Apple, Mac, iOS4,...
Follow
Find
8.0K views | +1 today
 
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
onto Apple, Mac, iOS4, iPad, iPhone and (in)security...
Scoop.it!

New QuickTime fixes a number of security vulnerabilities

New QuickTime fixes a number of security vulnerabilities | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

New QuickTime fixes a number of security vulnerabilities!

 

                          ===> UPDATE asap! <===

 

more...
No comment yet.
Apple, Mac, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Immune No More: An Apple Story

Immune No More: An Apple Story | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
For a very long time, Apple and its pseudo-religious user-base prided itself on being a platform free of malware; those days are inarguably and unequivocally over. Its emergence as the early winner...
Gust MEES's insight:

 

A MUST read!!!

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
Scooped by Gust MEES
Scoop.it!

Apple pulls buggy Safari update

Apple pulls buggy Safari update | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Security update for Safari browser on Mac OS X removed from distribution after causing problems. No word from Apple yet on disposition.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Security update for Safari browser on Mac OS X removed from distribution after causing problems. No word from Apple yet on disposition.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

iOS tombe et Windows Phone résiste lors d’une compétition de hackers

iOS tombe et Windows Phone résiste lors d’une compétition de hackers | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
L’iPhone 5S a été mis à mal par une équipe de Corée du Sud, qui a réussi à profiter d'une combinaison de deux bugs dans Safari pour en prendre le contrôle. Le Samsung Galaxy S5 non plus n'a pas réisté aux assauts des hackers. Deux équipes ont profité de failles dans la gestion du protocole NFC pour en prendre le contrôle. le Nexus 5 a lui aussi été piraté via NFC, grâce à une technique étonnante, qui a consisté à forcer un appairage Bluetooth entre deux appareils.
Gust MEES's insight:
L’iPhone 5S a été mis à mal par une équipe de Corée du Sud, qui a réussi à profiter d'une combinaison de deux bugs dans Safari pour en prendre le contrôle. Le Samsung Galaxy S5 non plus n'a pas réisté aux assauts des hackers. Deux équipes ont profité de failles dans la gestion du protocole NFC pour en prendre le contrôle. le Nexus 5 a lui aussi été piraté via NFC, grâce à une technique étonnante, qui a consisté à forcer un appairage Bluetooth entre deux appareils.


more...
Gust MEES's curator insight, November 15, 3:58 AM

L’iPhone 5S a été mis à mal par une équipe de Corée du Sud, qui a réussi à profiter d'une combinaison de deux bugs dans Safari pour en prendre le contrôle. Le Samsung Galaxy S5 non plus n'a pas réisté aux assauts des hackers. Deux équipes ont profité de failles dans la gestion du protocole NFC pour en prendre le contrôle. le Nexus 5 a lui aussi été piraté via NFC, grâce à une technique étonnante, qui a consisté à forcer un appairage Bluetooth entre deux appareils.

Scooped by Gust MEES
Scoop.it!

WireLurker: Apple blocks Trojanized apps, revokes certificate

WireLurker: Apple blocks Trojanized apps, revokes certificate | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
They also discovered malware samples uploaded to a public cloud storage service of Baidu by a user a month before the apps were made available on the Mayaidi app store, and they have reason to "suspect that Maiyadi has a close relationship with the creator of WireLurker."

"This should also be a wake-up call for Apple users and the way they think about security," commented Kaspersky Lab's Stefan Tanase. "Just like Mac OS X malware quickly evolved from being just a myth to becoming a sad reality, we are seeing iOS being targeted more and more often lately - with nobody being able to offer protection for this platform. Anti-malware vendors are still not allowed to develop protection for iPhone users."



Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:
They also discovered malware samples uploaded to a public cloud storage service of Baidu by a user a month before the apps were made available on the Mayaidi app store, and they have reason to "suspect that Maiyadi has a close relationship with the creator of WireLurker."

"This should also be a wake-up call for Apple users and the way they think about security," commented Kaspersky Lab's Stefan Tanase. "Just like Mac OS X malware quickly evolved from being just a myth to becoming a sad reality, we are seeing iOS being targeted more and more often lately - with nobody being able to offer protection for this platform. Anti-malware vendors are still not allowed to develop protection for iPhone users."



Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

WireLurker, le malware qui menace l’iPhone | Cyber Security

WireLurker, le malware qui menace l’iPhone | Cyber Security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Une nouvelle génération de malwares

WireLurker semble, pour l’heure, peu dangereux. Néanmoins, Claud Xiao, de Palo Alto Networks, signale que le programme malveillant est « capable de voler un grand nombre de données sur les mobiles qu’il infecte ». De plus, il serait toujours en développement actif et « le but de son créateur n’est toujours pas connu ». La société recommande donc de prendre les précautions adéquates et d’installer une solution de protection contre les menaces sur mobiles (notamment celle éditée par ladite société). 

Le malware est surtout le premier d’une nouvelle famille de logiciels malveillants s’attaquant aux appareils marqués d’une pomme. Outre sa propagation massive, WireLurker est aussi le premier malware à infecter des applications iOS de même manière qu’un virus traditionnel, et le premier à générer automatiquement des programmes malveillants et à installer des applications tierces sur des mobiles non-jailbreakés. 


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:
Une nouvelle génération de malwares

WireLurker semble, pour l’heure, peu dangereux. Néanmoins, Claud Xiao, de Palo Alto Networks, signale que le programme malveillant est « capable de voler un grand nombre de données sur les mobiles qu’il infecte ». De plus, il serait toujours en développement actif et « le but de son créateur n’est toujours pas connu ». La société recommande donc de prendre les précautions adéquates et d’installer une solution de protection contre les menaces sur mobiles (notamment celle éditée par ladite société). 

Le malware est surtout le premier d’une nouvelle famille de logiciels malveillants s’attaquant aux appareils marqués d’une pomme. Outre sa propagation massive, WireLurker est aussi le premier malware à infecter des applications iOS de même manière qu’un virus traditionnel, et le premier à générer automatiquement des programmes malveillants et à installer des applications tierces sur des mobiles non-jailbreakés. 


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Wirelurker:Trojaner infiziert iPhones und iPads über USB-Verbindung

Wirelurker:Trojaner infiziert iPhones und iPads über USB-Verbindung | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Originalmeldung: Der Trojaner Wirelurker hat wohl bereits viele iPhones und iPads angegriffen: Sicherheitsforscher der Firma Palo Alto Networks haben eine iOS-Malware namens Wirelurker entdeckt, die sich über eine App verbreitet und schon hunderttausende User infiziert haben könnten.

Seinen Ursprung hat der Trojaner wohl in China, die Entdecker berichten, dass anfangs über 400 Apps im Maiyadi App Store, einem alternativen Appstore für OS X, infiziert wurden. Diese Anwendungen greifen dann die iPhones und iPads der Opfer an. Da die betroffenen Apps bislang über 350.000 Mal heruntergeladen wurden, ist die Zahl der theoretisch infizierten Apple-Geräte entsprechend groß.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:

Originalmeldung: Der Trojaner Wirelurker hat wohl bereits viele iPhones und iPads angegriffen: Sicherheitsforscher der Firma Palo Alto Networks haben eine iOS-Malware namens Wirelurker entdeckt, die sich über eine App verbreitet und schon hunderttausende User infiziert haben könnten.

Seinen Ursprung hat der Trojaner wohl in China, die Entdecker berichten, dass anfangs über 400 Apps im Maiyadi App Store, einem alternativen Appstore für OS X, infiziert wurden. Diese Anwendungen greifen dann die iPhones und iPads der Opfer an. Da die betroffenen Apps bislang über 350.000 Mal heruntergeladen wurden, ist die Zahl der theoretisch infizierten Apple-Geräte entsprechend groß.

Learn more:

- http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


- http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Un nouveau malware cible les systèmes OS X et iOS | Cyber Security

Un nouveau malware cible les systèmes OS X et iOS | Cyber Security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Des chercheurs en sécurité affirment avoir découvert une nouvelle famille de malwares, lesquels peuvent mettre à mal les appareils d'Apple.
[S5091662W200]]


Afin d'éviter toute propagation de virus ou chevaux de Troie, Apple contrôle très strictement ses systèmes d'exploitation et plus précisément les applications publiées au sein de leurs plateformes de téléchargement respectives. Toutefois le cabinet Palo Alto Networks affirme avoir repéré une nouvelle attaque.

Baptisé WireLurker, le malware en question a été inséré au sein de 467 applications spécialement conçues pour OS X et disponibles sur le répertoire de téléchargements chinois Maiydi App Store, une alternative au Mac App Store officiel. Sur ces six derniers mois, ces 467 applications ont comptabilisé 356 104 téléchargements ; elles ont donc affecté plusieurs centaines de milliers de machines;


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:

Des chercheurs en sécurité affirment avoir découvert une nouvelle famille de malwares, lesquels peuvent mettre à mal les appareils d'Apple.
[S5091662W200]]


Afin d'éviter toute propagation de virus ou chevaux de Troie, Apple contrôle très strictement ses systèmes d'exploitation et plus précisément les applications publiées au sein de leurs plateformes de téléchargement respectives. Toutefois le cabinet Palo Alto Networks affirme avoir repéré une nouvelle attaque.

Baptisé WireLurker, le malware en question a été inséré au sein de 467 applications spécialement conçues pour OS X et disponibles sur le répertoire de téléchargements chinois Maiydi App Store, une alternative au Mac App Store officiel. Sur ces six derniers mois, ces 467 applications ont comptabilisé 356 104 téléchargements ; elles ont donc affecté plusieurs centaines de milliers de machines;


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

OS X Yosemite sports serious privilege escalation bug

OS X Yosemite sports serious privilege escalation bug | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
A Swedish researcher has unearthed a serious bug that affects the newest version of OS X - version 10.10, or Yosemite - and which could allow attackers to gain complete control of the target's Mac machine.

It's a privilege escalation bug he dubbed Rootpipe, but declined to explain why, as the explanation could reveal details that would help attackers find it and create an exploit.

The existence of the flaw has been indirectly confirmed by Apple when they asked the researcher to delay publishing details about it until January 2015, after a fix for the bug is released and pushed out to users


Rootpipe is a privilege escalation from admin to root so switching to a non-admin account would clearly be a good thing," Kvarnhammar said.



Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=Rootpipe

Gust MEES's insight:

Rootpipe is a privilege escalation from admin to root so switching to a non-admin account would clearly be a good thing," Kvarnhammar said.



Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=Rootpipe


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Virus Bulletin : Invading the core: iWorm's infection vector and persistence mechanism

Virus Bulletin : Invading the core: iWorm's infection vector and persistence mechanism | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
iWorm is a recently discovered OS X backdoor that affords an attacker complete control of an infected host. In this paper, Patrick Wardle builds upon the latest analyses, and provides a comprehensive technical analysis of iWorm's infection vector and persistence mechanism.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
iWorm is a recently discovered OS X backdoor that affords an attacker complete control of an infected host. In this paper, Patrick Wardle builds upon the latest analyses, and provides a comprehensive technical analysis of iWorm's infection vector and persistence mechanism.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple kills the POODLE – also fixes Shellshock in case you forgot

Apple kills the POODLE – also fixes Shellshock in case you forgot | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple just shipped OS X 10.10 Yosemite - including a fix for the POODLE vulnerability.

Mavericks and Mountain Lion also got updates to kill the POODLE.

As for Lion, now three releases off the...


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

Apple just shipped OS X 10.10 Yosemite - including a fix for the POODLE vulnerability.

Mavericks and Mountain Lion also got updates to kill the POODLE.

As for Lion, now three releases off the...


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security




more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iWorm infiziert tausende Macs

iWorm infiziert tausende Macs | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
iWorm infiziert tausende Macs
Antiviren-Experten haben ein aus über 18.000 Macs bestehendes Botnet entdeckt. Der zugrunde liegende Schädling wurde Mac.BackDoor.iWorm getauft und wird über BitTorrent verteilt. Apple hat bereits reagiert.

Der AV-Hersteller Dr. Web hat eine Malware namens Mac.BackDoor.iWorm entdeckt, die es auf Mac-Nutzer abgesehen hat. Ist der Schädling auf dem Mac aktiv, setzt er sich selbst auf die Liste der automatisch beim Rechnerstart zu öffnenden Applikationen und versucht die IP-Adresse eines Command-and-Control-Servers (C&C-Server) herauszufinden.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
iWorm infiziert tausende Macs
Antiviren-Experten haben ein aus über 18.000 Macs bestehendes Botnet entdeckt. Der zugrunde liegende Schädling wurde Mac.BackDoor.iWorm getauft und wird über BitTorrent verteilt. Apple hat bereits reagiert.

Der AV-Hersteller Dr. Web hat eine Malware namens Mac.BackDoor.iWorm entdeckt, die es auf Mac-Nutzer abgesehen hat. Ist der Schädling auf dem Mac aktiv, setzt er sich selbst auf die Liste der automatisch beim Rechnerstart zu öffnenden Applikationen und versucht die IP-Adresse eines Command-and-Control-Servers (C&C-Server) herauszufinden.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Un malware affecterait 17 000 Mac

Un malware affecterait 17 000 Mac | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Un logiciel malveillant aurait contaminé environ 17 000 Mac. Selon l'éditeur d'applications de sécurité Dr.Web qui est à l'origine de la découverte, Mac.BackDoor.iWorm crée une porte dérobée qui permet ensuite de prendre le contrôle de la machine à distance. Ce type de malware sert notamment à faire des ordinateurs infectés des botnets (ou machines zombies) utilisés pour mener des campagnes de spam ou des attaques DDoS.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Un logiciel malveillant aurait contaminé environ 17 000 Mac. Selon l'éditeur d'applications de sécurité Dr.Web qui est à l'origine de la découverte, Mac.BackDoor.iWorm crée une porte dérobée qui permet ensuite de prendre le contrôle de la machine à distance. Ce type de malware sert notamment à faire des ordinateurs infectés des botnets (ou machines zombies) utilisés pour mener des campagnes de spam ou des attaques DDoS.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Advanced iOS virus targeting Hong Kong protestors -security firm

Advanced iOS virus targeting Hong Kong protestors -security firm | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
BOSTON, Sept 30 (Reuters) - Cybersecurity researchers haveuncovered a computer virus that spies on Apple Inc's iOSoperating system for the iPhone and iPad, and they believe it istargeting pro-democracy


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=First+iOS+Trojan+attack


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=First+iOS+Trojan+attack


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Kaspersky Security Bulletin 2014/2015 – Statistik für das Jahr 2014 | Mac | Apple | eSkills | CyberSecurity

Kaspersky Security Bulletin 2014/2015 – Statistik für das Jahr 2014 | Mac | Apple | eSkills | CyberSecurity | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Im Jahr 2014 blockierten die Lösungen von Kaspersky Lab insgesamt 3.693.936 Infektionsversuche unter Mac OS X.

Die Experten von Kaspersky Lab entdeckten 1.499 neue Schadprogramme für Mac OS X, das sind 200 Schädlinge weniger als im entsprechenden Vorjahreszeitraum.


===> Jeder zweite Anwender von Apple-Produkten war einem Angriff ausgesetzt. <===


Im Laufe des Jahres war jeder Mac-OS-X-User durchschnittlich neunmal mit einer Cyberbedrohung für sein Betriebssystem konfrontiert.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

Im Jahr 2014 blockierten die Lösungen von Kaspersky Lab insgesamt 3.693.936 Infektionsversuche unter Mac OS X.

Die Experten von Kaspersky Lab entdeckten 1.499 neue Schadprogramme für Mac OS X, das sind 200 Schädlinge weniger als im entsprechenden Vorjahreszeitraum.


===> Jeder zweite Anwender von Apple-Produkten war einem Angriff ausgesetzt. <===


Im Laufe des Jahres war jeder Mac-OS-X-User durchschnittlich neunmal mit einer Cyberbedrohung für sein Betriebssystem konfrontiert.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
Gust MEES's curator insight, December 10, 1:26 PM

Im Jahr 2014 blockierten die Lösungen von Kaspersky Lab insgesamt 3.693.936 Infektionsversuche unter Mac OS X.

Die Experten von Kaspersky Lab entdeckten 1.499 neue Schadprogramme für Mac OS X, das sind 200 Schädlinge weniger als im entsprechenden Vorjahreszeitraum.


===> Jeder zweite Anwender von Apple-Produkten war einem Angriff ausgesetzt. <===


Im Laufe des Jahres war jeder Mac-OS-X-User durchschnittlich neunmal mit einer Cyberbedrohung für sein Betriebssystem konfrontiert.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Rescooped by Gust MEES from Apps and Widgets for any use, mostly for education and FREE
Scoop.it!

Most of the top 100 paid Android and iOS apps have been hacked | CyberSecurity | MobileSecurity | eSkills

Most of the top 100 paid Android and iOS apps have been hacked | CyberSecurity | MobileSecurity | eSkills | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps have been hacked, according to Arxan Technologies.


Learn more:


http://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/



Via Gust MEES
Gust MEES's insight:
97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps have been hacked, according to Arxan Technologies.


Learn more:


http://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/


more...
Gust MEES's curator insight, November 17, 8:21 AM
97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps have been hacked, according to Arxan Technologies.


Learn more:


http://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/


Gust MEES's curator insight, November 17, 8:26 AM
97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps have been hacked, according to Arxan Technologies.


Learn more:


http://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/


Scooped by Gust MEES
Scoop.it!

Masque Attack: So schützen Sie sich vor der iOS-Lücke | Cyber Security | Apple

Masque Attack: So schützen Sie sich vor der iOS-Lücke | Cyber Security | Apple | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Nach der vergleichsweise harmlosen WireLurker-Angriffsmethode sorgt inzwischen eine weitaus bedrohlichere iOS-Schwachstelle für Schlagzeilen. Die Angriffsart «Masque Attack» hat es dabei auf alle iPhone-Nutzer abgesehen, auch auf iPhones ohne Jailbreak.
Die Methode macht sich die Tatsache zunutze, dass die von Apple herausgegebenen Enterprise-Zertfikate die Installation neuer Anwendungen auch ausserhalb des App-Stores zulassen.


Die Cyberkriminellen seien sogar in der Lage, installierte iOS-Apps zu überschreiben. Fällt jemand auf die Masche rein, wird beispielsweise unbemerkt eine tägliche Anwendung wie Gmail überschreiben. So könnte z.B. eine E-Banking-App als Keylogger-Anwendung missbraucht werden, um Bankdaten von Nutzern auszuspionieren.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Nach der vergleichsweise harmlosen WireLurker-Angriffsmethode sorgt inzwischen eine weitaus bedrohlichere iOS-Schwachstelle für Schlagzeilen. Die Angriffsart «Masque Attack» hat es dabei auf alle iPhone-Nutzer abgesehen, auch auf iPhones ohne Jailbreak.
Die Methode macht sich die Tatsache zunutze, dass die von Apple herausgegebenen Enterprise-Zertfikate die Installation neuer Anwendungen auch ausserhalb des App-Stores zulassen.


Die Cyberkriminellen seien sogar in der Lage, installierte iOS-Apps zu überschreiben. Fällt jemand auf die Masche rein, wird beispielsweise unbemerkt eine tägliche Anwendung wie Gmail überschreiben. So könnte z.B. eine E-Banking-App als Keylogger-Anwendung missbraucht werden, um Bankdaten von Nutzern auszuspionieren.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Wirelurker, un malware chinois s’attaque aux iPhone, iPad et Mac | Cyber Security

Wirelurker, un malware chinois s’attaque aux iPhone, iPad et Mac | Cyber Security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Pour l’instant, plus de peur que de mal
Wirelurker s’attaquerait dans un premier temps aux ordinateurs fonctionnant sous OS X, puis surveille les connexions d’appareil iOS via USB au Mac infecté. C’est cette particularité qui a retenu l’attention de la plupart des chercheurs en sécurité. Jonathan Zdziarski explique ainsi que « si Wirelurker apparait être encore très jeune […] et facile à détecter, le réel problème est ici celui posé par le manque de sécurisation du système d’appariement d’Apple. »

Si le nom de Zdziarski vous évoque confusément quelque chose sans que vous parveniez à remettre le doigt dessus, il est le chercheur à l'origine de la récente polémique autour des backdoors de maintenance découverts sur les terminaux Apple cet été.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:
Pour l’instant, plus de peur que de mal
Wirelurker s’attaquerait dans un premier temps aux ordinateurs fonctionnant sous OS X, puis surveille les connexions d’appareil iOS via USB au Mac infecté. C’est cette particularité qui a retenu l’attention de la plupart des chercheurs en sécurité. Jonathan Zdziarski explique ainsi que « si Wirelurker apparait être encore très jeune […] et facile à détecter, le réel problème est ici celui posé par le manque de sécurisation du système d’appariement d’Apple. »

Si le nom de Zdziarski vous évoque confusément quelque chose sans que vous parveniez à remettre le doigt dessus, il est le chercheur à l'origine de la récente polémique autour des backdoors de maintenance découverts sur les terminaux Apple cet été.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

OS X malware infecting connected iPhones, iPads | Cyber Security

OS X malware infecting connected iPhones, iPads | Cyber Security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

According to Palo Alto Networks, WireLurker, running on an OS X system, can install either downloaded third-party applications or automatically generate malicious applications onto a USB-connected iOS device, regardless of whether it is jailbroken.

The malware is able to install malicious and infected programs on non-jailbroken iOS devices, according to the report, by using enterprise provisioning techniques, thus appearing to be an in-house application. The user is presented with a confirmation dialog box such as the one shown below, but otherwise the application will behave the same as an uninfected one.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:

According to Palo Alto Networks, WireLurker, running on an OS X system, can install either downloaded third-party applications or automatically generate malicious applications onto a USB-connected iOS device, regardless of whether it is jailbroken.

The malware is able to install malicious and infected programs on non-jailbroken iOS devices, according to the report, by using enterprise provisioning techniques, thus appearing to be an in-house application. The user is presented with a confirmation dialog box such as the one shown below, but otherwise the application will behave the same as an uninfected one.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

WireLurker: A new breed of iOS and OS X malware that has infected thousands | Cyber Security

WireLurker: A new breed of iOS and OS X malware that has infected thousands | Cyber Security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
In short, the initial WireLurker infection comes from a third-party Mac OS X app store (in this case, the Chinese Maiyadi app store). Once you download and install an infected app onto your OS X machine, that’s where the fun begins. If you then plug an iOS device into an infected OS X machine, WireLurker installs itself on the iOS device. By using iOS’s enterprise provisioning system — a method usually reserved for companies to side-load apps directly onto corporate iOS devices — WireLurker can even infect non-jailbroken devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:
In short, the initial WireLurker infection comes from a third-party Mac OS X app store (in this case, the Chinese Maiyadi app store). Once you download and install an infected app onto your OS X machine, that’s where the fun begins. If you then plug an iOS device into an infected OS X machine, WireLurker installs itself on the iOS device. By using iOS’s enterprise provisioning system — a method usually reserved for companies to side-load apps directly onto corporate iOS devices — WireLurker can even infect non-jailbroken devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

WireLurker: A New Era in OS X and iOS Malware | Cyber Security

WireLurker: A New Era in OS X and iOS Malware | Cyber Security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it “wire lurker”. Researchers have demonstrated similar methods to attack non-jailbroken devices before; however, this malware combines a number of techniques to successfully realize a new brand of threat to all iOS devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker


Gust MEES's insight:
WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it “wire lurker”. Researchers have demonstrated similar methods to attack non-jailbroken devices before; however, this malware combines a number of techniques to successfully realize a new brand of threat to all iOS devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Serious security flaw in OS X Yosemite 'Rootpipe' | Cyber Security

Serious security flaw in OS X Yosemite 'Rootpipe' | Cyber Security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Details are finally emerging about a serious vulnerability in Apple's OS X Yosemite, called "Rootpipe" which allows root access by attackers.


The privilege escalation vulnerability was discovered by Swedish hacker Emil Kvarnhammar, who has been asked by Apple to withhold details until January 2015 -- since Apple likely wouldn't allow details until they have a fix, this is probably when users can expect a patch.


Rootpipe is a privilege escalation from admin to root so switching to a non-admin account would clearly be a good thing," Kvarnhammar said.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



Gust MEES's insight:

Details are finally emerging about a serious vulnerability in Apple's OS X Yosemite, called "Rootpipe" which allows root access by attackers.


The privilege escalation vulnerability was discovered by Swedish hacker Emil Kvarnhammar, who has been asked by Apple to withhold details until January 2015 -- since Apple likely wouldn't allow details until they have a fix, this is probably when users can expect a patch.


Rootpipe is a privilege escalation from admin to root so switching to a non-admin account would clearly be a good thing," Kvarnhammar said.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Macs, Malware & Security Myths | SymantecTV

Macs, Malware & Security Myths | SymantecTV | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
SymantecTV : Are Mac Users safe from Malware? Not as much as you might think. Symantec's Security Expert Kevin Haley breaks down the Mac's invincibility myth. Learn why Malware authors are targeting unsuspecting Mac users and why you should be protected.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
SymantecTV : Are Mac Users safe from Malware? Not as much as you might think. Symantec's Security Expert Kevin Haley breaks down the Mac's invincibility myth. Learn why Malware authors are targeting unsuspecting Mac users and why you should be protected.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Apple patches 144 security flaws across seven products | Nobody Is Perfect | Cyber Security

Apple patches 144 security flaws across seven products | Nobody Is Perfect | Cyber Security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Patches are released for Mavericks, Mountain Lion, OS X Server and iTunes. A fix for the POODLE bug is included where appropriate. Most of the bugs are old ones in iTunes.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://gustmees.wordpress.com/2012/11/05/naivety-in-the-digital-age/


And NOBODY talks about it!!! Are THEY ALL on NAIVETY status!!!???


Gust MEES's insight:
Patches are released for Mavericks, Mountain Lion, OS X Server and iTunes. A fix for the POODLE bug is included where appropriate. Most of the bugs are old ones in iTunes.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://gustmees.wordpress.com/2012/11/05/naivety-in-the-digital-age/



And NOBODY talks about it!!! Are THEY ALL on NAIVETY status!!!???


more...
Gust MEES's curator insight, October 17, 6:59 PM
Patches are released for Mavericks, Mountain Lion, OS X Server and iTunes. A fix for the POODLE bug is included where appropriate. Most of the bugs are old ones in iTunes.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://gustmees.wordpress.com/2012/11/05/naivety-in-the-digital-age/



And NOBODY talks about it!!! Are THEY ALL on NAIVETY status!!!???


Scooped by Gust MEES
Scoop.it!

New OS X backdoor malware roping Macs into botnet

New OS X backdoor malware roping Macs into botnet | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
New malware targeting Mac machines, opening backdoors on them and roping them into a botnet currently numbering around 17,000 zombies has be...


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
New malware targeting Mac machines, opening backdoors on them and roping them into a botnet currently numbering around 17,000 zombies has be...


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

17,000 Macs hit by malware botnet, with help from Reddit

17,000 Macs hit by malware botnet, with help from Reddit | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Security researchers believe that they have uncovered a new botnet, which has recruited thousands of Mac computers.


According to their report, the sophisticated malware – which they have dubbed Mac.BackDoor.iWorm – has infected more than 17,000 computers running OS X.

Computers that have been hijacked could have information stolen from them, further malware planted upon them, or be used to spread more malware or launch spam campaigns and denial-of-service attacks.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Security researchers believe that they have uncovered a new botnet, which has recruited thousands of Mac computers.


According to their report, the sophisticated malware – which they have dubbed Mac.BackDoor.iWorm – has infected more than 17,000 computers running OS X.

Computers that have been hijacked could have information stolen from them, further malware planted upon them, or be used to spread more malware or launch spam campaigns and denial-of-service attacks.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

First iOS Trojan attack launches amid Hong Kong protests

First iOS Trojan attack launches amid Hong Kong protests | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
An iOS Trojan called Xsser mRat is similar to an Android virus and appears to be a rare cross platform attack. Target: Hong Kong protesters.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=First+iOS+Trojan+attack


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
An iOS Trojan called Xsser mRat is similar to an Android virus and appears to be a rare cross platform attack. Target: Hong Kong protesters.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=First+iOS+Trojan+attack


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.