Apple, Mac, iOS4,...
Follow
Find tag "BYOD-Security"
8.0K views | +0 today
Apple, Mac, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from Apps and Widgets for any use, mostly for education and FREE
Scoop.it!

Most of the top 100 paid Android and iOS apps have been hacked | CyberSecurity | MobileSecurity | eSkills

Most of the top 100 paid Android and iOS apps have been hacked | CyberSecurity | MobileSecurity | eSkills | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps have been hacked, according to Arxan Technologies.


Learn more:


http://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/



Via Gust MEES
Gust MEES's insight:
97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps have been hacked, according to Arxan Technologies.


Learn more:


http://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/


more...
Gust MEES's curator insight, November 17, 8:21 AM
97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps have been hacked, according to Arxan Technologies.


Learn more:


http://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/


Gust MEES's curator insight, November 17, 8:26 AM
97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps have been hacked, according to Arxan Technologies.


Learn more:


http://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/


Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Forensic scientist identifies suspicious 'back doors' running on every iOS device | Privacy | Cyberespionage

Forensic scientist identifies suspicious 'back doors' running on every iOS device | Privacy | Cyberespionage | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
During his talk at HOPE/X Jonathan Zdziarski detailed several undocumented services (with names like 'lockdownd,' 'pcapd,' 'mobile.file_relay,' and 'house_arrest') that run in the background on over 600 million iOS devices.


Zdziarski's questions for Apple include:

  • Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?
  • Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone?
  • Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?
  • Why is there still no mechanism to review the devices my iPhone is paired with, so I can delete ones that don’t belong?

... and his last slide (page 57 of the PDF) sums it up nicely: 


  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Learn more:



Gust MEES's insight:
During his talk at HOPE/X Jonathan Zdziarski detailed several undocumented services (with names like 'lockdownd,' 'pcapd,' 'mobile.file_relay,' and 'house_arrest') that run in the background on over 600 million iOS devices.


Zdziarski's questions for Apple include:

  • Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?
  • Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone?
  • Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?
  • Why is there still no mechanism to review the devices my iPhone is paired with, so I can delete ones that don’t belong?

... and his last slide (page 57 of the PDF) sums it up nicely: 


  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Learn more:


more...
Gust MEES's curator insight, July 21, 9:26 AM
  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Scooped by Gust MEES
Scoop.it!

Another iOS 7 lockscreen hole opens up - call anywhere in the world for free!

Another iOS 7 lockscreen hole opens up - call anywhere in the world for free! | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Another iOS 7 lockscreen bypass has surfaced: this one lets you call anywhere in the world for free.

OK, not really "for free" - someone has to pay, and that's the owner, who probably assumed th...
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Infosecurity - Apple iOS 7: A Security Overview

Infosecurity - Apple iOS 7: A Security Overview | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple's new iOS 7, pre-loaded on the new iPhone 5s and 5c, is also available for download to older devices. It is said to include more than 200 new features – here we look at some of the security aspects and issues.
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple's iOS 7 Update Fixes 80 Security Bugs

Apple's iOS 7 Update Fixes 80 Security Bugs | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Yesterday's iOS 7 update brought a slew of bug fixes, 80 in total, to Apple devices.
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Why You Need Mac Antivirus Software

Why You Need Mac Antivirus Software | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
From social networking to online shopping, banking, and surfing the web – precautions are needed to ensure our phones and our information are safe from malware attacks and cybercriminals. Learn more about smartphone security.
Gust MEES's insight:

 

Why You Need Mac Antivirus Software.

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
Gust MEES's curator insight, July 7, 2013 5:01 AM

 

Why You Need Mac Antivirus Software.

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Apple's iOS and Android are new favorite malware victims

Apple's iOS and Android are new favorite malware victims | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Cybercriminals are working on more complex schemes to wage attacks on PCs, laptops, and smartphones.

 

 

 

A new report shows that:

===> every single device that connects to the Internet is in danger. <===

 

Read this blog post by Dara Kerr on Security & Privacy:

http://news.cnet.com/8301-1009_3-57506159-83/apples-ios-and-android-are-new-favorite-malware-victims/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Why Apple wanted AuthenTec: Thwart Samsung, Android in BYOD

Why Apple wanted AuthenTec: Thwart Samsung, Android in BYOD | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Summary: If Apple didn't buy AuthenTec, a cash strapped mobile security player, it's likely another rival would have. Apple's courtship of the enterprise via the bring your own device continues.

 

 

Gust MEES: Check also my free course about BYOD here http://gustmees.wordpress.com/2012/07/07/bring-your-own-device-advantages-dangers-and-risks/

 

 

Read more:

http://www.zdnet.com/why-apple-wanted-authentec-thwart-samsung-android-in-byod-7000001722/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac malware, be aware! Forewarned is Forearmed!

In the past, few viruses have targeted Apple operating systems -- but this is gradually changing. The increased popularity of Apple smart devices has led some cybercriminals to exploit a traditionally ignored audience.

 

IT admins needs to educate their users about this growing threat and implement a business antivirus solution for Macs as they do for PCs.

 

Video here:

http://www.youtube.com/watch?v=MOflZBB4qGc

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Hackers Begin Targeting Macs

Hackers Begin Targeting Macs | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Recent Flashback attacks show Apple's surging popularity has gained the attention of hackers.

 

"All the stuff the bad guys have learned for doing attacks in the PC world is now starting to transition to the Mac world," McAfee Labs director of threat intelligence Dave Marcus told AFP.

 

"Mac has said for a long time that they are not vulnerable to PC malware, which is true; ===> they are vulnerable to Mac malware." <===

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

New OS X malware variant attacks unpatched Macs | ZDNet

New OS X malware variant attacks unpatched Macs | ZDNet | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

A new malware variant sets out to punish those who haven’t been keeping up to date with updates.

 

Patching OS X is so simple, but yet there are people who still put it off. A new malware variant sets out to punish those who haven’t been keeping up to date with updates.

 

The new variant is a Trojan horse called ‘Flashback.G’ and is makes use of two exploits found on older versions of the Java runtime. Users with macs running OS X 10.6 ‘Snow Leopard’ are particularly at risk since this version came with Java preinstalled while 10.7 ‘Lion’ did not.

 

According to security firm Intego, this malware uses three tricks to try to get itself installed onto a system: read more...

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

iOS tombe et Windows Phone résiste lors d’une compétition de hackers

iOS tombe et Windows Phone résiste lors d’une compétition de hackers | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
L’iPhone 5S a été mis à mal par une équipe de Corée du Sud, qui a réussi à profiter d'une combinaison de deux bugs dans Safari pour en prendre le contrôle. Le Samsung Galaxy S5 non plus n'a pas réisté aux assauts des hackers. Deux équipes ont profité de failles dans la gestion du protocole NFC pour en prendre le contrôle. le Nexus 5 a lui aussi été piraté via NFC, grâce à une technique étonnante, qui a consisté à forcer un appairage Bluetooth entre deux appareils.
Gust MEES's insight:
L’iPhone 5S a été mis à mal par une équipe de Corée du Sud, qui a réussi à profiter d'une combinaison de deux bugs dans Safari pour en prendre le contrôle. Le Samsung Galaxy S5 non plus n'a pas réisté aux assauts des hackers. Deux équipes ont profité de failles dans la gestion du protocole NFC pour en prendre le contrôle. le Nexus 5 a lui aussi été piraté via NFC, grâce à une technique étonnante, qui a consisté à forcer un appairage Bluetooth entre deux appareils.


more...
Gust MEES's curator insight, November 15, 3:58 AM

L’iPhone 5S a été mis à mal par une équipe de Corée du Sud, qui a réussi à profiter d'une combinaison de deux bugs dans Safari pour en prendre le contrôle. Le Samsung Galaxy S5 non plus n'a pas réisté aux assauts des hackers. Deux équipes ont profité de failles dans la gestion du protocole NFC pour en prendre le contrôle. le Nexus 5 a lui aussi été piraté via NFC, grâce à une technique étonnante, qui a consisté à forcer un appairage Bluetooth entre deux appareils.

Scooped by Gust MEES
Scoop.it!

Does Apple care more about securing Mac users than iPhone users?

Does Apple care more about securing Mac users than iPhone users? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
In the last couple of days, Apple has issued critical security patches for iOS, Mac OS X, the Apple Airport Base Station, and even the innocuous hockey puck-shaped Apple TV. And I trust, as a regul...


A malicious hacker could have taken one of these patched OS X vulnerabilities, and weaponised it for exploitation in a zero-day attack against iPhone and iPad users.

.

Every time Apple treats its smartphone and tablet customers as poor relations when it comes to security, they are putting millions of users at risk.


Learn more:



Gust MEES's insight:

Every time Apple treats its smartphone and tablet customers as poor relations when it comes to security, they are putting millions of users at risk.

.

Learn more:


.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Chaos Computer Club breaks Apple TouchID

Chaos Computer Club breaks Apple TouchID | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

 

The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID.


This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided.

Gust MEES's insight:

 

The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID.

 

This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
Gust MEES's curator insight, September 22, 2013 4:49 PM

 

The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID.

 

This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

Gust MEES's curator insight, September 22, 2013 4:50 PM

 

The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID.

 

This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided.

 

Learn more:


http://www.scoop.it/t/securite-pc-et-internet/?tag=biometrics

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

Scooped by Gust MEES
Scoop.it!

iOS 7 lock screen bypass flaw discovered, and how to fix it

iOS 7 lock screen bypass flaw discovered, and how to fix it | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
UPDATED: The iOS 7 lock screen can be bypassed with a series of gesture techniques, despite the passcode. While apps are blurred out, a major Camera app bug exists, which can allow photos to be edited, deleted, and shared with others.
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Rescooped by Gust MEES from Apps and Widgets for any use, mostly for education and FREE
Scoop.it!

83% Of Mobile Apps Are Risky

83% Of Mobile Apps Are Risky | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Summer 2013 App Reputation Report to examine the hidden behaviors behind free and paid mobile apps

 

The cloud-based, fully automated Appthority App Risk Management Service performed static, dynamic and behavioral app analysis on the 400 most popular free and paid apps on the iOS and Android platforms.

 

  

Appthority analyzed each app for particular behaviors within a test environment

.

Highlights from the App Reputation Report are:

 

- Overall, 83% of the most popular apps are associated with security risks and privacy issues.

 

- iOS apps exhibited more risky behaviors than Android apps. 91% of iOS apps exhibit at least one risky behavior, as compared to 80% of Android apps.

 

- 95% of the top free apps and 77.5% of the top paid apps exhibited at least one risky behavior.

 

- 78% of the most popular free Android apps identify the user's ID (UDID).

 

- Even though Apple prohibits its developers from accessing the UDID, 5.5% of the tested iOS apps still do.

 

- 72% of the top free apps track for the user's location, compared to 41% of paid apps.

 

- Although paid apps already generate revenue when downloaded, 59% of paid iOS and 24% of paid Android apps still support in-app purchasing.

 

- Furthermore, 39% of paid iOS and 16% of paid Android apps still share data with ad networks.

 


Via Gust MEES
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/apps-for-any-use-mostly-for-education-and-free

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
Scooped by Gust MEES
Scoop.it!

iPhone 4S Falls at Hacker Contest; New iPhone 5 Vulnerable to Same Exploit

iPhone 4S Falls at Hacker Contest; New iPhone 5 Vulnerable to Same Exploit | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Two Dutch researchers successfully hacked a patched iPhone 4S, exploit a vulnerability also likely present in the new iPhone 5 due to be released tomorrow.

 

Joost Pol and Daan Keuper won the mobile Pwn2Own contest yesterday at EUSecWest event in Amsterdam by compromising a fully patched iPhone 4S device and stealing contacts, browsing history, photos and videos from the phone.

 

The pair was able to build an exploit for a vulnerability in WebKit to beat Apple's code-signing features and the MobileSafari sandbox. The same bug is present in the iOS6 Golden Master development code base, meaning iPhone 5 is vulnerable to the same exploit. Apple iPads and iPod Touch devices are also vulnerable, Pol and Keuper said, adding that it took them three weeks find the flaw and write an exploit.

 

Read more, a MUST:

http://threatpost.com/en_us/blogs/iphone-4s-falls-hacker-contest-new-iphone-5-vulnerable-same-exploit-092012

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Toronto study shows mobile spyware's long shadow

Toronto study shows mobile spyware's long shadow | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
(Phys.org)—Spyware sold legally can infect BlackBerrys, iPhones, and other mobile devices, according to a study from two security researchers at the University of Toronto Munk School of Global Affairs' Citizen Lab.

 

Gust MEES: NOBODY IS PERFECT!

 

Read more:

http://phys.org/news/2012-09-toronto-mobile-spyware-shadow.html

 

more...
No comment yet.
Rescooped by Gust MEES from Apps and Widgets for any use, mostly for education and FREE
Scoop.it!

Phonebook-slurping, spam-sending app found in App Store

Phonebook-slurping, spam-sending app found in App Store | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

 

 

 

 

A malicious app that slurps mobile users' phonebooks and uploads them to a remote server has been spotted being offered both on Google Play and Apple's App Store.

 

 

 

 

 

 

Read more:

http://www.net-security.org/malware_news.php?id=2174

 


Via Gust MEES
more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

The next step in #BYOD #security

The next step in #BYOD #security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

The explosion in development and adoption of smartphones and tablets for both personal and business use in the past two years is both a blessing and a curse to IT departments globally.

 

Known as the Bring Your Own Device (BYOD) phenomenon, on one hand, there is an opportunity for greatly increased productivity and decreased costs.

 

===> On the other, there are increased security risks, management issues and even data and device ownership and governance issues. <===

 

 


Via Gust MEES
more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Jailbreaking BYOD Control. Is Apple iOS ready for enterprise primetime?

Jailbreaking BYOD Control. Is Apple iOS ready for enterprise primetime? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Consumerization is happening now, but many IT departments simply aren’t prepared to deal with the new challenges and complexities it entails.

 

With IT managers increasingly urged by CEOs to stop saying ‘no’ and start supporting consumer tools, they need to reappraise their traditional approach. Put simply, IT needs flexible standards – they can’t say no but neither can they say yes to everyone.

 

Cyber crime is a multi billion dollar industry, funded and resourced like legitimate business operations. The criminal gangs need to know that any investment in their own resources is going to provide a decent return, and the best way of guaranteeing that is by targeting the one large homogenous platform, just as they did with Windows in the 90s. In the mobile world, this means iOS.

 

What is clear is that Apple is not the panacea for secure, manageable consumer devices in the enterprise that many believe.

 

more...
No comment yet.