Apple Security and Privacy in 2024: The Year in Review
Posted on by Kirk McElhearn and Joshua Long
Throughout the year 2024, there has been plenty of security and privacy news that impacts Apple users. Apple operating systems received a record number of security fixes. New security and privacy features were released in iOS 18, iPadOS 18, and macOS Sequoia. And we saw a significant increase in the quantity and variety of scams—including the use of AI to try to scam people via email, voice calls, and even videos.
Here are some highlights of several major security and privacy issues that affected Apple devices, operating systems, and users in 2024.
And stay tuned to The Mac Security Blog and subscribe to our free e-mail newsletter for our upcoming companion article about malware affecting Apple devices in 2024.
January
Google Chrome zero-day vulnerabilities
In mid-January, Google patched its first zero-day vulnerability of the year; there would be more to come later in the year. This and other Chrome vulnerabilities are present in all browsers and other apps that use the Chromium engine; these include Edge, Brave, Vivaldi, Opera, and Opera GX. Users of these browsers need to regularly update the apps, and this often occurs automatically when quitting and relaunching the browser.
But it’s not just browsers that are based on Chromium; apps using the Electron framework are also at risk. Read Chromium vulnerabilities threaten Electron app security for more on this issue.
Chrome would require patches for more zero-day vulnerabilities throughout the year, eventually reaching ten in August. Read Google Chrome browser patches 9th and 10th zero-days of 2024.
Email invoice scams
While this sort of scam started in 2023, it reached critical mass in 2024. As we describe in Fake “Geek Squad” invoice scam, now using Housecall Pro servers, people receive fake invoices sent from legitimate services to evade spam filters. The invoices talk about a subscription or a purchase that someone has made and give a phone number to call if there are any questions. The goal is to get people to phone the scammers, who try to convince them to install malware on their devices, allowing scammers to access data, get into their important accounts, and potentially steal money from their bank accounts.
We discussed these scams in episode 327 of the Intego Mac Podcast.
Stolen Device Protection for iPhone
Apple released iOS 17.3 with a new feature: Stolen Device Protection for iPhone. This feature, when enabled, prevents potential thieves from changing your Apple ID and altering critical security settings on your iPhone. Read How to enable Stolen Device Protection for iPhone to find out how this works and how to enable it, and whether you should enable this feature.
Apple Macintosh turns 40
It was the 40th anniversary of the computer that changed everything, the Apple Macintosh. We looked at some of the major milestones of this computer in Apple Macintosh Turns 40: A look back at 10 important milestones in the Mac’s history.
Apple patched first in-the-wild vulnerability of the year
Apple released security updates for macOS Sonoma, iOS, iPadOS, and its other operating systems, and one of the patched vulnerabilities “may have been exploited in the wild.” Read Apple patches 1st in-the-wild exploited bug of 2024 in macOS Sonoma 14.3, iOS 17.3, and more.
February
Fake LastPass app
Apple distributed a fake app that impersonated the LastPass password manager in its App Store, and this was just one of the issues in 2024 regarding fake and scam apps in Apple’s App Stores. Read Apple distributed a fake LastPass Password Manager in the App Store. We discussed this in episode 331 of the Intego Mac Podcast.
Vision Pro security and privacy
Apple’s newest platform, the Vision Pro, has interesting features. We looked at the security and privacy strengths and weaknesses of the Vision Pro in Apple Vision Pro’s security and privacy: How good is it really?.
Fake crypto apps in Apple’s App Stores
Another of the many stories about fake apps in Apple’s App Stores looked at how at least $100,000 was scammed from users who downloaded apps masquerading behind the names of real services that didn’t have apps in the App Store.
“Both fake finance apps used the real products’ names. This time the fake apps’ developers didn’t even try to hide behind typosquatting or similarly spelled names; they just went directly for stealing the names of the companies and products they were mimicking.”
Read Apple distributed fake crypto finance apps in App Store, leading to $100K losses.
March
Apple devices and the EU
In March 2024, the EU’s Digital Markets Act took effect, notably requiring that Apple allow users to install third-party app stores, easily switch default web browsers, and more. While these changes only affect the EU for now, other countries are considering similar changes. We discussed the security and privacy implications in iOS 17.4 Brings Changes to iOS App Store, browsers, and contactless payments in the EU.
Zero-day vulnerabilities patched for the iPhone and iPad
Apple security updates in early March patched two zero-day vulnerabilities affecting iPhones and iPads. Read Update now: iOS 17.4 and iPadOS 17.4 fix 2 zero-day vulnerabilities.
68 vulnerabilities patched in macOS Sonoma update
An update to macOS Sonoma patched a total of 68 vulnerabilities. Read macOS Sonoma 14.4 introduces 68+ security fixes… but also some new bugs. We discussed this on episode 335 of the Intego Mac Podcast.
Movie piracy app reaches #2 in the U.S. App Store
A movie piracy app reached #2 in the Entertainment category in the U.S., and #18 in the overall Top Free list in the U.S iOS App Store. At the same time, another fake cryptocurrency app climbed the charts in the App Store; it was the third time this service was the victim of a fake. This calls into question Apple’s App Store review process, which should be especially stringent for certain categories of apps, such as those that involve money (or crypto money). Read Apple let a movie piracy app reach #2 in Entertainment in the U.S. App Store.
April
Apple notifies users targeted by “mercenary spyware attack”
Apple sent emails to users in some 92 countries, warning them that they had been targeted by “mercenary spyware attacks,” using spyware such as Pegasus. This raised the question of how users can be sure that notifications or emails from Apple are legitimate. We published How to spot fake Apple security alerts via text, phone, email, or web to address this question, since these fake texts and emails are common. We also discussed this on episode 340 of the Intego Mac Podcast.
Mysterious Apple ID password resets
On April 26, a large number of Apple users discovered that their Apple ID accounts were locked, and they needed to reset their passwords. A single point of failure and a poorly implemented Stolen Device Protection feature exacerbated this problem for many users. Read Mysterious Apple ID password resets: What we know, and how to protect your account.
May
Another OS update, more urgent security fixes
The May update to Apple’s operating systems had dozens of security fixes. Read Apple releases macOS Sonoma 14.5, iOS 17.5, and more, with urgent security updates.
Sensitive photos “undeleted?”
When Apple released iOS 17.5 and iPadOS 17.5, a small number of users discovered “sensitive” deleted photos had reappeared in their Photos library; at least one even claimed to have seen photos they thought had never been downloaded. There was a lot of speculation surrounding this issue until Apple released a minor update to fix it, saying, “a rare issue where photos that experienced database corruption could reappear in the Photos library even if they were deleted.” Read iOS 17.5 bug undeleted sensitive photos—allegedly on devices you no longer own.
June
Porn blackmail emails
A new scam claiming that someone had hacked computers, and used the camera to record activities involving porn, has been making the rounds. They demand payment in Bitcoin to not make this footage public. We took a close look at these emails to explain why they are bogus in Porn blackmail “sextortion” emails: Have you been hacked? A new scam.
New security and privacy features in iOS 18, iPadOS 18, and macOS Sequoia
Apple gave a first look at its new operating systems at the Worldwide Developers Conference (WWDC). We looked at the top five security and privacy features coming in the fall. Read Top 5 security and privacy features of macOS Sequoia, iOS 18, and iPadOS 18. We also discussed this on episode 349 of the Intego Mac Podcast.
July
The regreSSHion vulnerability surfaces
On July 1, OpenSSH patched a high-severity vulnerability known as “regreSSHion.” Since macOS includes this software, we wrote about the possible security implications for Mac users; see Does the “regreSSHion” vulnerability impact Macs? How to disable Remote Login. Macs remained vulnerable until July 29, when Apple released macOS Sonoma 14.6.
How to protect your Mac in case it gets stolen
While Apple has not yet released an equivalent feature to the iPhone’s Stolen Device Protection for Macs, there are a few things you can do to minimize the damage if your Mac gets stolen. See our July write-up: Do this now to protect your Mac in case it gets stolen.
Apple patches zero-day in macOS Monterey months later
Alongside the release of macOS Sonoma 14.6, iOS 17.6, and updates for Apple’s other current operating systems, Apple also patched a few vulnerabilities in older OSes as well. This included a macOS Monterey patch for an in-the-wild exploited vulnerability that Apple had patched for macOS Sonoma and macOS Ventura two months earlier in May. (See Apple releases macOS Sonoma 14.6, iOS 17.6, and more, with security updates.) This is one of many examples why it’s always safest to use the latest Apple operating systems; never lag behind on old versions.
August
Apple leaving critical vulnerabilities unpatched
In August, we took a close look at certain open-source elements of macOS that had critical vulnerabilities that Apple had not patched. We’d been following this issue for some time and were surprised that Apple still didn’t fix these executables. Read Apple still leaving critical vulnerabilities unpatched in macOS Sonoma.
The risks of Chrome extension vulnerabilities
A survey in August highlighted how many Chrome extensions are out of date and at risk because they use code libraries with known vulnerabilities. This means that many such extensions pose security and privacy risks. Read Chrome extensions are a security nightmare; here’s why you should avoid them.
The largest data leak ever
A data leak of some 2.7 billion records was discovered, including full names, dates of birth, and home addresses of residents of the United States, Canada, and the United Kingdom. Read Massive data leak: 2.7 billion records of U.S., Canada, UK residents, including Social Security numbers. We discussed this on episode 357 of the Intego Mac Podcast.
September
Apple’s new Passwords app
One of the most important features in Apple’s 2024 operating systems is a dedicated Passwords app for iPhone, iPad, and Mac. This is a full-featured password manager and is useful for everyone to ensure their security and privacy. Read How to use Apple’s Passwords app on iPhone, iPad, and Mac.
Lock and hide apps on iPhone and iPad
Another useful privacy feature in iOS 18 and iPadOS 18 is the ability to lock and hide apps, requiring that you authenticate with Face ID or Touch ID to access them. Read How to Lock and Hide Apps on iPhone and iPad to Increase Your Privacy.
What Apple patched, and what they didn’t patch
With the arrival of macOS Sequoia, iOS 18, and iPadOS 18, we took a look at the dozens of vulnerabilities that Apple patched, but also at what they didn’t fix. Read macOS Sequoia and iOS 18: What Apple patched—and what they didn’t.
October
Fake headlines flaw still unpatched during another U.S. presidential election
In October, we wrote about Apple’s neglect in patching a flaw that allows anyone to send fake headlines via iMessage. Threat actors can exploit nearly any site that has a text field (such as a search box), including major news sites. Learn more: Apple still hasn’t fixed 6-year-old “fake headlines” flaw exploitable for election interference.
Voice-enabled AI scam bots deployed in Google account hacking scheme
We also wrote in October about an increasingly common scam. In an effort to break in, scammers may attempt multiple times in a row to log into your account (causing multiple alerts), and then call you claiming to be Google. But it turns out that the fake “call center” is staffed by automated, voice-enabled artificial intelligence. Read AI scam bots are trying to “recover” your Gmail account.
November
Urgent fix for two actively exploited vulnerabilities
In November, Apple released an urgent security update for two actively exploited Vulnerabilities that affected most of Apple’s operating systems. But there were still older vulnerabilities that Apple didn’t patch. Read Urgent Apple security updates fix 2 “actively exploited” flaws in macOS, iOS, and more.
How to know if a link is safe to click
Phishing is one of the most serious dangers on the internet and tricks people by creating emails that look legitimate. It is important to know if a link is safe to click, and in this article, we look at how web links work, and how to tell if they are safe. Read Is this link safe? How to check safely—without clicking on it. This is particularly pertinent regarding the article below about fake package delivery emails.
December
Fake package delivery messages via text and email
Speaking of phishing, there has been a rash of fake package delivery texts and emails, telling you to click a link to provide information to deliver a package that could not be delivered. What is surprising is that some of these text messages are sent via iMessage, rather than just SMS. Read Beware of fake package delivery texts and e-mails! Here’s what to look for.
Fake money requests and invoices via email
In late November and throughout December, we’ve observed a variety of fraudulent “money requests,” invoices, and receipts sent via legitimate services like PayPal, Venmo, and Docusign. Because these fake payment requests are sent through real services, they typically bypass spam filters and go straight to victims’ inboxes. Learn more about Money request and invoice scams via PayPal, Venmo, and Docusign.
These are just the most important security and privacy updates, features, and events of 2024. Our companion article—coming soon—will look at malware that has affected Mac, iPhone, iPad, and even Vision Pro in 2024.
How can I learn more?
Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, including security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.
You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: