Apple Dev Center partially back online, still no details about the hack
Posted on 29 July 2013.
Parts of the Apple Developer Center are back online after a week long outage caused by an unnamed intruder that has "attempted to secure" personal information of Apple registered developers.



The iOS, Mac and Safari Dev Centers, as well as the Software Downloads, Certificates, Identifiers & Profiles section, and the Bug Reporter are once again accessible to the developers, who can now use the tools and the iOS and OS X development builds made available to them by Apple.

But even thought the Dev Center is slowly being restored, the traditionally tight-lipped company has still not revealed more details about the breach, and has yet to comment on the claims of self-styled security researcher Ibrahim Balic who says that his research and penetration testing efforts have likely triggered the outage.

He says that he contacted Apple before the outage with information about half a dozen bugs in their systems, and that he was ignored. He also claims to have downloaded account details of over 100.00 developers, including 73 of Apple's workers which he then submitted to the company as proof.

But, according to The Guardian, the details about the hack and the email addresses associated with 19 developer accounts he provided to them aren't conclusive.

The reporters have tried to contact the owners of those email addresses, and have discovered that many of the emails bounced (the address no longer exists), traces of none of them could be found on the Internet (which would be practically impossible if developers used them), and many belong to services that became inoperative before the opening of the Apple Dev Center.

But if Balic had nothing to do with this, the questions remain: who did, and why? Let's hope that Apple will soon share more details, as the breach and the effects of it are considerable and should not be ignored.









Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Nov 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //