Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
11.0K views | +0 today
Follow
 
Scooped by Gust MEES
onto Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Scoop.it!

Apple patches the Java hole its own developers fell into - eventually

Apple patches the Java hole its own developers fell into - eventually | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Shortly after admitting that its own techies got infected thanks to a Java hole, Apple has pushed out a Java update for the rest of us.

Apple, with this most recent update, seems to have washed ...

 

Both Facebook and Apple have now admitted to being owned due to malicious Java code hosted inadvertently by a website popular with mobile developers.



Gust MEES's insight:

Nobody is PERFECT!!!

 

more...
No comment yet.
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Immune No More: An Apple Story

Immune No More: An Apple Story | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
For a very long time, Apple and its pseudo-religious user-base prided itself on being a platform free of malware; those days are inarguably and unequivocally over. Its emergence as the early winner...
Gust MEES's insight:

 

A MUST read!!!

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
Scooped by Gust MEES
Scoop.it!

Transparenzbericht: Apple hat offenbar ersten National Security Letter erhalten | #Privacy #Datenschutz

Transparenzbericht: Apple hat offenbar ersten National Security Letter erhalten | #Privacy #Datenschutz | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Zum ersten Mal hat Apple den Erhalt eines National Security Letters im halbjährlichen Transparenzbericht aufgeführt. Die Zahl der Anfragen der US-Regierung zur nationalen Sicherheit stieg außerdem erneut sprunghaft an.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://gustmees.wordpress.com/2013/12/21/privacy-in-the-digital-world-shouldnt-we-talk-about-it/

 

https://gustmees.wordpress.com/?s=privacy

 

Gust MEES's insight:
Zum ersten Mal hat Apple den Erhalt eines National Security Letters im halbjährlichen Transparenzbericht aufgeführt. Die Zahl der Anfragen der US-Regierung zur nationalen Sicherheit stieg außerdem erneut sprunghaft an.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://gustmees.wordpress.com/2013/12/21/privacy-in-the-digital-world-shouldnt-we-talk-about-it/

 

https://gustmees.wordpress.com/?s=privacy

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple users advised to update their software now, as new security patches released | #Updates #CyberSecurity

Apple users advised to update their software now, as new security patches released | #Updates #CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Welcome to the post-WannaCryptor world, where every computer user understands the importance of creating secure backups and applying security patches in a timely fashion.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Updates

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Updates

 

Gust MEES's insight:
Welcome to the post-WannaCryptor world, where every computer user understands the importance of creating secure backups and applying security patches in a timely fashion.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Updates

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Updates

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Server-Hack: Handbrake-Download war mehrere Tage mit Malware verseucht | #Apple #Mac #CyberSecurity 

Server-Hack: Handbrake-Download war mehrere Tage mit Malware verseucht | #Apple #Mac #CyberSecurity  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Die Mac-Version 1.0.7 von Handbrake war mehrere Tage am Wochenende mit dem Trojaner Proton infiziert.

 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=HandBrake

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

Die Mac-Version 1.0.7 von Handbrake war mehrere Tage am Wochenende mit dem Trojaner Proton infiziert. 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=HandBrake

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Popular Mac App Developers Issue Urgent Malware Warning | #CyberSecurity #Apple #Awareness #NobodyIsPerfect

Popular Mac App Developers Issue Urgent Malware Warning | #CyberSecurity #Apple #Awareness #NobodyIsPerfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

It’s been a rough week in Mac security. First, Checkpoint warned users of a Trojan spreading in Europe that was the first of its kind. And now, one of the most prominent video transcoding apps for Mac has a malware problem.

Popular BitTorrent Client Transmission Gets Infected With Malware Again


For the second time in five months, the Transmission BitTorrent client for Mac has been infected…


The developers of the transcoding software Handbrake have issued a statement that warns one of the mirror sites to download the software has been compromised by hackers. The post explains that anyone who has downloaded the software between May 2nd and 6th of this year has a 50/50 chance of being infected. But, it’s probably a good idea just to double check if you’ve downloaded it anytime recently.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

It’s been a rough week in Mac security. First, Checkpoint warned users of a Trojan spreading in Europe that was the first of its kind. And now, one of the most prominent video transcoding apps for Mac has a malware problem.

Popular BitTorrent Client Transmission Gets Infected With Malware Again


For the second time in five months, the Transmission BitTorrent client for Mac has been infected…


The developers of the transcoding software Handbrake have issued a statement that warns one of the mirror sites to download the software has been compromised by hackers. The post explains that anyone who has downloaded the software between May 2nd and 6th of this year has a 50/50 chance of being infected. But, it’s probably a good idea just to double check if you’ve downloaded it anytime recently.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Dok : un nouveau malware vise les Mac | #Apple #CyberSecurity #Awareness

Dok : un nouveau malware vise les Mac | #Apple #CyberSecurity #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

CheckPoint signale un nouveau malware visant les utilisateurs européens de Mac. Baptisé Dok, celui-ci est diffusé via une campagne de phishing...

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Dok

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

CheckPoint signale un nouveau malware visant les utilisateurs européens de Mac. Baptisé Dok, celui-ci est diffusé via une campagne de phishing...

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Dok

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac malware on the rise as crooks turn to ransomware | #Apple #CyberSecurity #Awareness #macOS #FindZip

Mac malware on the rise as crooks turn to ransomware | #Apple #CyberSecurity #Awareness #macOS #FindZip | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
MACBOOK USERS are increasingly being targeted by malware and backdoors, according to Malwarebytes' analysis of cyber crime and malware in the first quarter of 2017.

Chief among this surge in macOS threats is the FindZip Mac ransomware, for which even the developers don't have a decryption key, leaving users high and dry after ransom has been paid. 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=RANSOMWARE

 

Gust MEES's insight:
MACBOOK USERS are increasingly being targeted by malware and backdoors, according to Malwarebytes' analysis of cyber crime and malware in the first quarter of 2017.

Chief among this surge in macOS threats is the FindZip Mac ransomware, for which even the developers don't have a decryption key, leaving users high and dry after ransom has been paid. 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=RANSOMWARE

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Update your iPhone to avoid being hacked over Wi-Fi | #Apple #CyberSecurity #Updates 

Update your iPhone to avoid being hacked over Wi-Fi | #Apple #CyberSecurity #Updates  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Why risk breaking all the way into the phone if you can just hang around on the periphery and listen to all the data coming in and out?

 

It’s only been five days since Apple’s last security update for iOS, when dozens of serious security vulnerabilities were patched.

As we mentioned last week, the recent iOS 10.3 and macOS 10.12.4 updates included numerous fixes dealing with “arbitrary code execution with kernel privileges”.

Any exploit that lets an external attacker tell the operating system kernel itself what to is a serious concern that ought to be patched as soon as possible – hesitation is not an option.

After all, it’s the kernel that’s responsible for managing security in the rest of the system.

 

You can accelerate your own patch by manually visiting Settings | General | Software Update to force an upgrade, rather than waiting for your turn in Apple’s autoupdate queue.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Why risk breaking all the way into the phone if you can just hang around on the periphery and listen to all the data coming in and out?

 

It’s only been five days since Apple’s last security update for iOS, when dozens of serious security vulnerabilities were patched.

As we mentioned last week, the recent iOS 10.3 and macOS 10.12.4 updates included numerous fixes dealing with “arbitrary code execution with kernel privileges”.

Any exploit that lets an external attacker tell the operating system kernel itself what to is a serious concern that ought to be patched as soon as possible – hesitation is not an option.

After all, it’s the kernel that’s responsible for managing security in the rest of the system.

 

You can accelerate your own patch by manually visiting Settings | General | Software Update to force an upgrade, rather than waiting for your turn in Apple’s autoupdate queue.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple corrige plus de 300 failles dans ses systèmes et applications | #Updates #CyberSecurity

Apple corrige plus de 300 failles dans ses systèmes et applications | #Updates #CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Les corrections de failles de sécurité sont nombreuses chez Apple, qui renouvelle l’ensemble de ses OS et plusieurs de ses applications.

 

Les corrections de failles de sécurité sont nombreuses chez Apple, qui renouvelle l’ensemble de ses systèmes d’exploitation et plusieurs de ses applications.

 

Hier, Apple a livré de nouvelles éditions de ses systèmes d’exploitation : iOS 10.3 et macOS Sierra 10.12.4. Mais aussi tvOS 10.2, watchOS 3.2 et macOS Server 5.3 (voir à ce propos notre précédent article : « Avec iOS 10.3, Apple bascule ses iPhone et iPad en APFS »).

 

Les corrections de failles de sécurité sont nombreuses pour chacun de ces produits. iOS 10.3 élimine ainsi 84 failles. Sur le front desktop, macOS Sierra 10.12.4 corrige 127 vulnérabilités. Notez que OS X Yosemite 10.10.5 et OS X El Capitan 10.11.6 profitent respectivement de la correction de 1 et 2 failles. 56 vulnérabilités sont éliminées dans tvOS 10.2. 34 sous watchOS 3.2 et 3 pour macOS Server 5.3.

Correctifs aussi pour les applications

Pour tous les OS desktop, les correctifs apportés à d’autres applications clés participeront à rendre le système plus sûr. Safari 10.1 corrige ainsi 38 failles de sécurité. Et iTunes 12.6, 17, aussi bien sous macOS que dans la mouture Windows du logiciel.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Les corrections de failles de sécurité sont nombreuses chez Apple, qui renouvelle l’ensemble de ses OS et plusieurs de ses applications.

 

Les corrections de failles de sécurité sont nombreuses chez Apple, qui renouvelle l’ensemble de ses systèmes d’exploitation et plusieurs de ses applications.

 

Hier, Apple a livré de nouvelles éditions de ses systèmes d’exploitation : iOS 10.3 et macOS Sierra 10.12.4. Mais aussi tvOS 10.2, watchOS 3.2 et macOS Server 5.3 (voir à ce propos notre précédent article : « Avec iOS 10.3, Apple bascule ses iPhone et iPad en APFS »).

 

Les corrections de failles de sécurité sont nombreuses pour chacun de ces produits. iOS 10.3 élimine ainsi 84 failles. Sur le front desktop, macOS Sierra 10.12.4 corrige 127 vulnérabilités. Notez que OS X Yosemite 10.10.5 et OS X El Capitan 10.11.6 profitent respectivement de la correction de 1 et 2 failles. 56 vulnérabilités sont éliminées dans tvOS 10.2. 34 sous watchOS 3.2 et 3 pour macOS Server 5.3.

Correctifs aussi pour les applications

Pour tous les OS desktop, les correctifs apportés à d’autres applications clés participeront à rendre le système plus sûr. Safari 10.1 corrige ainsi 38 failles de sécurité. Et iTunes 12.6, 17, aussi bien sous macOS que dans la mouture Windows du logiciel.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Un virus infecte Mac et PC avec un document word | #CyberSecurity #Crossplatform #Apple #Mac #Windows #Awareness

Un virus infecte Mac et PC avec un document word | #CyberSecurity #Crossplatform #Apple #Mac #Windows #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Tout comme celui découvert en février, ce nouveau malware mise lui aussi sur l'exécution d'un macro. En février, un virus touchait les Mac via...

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

Tout comme celui découvert en février, ce nouveau malware mise lui aussi sur l'exécution d'un macro. En février, un virus touchait les Mac via...

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Pwn20wn 2017: Safari als Einfallstür für macOS | #Apple #CyberSecurity #NobodyIsPerfect #Awareness

Pwn20wn 2017: Safari als Einfallstür für macOS | #Apple #CyberSecurity #NobodyIsPerfect #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Auch in diesem Jahr war mit Safari und macOS zwei Apple Produkte vertreten. Wissenschaftler haben es sich seit jeher zur Aufgabe gemacht, sogenannte 0-day (Zero-Day- oder “Tag-Null”-) Lücken zu finden. Diese werden so genannt, da kein Hersteller davon etwas weiß, und es dafür noch keinen Patch oder Aktualisierung gibt. Das macht sie besonders gefährlich: Solche Lücken können ungestört von Angreifern ausgenutzt werden, um Computer-Systeme zu übernehmen, ohne das jemand etwas mitbekommt.

Stattliche Preisgelder

Nicht von ungefähr kommen daher stattliche Preisgelder und Auszeichnungen. Summen in Höhe von 50.000 Dollar sind keine Seltenheit. Für ganz knifflige Angriffe werden sogar bis zu 100.000 Dollar ausbezahlt. Das Geld wird meist von Forschungseinrichtungen eingesetzt um weiter arbeiten zu können.

Über den Safari in die Touch Bar

Die Touch Bar war auch auf der Sicherheitskonferenz in aller Munde. Angreifer konnten nämlich durch einen Fehler im Apple eigene Browser Safari eine Lücke ausnutzen, um sich so Root-Rechte unter macOS zu verschaffen. Mit diesen haben die Wissenschaftler eine Nachricht auf der Touch Bar platziert, um ihren Angriff und die Sicherheitslücke zu beweisen.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

https://gustmees.wordpress.com/2012/05/02/get-smart-with-5-minutes-tutorialsit-securitypart-1-browsers/

 

https://gustmees.wordpress.com/2013/04/22/i-got-interviewed-feeling-honored/

 

Gust MEES's insight:
Auch in diesem Jahr war mit Safari und macOS zwei Apple Produkte vertreten. Wissenschaftler haben es sich seit jeher zur Aufgabe gemacht, sogenannte 0-day (Zero-Day- oder “Tag-Null”-) Lücken zu finden. Diese werden so genannt, da kein Hersteller davon etwas weiß, und es dafür noch keinen Patch oder Aktualisierung gibt. Das macht sie besonders gefährlich: Solche Lücken können ungestört von Angreifern ausgenutzt werden, um Computer-Systeme zu übernehmen, ohne das jemand etwas mitbekommt.

Stattliche Preisgelder

Nicht von ungefähr kommen daher stattliche Preisgelder und Auszeichnungen. Summen in Höhe von 50.000 Dollar sind keine Seltenheit. Für ganz knifflige Angriffe werden sogar bis zu 100.000 Dollar ausbezahlt. Das Geld wird meist von Forschungseinrichtungen eingesetzt um weiter arbeiten zu können.

Über den Safari in die Touch Bar

Die Touch Bar war auch auf der Sicherheitskonferenz in aller Munde. Angreifer konnten nämlich durch einen Fehler im Apple eigene Browser Safari eine Lücke ausnutzen, um sich so Root-Rechte unter macOS zu verschaffen. Mit diesen haben die Wissenschaftler eine Nachricht auf der Touch Bar platziert, um ihren Angriff und die Sicherheitslücke zu beweisen.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

https://gustmees.wordpress.com/2012/05/02/get-smart-with-5-minutes-tutorialsit-securitypart-1-browsers/

 

https://gustmees.wordpress.com/2013/04/22/i-got-interviewed-feeling-honored/

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New macOS Patcher Ransomware Locks Data for Good, No Way to Recover Your Files | #Apple #Mac #CyberSecurity

New macOS Patcher Ransomware Locks Data for Good, No Way to Recover Your Files | #Apple #Mac #CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
A newly discovered ransomware family calling itself Patcher is targeting macOS users, but according to security researchers from ESET, who discovered the ransomware last week, Patcher bungles the encryption process and leaves affected users with no way of recovering their files.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=RANSOMWARE

 

Gust MEES's insight:
A newly discovered ransomware family calling itself Patcher is targeting macOS users, but according to security researchers from ESET, who discovered the ransomware last week, Patcher bungles the encryption process and leaves affected users with no way of recovering their files.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=RANSOMWARE

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Smashing Security podcast: Macs and malware | #CyberSecurity #Awareness #ProactiveTHINKing

Smashing Security podcast: Macs and malware | #CyberSecurity #Awareness #ProactiveTHINKing | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Check out the latest special "splinter" episode of the "Smashing Security" podcast - where Vanja Svajcer, Carole Theriault and I discuss Mac malware. Take a listen, and let me know what you think.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Check out the latest special "splinter" episode of the "Smashing Security" podcast - where Vanja Svajcer, Carole Theriault and I discuss Mac malware. Take a listen, and let me know what you think.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Die 7 gefährlichsten Computer-Programme | #CyberSecurity #OS #BSI

Die 7 gefährlichsten Computer-Programme | #CyberSecurity #OS #BSI | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Finger weg von dieser Software: Viele Programme sind ganz schön gefährlich, weil sie drastische Sicherheitslücken aufweisen. Das Bundesamt für Sicherheit in der Informationstechnik warnt jedes Jahr vor aktueller Software mit großen Schwachstellen. Wir zeigen, welche Programme davon betroffen sind.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/securite-pc-et-internet/

 

Gust MEES's insight:
Finger weg von dieser Software: Viele Programme sind ganz schön gefährlich, weil sie drastische Sicherheitslücken aufweisen. Das Bundesamt für Sicherheit in der Informationstechnik warnt jedes Jahr vor aktueller Software mit großen Schwachstellen. Wir zeigen, welche Programme davon betroffen sind.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/securite-pc-et-internet/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple fixes dozens of security bugs for iPhones, Macs | #CyberSecurity #Updates

Apple fixes dozens of security bugs for iPhones, Macs | #CyberSecurity #Updates | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has squashed dozens of security bugs in its latest releases of its iPhone, iPad, and Mac operating systems.

The Cupertino, Calif.-based company rolled out 23 security fixes in iOS 10.3.2 and another 30 fixes in macOS 10.12.5, both of which were released on Monday.

Among the bugs, two bugs in iBooks for iOS could allow an attacker to arbitrarily open websites and execute malicious code at the kernel level. Over a dozen flaws were found in WebKit, which renders websites and pages on iPhones and iPads, that could allow several kinds of cross-site scripting (XSS) attacks.

A separate flaw in iBooks for macOS desktops and notebooks could allow an application to escape its secure sandbox, a technology used to prevent data loss or theft in the case of an app compromise.

Almost half of the bugs found were attributed to Google's Project Zero, the search giant's in-house vulnerability-finding and security team.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Updates

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Updates

 

 

 

Gust MEES's insight:
Apple has squashed dozens of security bugs in its latest releases of its iPhone, iPad, and Mac operating systems.

The Cupertino, Calif.-based company rolled out 23 security fixes in iOS 10.3.2 and another 30 fixes in macOS 10.12.5, both of which were released on Monday.

Among the bugs, two bugs in iBooks for iOS could allow an attacker to arbitrarily open websites and execute malicious code at the kernel level. Over a dozen flaws were found in WebKit, which renders websites and pages on iPhones and iPads, that could allow several kinds of cross-site scripting (XSS) attacks.

A separate flaw in iBooks for macOS desktops and notebooks could allow an application to escape its secure sandbox, a technology used to prevent data loss or theft in the case of an app compromise.

Almost half of the bugs found were attributed to Google's Project Zero, the search giant's in-house vulnerability-finding and security team.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Updates

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Updates

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

MacOS : un malware en cadeau avec le téléchargement d'Handbrake | #Apple #CyberSecurity 

MacOS : un malware en cadeau avec le téléchargement d'Handbrake | #Apple #CyberSecurity  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Quoi de mieux pour piéger l'utilisateur de se faire passer pour une source légitime ? Des pirates ont ainsi réussi à s'introduire dans les serveurs de l'éditeur d'Handbrake et ont remplacé le logiciel d'encodage vidéo par une version piégée. Du coup, entre le 2 et le 6 mai dernier, si vous avez téléchargé (ou mis à jour) l'application vous avez toutes les chances (une chance sur deux pour être précis) d'avoir obtenu une version corrompue avec un joli malware en cadeau (OSX.PROTON).

 

Afin de vérifier si son Mac est infecté, il suffit d’ouvrir le Moniteur d’activité (localisé dans le dossier 'Utilitaires' d’Applications) et de regarder si le processus 'activity_agent' est en cours d’exécution. Si tel est le cas, cela veut dire que le malware est actif sur la machine.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=HandBrake

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

Quoi de mieux pour piéger l'utilisateur de se faire passer pour une source légitime ? Des pirates ont ainsi réussi à s'introduire dans les serveurs de l'éditeur d'Handbrake et ont remplacé le logiciel d'encodage vidéo par une version piégée. Du coup, entre le 2 et le 6 mai dernier, si vous avez téléchargé (ou mis à jour) l'application vous avez toutes les chances (une chance sur deux pour être précis) d'avoir obtenu une version corrompue avec un joli malware en cadeau (OSX.PROTON).

 

Afin de vérifier si son Mac est infecté, il suffit d’ouvrir le Moniteur d’activité (localisé dans le dossier 'Utilitaires' d’Applications) et de regarder si le processus 'activity_agent' est en cours d’exécution. Si tel est le cas, cela veut dire que le malware est actif sur la machine.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=HandBrake

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Malware warning for Mac users, after HandBrake mirror download server hacked | #CyberSecurity #Apple

Malware warning for Mac users, after HandBrake mirror download server hacked | #CyberSecurity #Apple | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
A mirror download server for the popular tool HandBrake video file-transcoding app has been compromised by hackers, who replaced its Mac edition with malware.
The first most Mac users will know about the security incident will be when they visit the app’s website, at https://handbrake.fr, and see a link to a “Security Alert”:

 

Anyone who has downloaded HandBrake on Mac between [02/May/2017 14:30 UTC] and [06/May/2017 11:00 UTC] needs to verify the SHA1 / 256 sum of the file before running it.

Anyone who has installed HandBrake for Mac needs to verify their system is not infected with a Trojan. You have 50/50 chance if you’ve downloaded HandBrake during this period.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=HandBrake

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
A mirror download server for the popular tool HandBrake video file-transcoding app has been compromised by hackers, who replaced its Mac edition with malware.
The first most Mac users will know about the security incident will be when they visit the app’s website, at https://handbrake.fr, and see a link to a “Security Alert”:

 

Anyone who has downloaded HandBrake on Mac between [02/May/2017 14:30 UTC] and [06/May/2017 11:00 UTC] needs to verify the SHA1 / 256 sum of the file before running it.

Anyone who has installed HandBrake for Mac needs to verify their system is not infected with a Trojan. You have 50/50 chance if you’ve downloaded HandBrake during this period.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=HandBrake

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Dok: OSX malware uses stolen certs and reads HTTPS traffic | #Apple #CyberSecurity #Awareness

Dok: OSX malware uses stolen certs and reads HTTPS traffic | #Apple #CyberSecurity #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Mac users beware as researchers have found yet another reason to rattle the false sense of security some may have concerning Macs and viruses.  


Checkpoint researchers spotted a Mac OSX malware, dubbed OSX/Dok that has been signed with an Apple signature and reads HTTPS traffic, Check Point lead researcher Ofer Caspi said in a 27 April blog post.


It is unclear how the Apple signature got into the hands of the malware's developers and that the signature is the reason why the malware has been able to bypass some native Apple protections and malware could allow an attacker to intercept a victim's web communications and worse.


The malware primarily targets European users, mainly in Germany and in Austria, and could allow an attacker to redirect victims to a remote proxy server controlled by its operator, where the attacker could steal banking credentials, hijack online accounts and leak sensitive information.


The malware was spread via phishing campaigns and at the time the malware was detected and analysed, it was still floating under the radar of Apple and by other third party security products leading researchers said.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Dok

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

Gust MEES's insight:
Mac users beware as researchers have found yet another reason to rattle the false sense of security some may have concerning Macs and viruses.  


Checkpoint researchers spotted a Mac OSX malware, dubbed OSX/Dok that has been signed with an Apple signature and reads HTTPS traffic, Check Point lead researcher Ofer Caspi said in a 27 April blog post.


It is unclear how the Apple signature got into the hands of the malware's developers and that the signature is the reason why the malware has been able to bypass some native Apple protections and malware could allow an attacker to intercept a victim's web communications and worse.


The malware primarily targets European users, mainly in Germany and in Austria, and could allow an attacker to redirect victims to a remote proxy server controlled by its operator, where the attacker could steal banking credentials, hijack online accounts and leak sensitive information.


The malware was spread via phishing campaigns and at the time the malware was detected and analysed, it was still floating under the radar of Apple and by other third party security products leading researchers said.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Dok

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Malware Uses Apple Developer Certificate to Infect MacOS and Spy on HTTPS Traffic | #Apple #CyberSecurity

Malware Uses Apple Developer Certificate to Infect MacOS and Spy on HTTPS Traffic | #Apple #CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

A malware research team has discovered a new piece of Mac malware that reportedly affects all versions of MacOS and is signed with a valid developer certificate authenticated by Apple (via The Hacker News).

The malware has been dubbed "DOK" and is being disseminated through an email phishing campaign which researchers at CheckPoint say is specifically targeting macOS users, making it the first of its kind.

The malware works by gaining administration privileges in order to install a new root certificate on the user's system. This enables it to gain access to all communications between the host Mac and the internet, including traffic flowing through connections encrypted with SSL.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

A malware research team has discovered a new piece of Mac malware that reportedly affects all versions of MacOS and is signed with a valid developer certificate authenticated by Apple (via The Hacker News).

The malware has been dubbed "DOK" and is being disseminated through an email phishing campaign which researchers at CheckPoint say is specifically targeting macOS users, making it the first of its kind.

The malware works by gaining administration privileges in order to install a new root certificate on the user's system. This enables it to gain access to all communications between the host Mac and the internet, including traffic flowing through connections encrypted with SSL.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Anzahl der Mac-Malware steigt 2016 um 744% | #Apple #CyberSecurity #NobodyIsPerfect

Anzahl der Mac-Malware steigt 2016 um 744% | #Apple #CyberSecurity #NobodyIsPerfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Starkes Wachstum: Der Mac ist zusehends Bedrohungen von Malware ausgesetzt, der verhältnismäßig geringe Marktanteil bietet keinen Schutz mehr. Wie der Hersteller von Sicherheitssoftware McAfee nun ausgerechnet hat, boomt die Branche der Mac-Malware, im Jahr 2016 ist sie um 744 Prozent gewachsen, 466.000 Vorfälle habe man entdeckt. Das ist immer noch ein kleiner Teil im Vergleich zu den 600 Millionen Vorfällen insgesamt oder den 15 Millionen für mobile Systeme, die fast alle Android betreffen.

 

Der größte Anteil des Zuwachses an Mac-Malware lässt sich auf Adware zurückführen. Diese ist zwar lästig, weil sie Werbung einspielt, die der Anwender nicht sehen will, setzt ihn und seinen Rechner aber nicht wirklichen Gefahren aus. Die beste Gefahrenabwehr besteht immer noch darin, Software nur aus dem Mac App Store oder von zertifizierten Entwicklern zu installieren. In McAfees Bericht gibt es jedoch noch einen Punkt, der Besorgnis erregt.

 

Denn die Anzahl der von Malware infizierten Geräte des Internets der Dinge nehme immer mehr zu. Diese schlauen, aber unsicheren Maschinchen seien vor allem für DoS-Angriffe in einem Botnetz zu missbrauchen.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Starkes Wachstum: Der Mac ist zusehends Bedrohungen von Malware ausgesetzt, der verhältnismäßig geringe Marktanteil bietet keinen Schutz mehr. Wie der Hersteller von Sicherheitssoftware McAfee nun ausgerechnet hat, boomt die Branche der Mac-Malware, im Jahr 2016 ist sie um 744 Prozent gewachsen, 466.000 Vorfälle habe man entdeckt. Das ist immer noch ein kleiner Teil im Vergleich zu den 600 Millionen Vorfällen insgesamt oder den 15 Millionen für mobile Systeme, die fast alle Android betreffen.

 

Der größte Anteil des Zuwachses an Mac-Malware lässt sich auf Adware zurückführen. Diese ist zwar lästig, weil sie Werbung einspielt, die der Anwender nicht sehen will, setzt ihn und seinen Rechner aber nicht wirklichen Gefahren aus. Die beste Gefahrenabwehr besteht immer noch darin, Software nur aus dem Mac App Store oder von zertifizierten Entwicklern zu installieren. In McAfees Bericht gibt es jedoch noch einen Punkt, der Besorgnis erregt.

 

Denn die Anzahl der von Malware infizierten Geräte des Internets der Dinge nehme immer mehr zu. Diese schlauen, aber unsicheren Maschinchen seien vor allem für DoS-Angriffe in einem Botnetz zu missbrauchen.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Drive-by Wi-Fi i-Thing attack, oh my! | #Apple #Updates #CyberSecurity #NobodyIsPerfect #ICT #Awareness

Drive-by Wi-Fi i-Thing attack, oh my! | #Apple #Updates #CyberSecurity #NobodyIsPerfect #ICT #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Drive-by Wi-Fi i-Thing attack, oh my!
Don't skip this update

3 Apr 2017 at 22:46, Richard Chirgwin
Apple hasn’t provided much detail, but you don’t want to ignore the latest iOS release – 10.3.1 – because it plugs a very nasty Wi-Fi vulnerability.

Cupertino has rushed out the emergency patch because: “An attacker within range may be able to execute arbitrary code on the Wi-Fi chip” – meaning, presumably, that malicious packets gave attackers a vector.

The fix for the bug, which Apple attributes to Gal Beniamini of Google’s Project Zero, was a buffer overflow fixed by better input validation.

The bug affected iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

Drive-by Wi-Fi i-Thing attack, oh my!
Don't skip this update

3 Apr 2017 at 22:46, Richard Chirgwin
Apple hasn’t provided much detail, but you don’t want to ignore the latest iOS release – 10.3.1 – because it plugs a very nasty Wi-Fi vulnerability.

Cupertino has rushed out the emergency patch because: “An attacker within range may be able to execute arbitrary code on the Wi-Fi chip” – meaning, presumably, that malicious packets gave attackers a vector.

The fix for the bug, which Apple attributes to Gal Beniamini of Google’s Project Zero, was a buffer overflow fixed by better input validation.

The bug affected iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Macs and iPhones patched – including 23 kernel-level holes | #Updates #CyberSecurity #Apple

Macs and iPhones patched – including 23 kernel-level holes | #Updates #CyberSecurity #Apple | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Yes, we always say, "Patch early, patch often." But this time, patch even earlier!

 

Macs and iPhones patched – including 23 kernel-level holes

Apple’ latest batch of updates is out, including macOS Sierra 10.12.4 and iOS 10.3.

There’s also an update to Safari 10.1, installed automatically if you update Sierra, but provided as a separate download for OS X El Capitan (10.11) and OS X Yosemite (10.10), which get Security Update 2017-001 rather than a full-on point release.

Lastly, the iWork suite, consisting of Pages, Keynote and Numbers (Apple’s equivalent of Word, Powerpoint and Excel), were updated too.

The iWork updates were mainly about form and function, but also included a security patch dealing with an intriguing vulnerability, about which more later.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Yes, we always say, "Patch early, patch often." But this time, patch even earlier!

 

Macs and iPhones patched – including 23 kernel-level holes

Apple’ latest batch of updates is out, including macOS Sierra 10.12.4 and iOS 10.3.

There’s also an update to Safari 10.1, installed automatically if you update Sierra, but provided as a separate download for OS X El Capitan (10.11) and OS X Yosemite (10.10), which get Security Update 2017-001 rather than a full-on point release.

Lastly, the iWork suite, consisting of Pages, Keynote and Numbers (Apple’s equivalent of Word, Powerpoint and Excel), were updated too.

The iWork updates were mainly about form and function, but also included a security patch dealing with an intriguing vulnerability, about which more later.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Your Mac is not malware-proof: a look at the threats and defenses | #Apple #CyberSecurity #NobodyIsPerfect

Your Mac is not malware-proof: a look at the threats and defenses | #Apple #CyberSecurity #NobodyIsPerfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
In the big picture, which operating systems attract more malware is beside the point. Windows may be targeted more often, but if you’re the Mac user who gets victimized by tainted code, the tally doesn’t matter. For Mac users, the important thing is to raise awareness of the threats they face and explain what they can do about it.

Below is a look at the Mac malware SophosLabs has intercepted, analyzed and protected customers against, followed by recent issues Naked Security has written about. From there, we look at some tips to ensure better protection.

View from the lab

Mac malware has been studied at length by SophosLabs, and in a 2017 malware forecast released last month, it warned that more threats are coming, including several varieties of ransomware.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

In the eternal battle of Windows versus Mac, the tide is turning in Microsoft's favor | #OperatingSystems #OS

In the eternal battle of Windows versus Mac, the tide is turning in Microsoft's favor | #OperatingSystems #OS | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Apple opened the door for users to install Windows on Macs, and Microsoft made truckloads of cash selling Office and its associated services on iPhone and iPad. It was all quiet on the PC front, as the battle moved to the smartphone.

 

But now, after years of stability, change is on the horizon in the PC market. Former Apple lovers, including myself, are starting to reconsider Windows. And hardware like the Microsoft Surface Studio PC, Eve V laptop/tablet hybrid, and Dell XPS 13 2-in-1 is getting people excited about computers again.

 

It's a huge renaissance for Windows, coming at a time when Apple fans feel like the company is treating the Mac like an afterthought. Don't just take my word for it: Over the weekend, my friend Owen Williams wrote a piece entitled "Why I left Mac for Windows: Apple has given up," which really says it all. 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/21st-century-learning-and-teaching/?&tag=Battle+of+the+Classrooms

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Destructive Mac ransomware spread as cracks to pirate commercial software | #Apple #CyberSecurity #Awareness

Destructive Mac ransomware spread as cracks to pirate commercial software | #Apple #CyberSecurity #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
The latest example of Mac ransomware, OSX/Filecoder.E, has been discovered by ESET after it was distributed via BitTorrent distribution sites

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
The latest example of Mac ransomware, OSX/Filecoder.E, has been discovered by ESET after it was distributed via BitTorrent distribution sites

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Bitdefender : Malware Xagent APT28 inquiète le Mac | #Apple #CyberSecurity #Awareness

Bitdefender : Malware Xagent APT28 inquiète le Mac | #Apple #CyberSecurity #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Les utilisateurs Mac visés par une nouvelle variante du malware Xagent lié à l’APT28. Le malware sophistiqué Xagent s’attaque désormais aux utilisateurs Mac pour détourner des mots de passe et des sauvegardes iPhone.

Les pirates responsables de la menace APT28 ont renforcé leur arsenal - la charge utile du malware Xagent peut maintenant cibler des utilisateurs sous macOS dans le but de voler des mots de passe, faire des captures d’écran mais également voler des sauvegardes iPhone stockées sur le Mac.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Xagent

 

Gust MEES's insight:

Les utilisateurs Mac visés par une nouvelle variante du malware Xagent lié à l’APT28. Le malware sophistiqué Xagent s’attaque désormais aux utilisateurs Mac pour détourner des mots de passe et des sauvegardes iPhone.

Les pirates responsables de la menace APT28 ont renforcé leur arsenal - la charge utile du malware Xagent peut maintenant cibler des utilisateurs sous macOS dans le but de voler des mots de passe, faire des captures d’écran mais également voler des sauvegardes iPhone stockées sur le Mac.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Xagent

 

more...
No comment yet.