz 8-Core Space Gray MacBook Pro in stock and on sale today for $2449 including free shipping. Their price is $350 off Apple’s MSRP for this model, and it’s the... Read more
Roundup of 13″ Multi-Core Intel MacBook Pro s...
Apple resellers are offering significant sales & deals this week on 2020 13″ MacBook Pros with 10th generation Intel CPUs. Take up to $250 off Apple’s MSRP, get free fast shipping, and/or pay no... Read more
64GB iPhone 8 Plus available for $379 at Appl...
Apple has the 64GB iPhone 8 Plus in Space Gray & Gold colors available for $379 today, Certified Refurbished. Each phone is unlocked and comes with Apple’s standard 1-year warranty and free... Read more

Jobs Board

Geek Squad Advanced Repair *Apple* Professi...
**795178BR** **Job Title:** Geek Squad Advanced Repair Apple Professional **Job Category:** Store Associates **Store Number or Department:** 001406-Allen Park-Store Read more
Geek Squad *Apple* Consultation Professiona...
**796549BR** **Job Title:** Geek Squad Apple Consultation Professional **Job Category:** Store Associates **Store Number or Department:** 001800-Hot Springs-Store Read more
*Apple* Mobility Specialist - Best Buy (Unit...
**796014BR** **Job Title:** Apple Mobility Specialist **Job Category:** Store Associates **Store Number or Department:** 001776-Woodmore Towne Centre-Store **Job Read more
Systems Architect, *Apple* Production Engin...
…package beginning on your first day? If so, we hope you'll keep reading! The Apple Sales Engineering and account team is looking for a stellar presales engineer with Read more
Systems Engineer, Webscale, *Apple* Retail,...
…beginning on your first day? If so, we hope you'll keep reading! The Apple Sales Engineering team is looking for a pre-sales engineer with Enterprise engineering Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.