Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
10.9K views | +4 today
Follow
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Safari Update Fixes Security Flaws

Safari Update Fixes Security Flaws | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Two security vulnerabilities in Safari are being addressed in an update of the browser software released by Apple earlier today. This update coincides with Apple’s iOS 6.0.1 software update, which addressed multiple security problems. The 48.5 MB update to Safari 6.0.2 is available for OS X Lion and OS X Mountain Lion, and is recommended as it fixes security flaws in the software.

 

                          ===> UPDATE asap!!! <===

 

Read more, a MUST:

http://www.intego.com/mac-security-blog/safari-update-fixes-security-flaws/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Jacksbot Java malware can take control of Windows, Mac, and Linux systems

Jacksbot Java malware can take control of Windows, Mac, and Linux systems | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Two weeks ago, Mac security software company Intego discovered malware which it classified as "a new Java backdoor trojan called Java/Jacksbot.A.” New threats are discovered all the time, but Intego later concluded that even though Jacksbot is a variant of the Java remote access tool (RAT) created by the jailbreaking group Redpois0n, it can target multiple platforms.

 

The malware writers behind JACKSBOT may just be testing the waters for a successful multiplatform malware; however for now they appear to be unwilling to invest the time and resources to develop the code more completely.

 

===> It’s likely that the authors will continue to improve the code to fully support infection for OS X and Linux. <===

 

Read more, a MUST:

http://thenextweb.com/2012/10/31/jacksbot-java-malware-can-take-control-of-windows-mac-and-linux-systems/?utm_source=dlvr.it&amp;utm_medium=twitter

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Mac-focused malware is big and getting bigger

Mac-focused malware is big and getting bigger | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Despite the Mac reputation as being more secure because of Apple’s tight control over its vertically integrated ecosystem, Mac-specific malware and advanced persistent attacks (APTs) against human rights groups is on the rise, cautions Citizen Lab...

 

Read more, a MUST:

http://www.infosecurity-magazine.com/view/28671/macfocused-malware-is-big-and-getting-bigger/?utm_source=twitterfeed&amp;amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Imuler Variant Found–Steer Clear of “Your Dirty Pics”

New Imuler Variant Found–Steer Clear of “Your Dirty Pics” | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Intego has discovered a new version of the Imuler Trojan horse, which was first discovered in September 2011. Right now the risk is considered to be low – a sample of this malware was found on the VirusTotal website in a ZIP archive named “your dirty pics.zip.” Inside the ZIP file is an application with an icon making it look like an image.

 

If the file is run, ===> it installs a backdoor without the need for an admin password. <===

 

Read more:

http://www.intego.com/mac-security-blog/new-imuler-variant-found-steer-clear-of-your-dirty-pics/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple issues Mac OS X patches, Facebook integration

Apple issues Mac OS X patches, Facebook integration | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has released Mac OS X 10.8.2 with security updates for Snow Leopard, Lion, Mountain Lion, iOS and iTunes – along with a single sign-on feature for Facebook and a Java patch.

 

Apple recommends that users upgrade using System Update, which can determine what fixes are already installed on the system, thus lightening the heft of the download.

 

As for the Facebook angle, users can now opt to have Facebook contact information integrated with the Mac’s native Contacts and Game Center applications. Users gain a single sign-on and the ability to be alerted to Facebook activity via Mac OS X's Notification Center.

 

                                  ===> UPDATE!!! <===

 

 

Read more:

http://www.infosecurity-magazine.com/view/28372/apple-issues-mac-os-x-patches-facebook-integration/?utm_source=dlvr.it&amp;amp;amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mythbusting - Mac Security

As the popularity of Mac OS has increased, so has its attractiveness to online criminals. This cartoon busts some of the myths that still prevail when it com...
more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Publishing firm says leaked Apple IDs came from their servers

Publishing firm says leaked Apple IDs came from their servers | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
BlueToad, a Florida-based digital edition publishing company, has announced that the recent massive Apple UDID leak originated from their own servers, and not an FBI laptop.

 

They were first alerted to the possibility by David Schuetz, a researcher employed by mobile device security consulting firm Intrepidus Group, who took the trouble to analyze the leaked UDIDs and the device names attached to them.

 

Read more:

http://www.net-security.org/secworld.php?id=13560

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Apple's iOS and Android are new favorite malware victims

Apple's iOS and Android are new favorite malware victims | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Cybercriminals are working on more complex schemes to wage attacks on PCs, laptops, and smartphones.

 

 

 

A new report shows that:

===> every single device that connects to the Internet is in danger. <===

 

Read this blog post by Dara Kerr on Security & Privacy:

http://news.cnet.com/8301-1009_3-57506159-83/apples-ios-and-android-are-new-favorite-malware-victims/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple: We didn't pass iPhone, iPad device IDs to FBI

Apple: We didn't pass iPhone, iPad device IDs to FBI | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Summary: Both the FBI and now Apple have come forward to state that they had no involvement the ongoing 'UDID-gate,' which led to more than 1 million iOS device codes leaking to the Web.

 

Read more:

http://www.zdnet.com/apple-we-didnt-pass-iphone-ipad-device-ids-to-fbi-7000003786/?s_cid=e550

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple device IDs hacked: What you need to know

Apple device IDs hacked: What you need to know | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
A hacktivist group has published more than a million Apple device UDIDs acquired from a hacked FBI laptop. Is your iPhone or iPad at risk?

 

The details stolen from the FBI laptop included more personal information as well—such as full names, cell phone numbers, addresses and zip codes.

 

Read more:

http://www.pcworld.com/businesscenter/article/261876/apple_device_ids_hacked_what_you_need_to_know.html

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Hackers Allegedly Leak 1 Million Apple Device IDs

Hackers Allegedly Leak 1 Million Apple Device IDs | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

AntiSec hacker group has in its possession over 12,000,000 Apple iOS device IDs. To prove it, it has released 1,000,001 IDs to the public.

 

Though they haven’t released them, hackers also claim the real names, addresses and cell phones in some cases accompany the UDIDs on the list, making this leak an even bigger privacy concern.

Developing…

 

“During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of “NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc,” claims Antisec.

 

Read more:

http://mashable.com/2012/09/04/hackers-apple-device-id/?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+Mashable+%28Mashable%29

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

OS X : désactiver JAVA en attente d'un correctif de sécurité

OS X : désactiver JAVA en attente d'un correctif de sécurité | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Actualité Apple : OS X : désactiver JAVA en attente d'un correctif de sécurité...

 

JAVA ne se traine pas une formidable réputation en matière de sécurité, surtout sur nos Mac où Apple a souvent fait preuve d'une formidable lenteur pour mettre à jour la machine virtuelle JAVA. Désormais c'est Oracle qui préside aux destinées de la brique logicielle sur nos machines pommées.

 

En attendant, si vous n'en avez pas un besoin immédiat et absolu, vous pouvez simplement désactiver JAVA pour régler la question. Pour cela, direction le dossier Utilitaires de votre dossier Applications. Lancez Préférences JAVA et, dans l'onglet gGénéral, désactivez Java SE 7 (oui, l'image montre un système avec JAVA 6). Et voilà. Pour réactiver, procédure inverse.

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Dirt cheap Mac malware points up growing threat to Apple users

Dirt cheap Mac malware points up growing threat to Apple users | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Poorly written Mac NetWeird zombie available for just $60 online...

 

Read more:

http://www.v3.co.uk/v3-uk/news/2200826/dirt-cheap-mac-malware-points-up-growing-threat-to-apple-users

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Apple fixes Safari security flaws

Apple fixes Safari security flaws | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Company bolsters anti-hacker defences...

 

Apple has released an update for its Safari web browser designed to fix a number of security flaws.


The iPhone maker released the Safari update alongside a security patch for its iOS mobile operating system on Friday.
The update aims to protect Safari users from drive-by download attacks and patch a number of Java vulnerabilities within the web browser.


===> Drive-by download attacks use malicious websites that infect machines with malware when visited. <===


The update is available now on Apple's OS X Lion v10.7.5, OS X Lion Server v10.7.5 and OS X Mountain Lion v10.8.2 operating systems.


===> The release follows a number of high-profile attacks on Apple's Mac OS. Prior to the update numerous exploits targeting Safari using Java vulnerabilities had been detected. <===

 

Read more, a MUST:

http://www.v3.co.uk/v3-uk/news/2222043/apple-fixes-safari-security-flaws?utm_source=dlvr.it&amp;amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple resumes User Tracking with iOS 6. Here's how to disable it

Apple resumes User Tracking with iOS 6. Here's how to disable it | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple was eager to promote the many new features in iOS6, but avoided mention of one: IFA - or identifier for advertisers - the company's newest device tracking technology.

 

Read more, a MUST:

http://knolinfos.visibli.com/share/DBFsX6

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Sécurité Mac : XMCO actu-secu [pdf]

Sécurité Mac : XMCO actu-secu [pdf] | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

l’ACTUSÉCU est un magazine numérique rédigé et édité par les consultants du cabinet de conseil XMCO

 

Numéro spécial dédié à la sécurité Mac...

 

En savoir plus :

 

http://www.xmco.fr/actu-secu/XMCO-ActuSecu-32-MACOS_Flashback.pdf

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iPhone 4S Falls at Hacker Contest; New iPhone 5 Vulnerable to Same Exploit

iPhone 4S Falls at Hacker Contest; New iPhone 5 Vulnerable to Same Exploit | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Two Dutch researchers successfully hacked a patched iPhone 4S, exploit a vulnerability also likely present in the new iPhone 5 due to be released tomorrow.

 

Joost Pol and Daan Keuper won the mobile Pwn2Own contest yesterday at EUSecWest event in Amsterdam by compromising a fully patched iPhone 4S device and stealing contacts, browsing history, photos and videos from the phone.

 

The pair was able to build an exploit for a vulnerability in WebKit to beat Apple's code-signing features and the MobileSafari sandbox. The same bug is present in the iOS6 Golden Master development code base, meaning iPhone 5 is vulnerable to the same exploit. Apple iPads and iPod Touch devices are also vulnerable, Pol and Keuper said, adding that it took them three weeks find the flaw and write an exploit.

 

Read more, a MUST:

http://threatpost.com/en_us/blogs/iphone-4s-falls-hacker-contest-new-iphone-5-vulnerable-same-exploit-092012

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

What iOS apps are grabbing your data, why they do it and what should be done

What iOS apps are grabbing your data, why they do it and what should be done | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Early last week the personal diary app Path became the fulcrum of a massive discussion about how cavalier mobile apps are getting with harvesting your, presumably, personal information. ...

 

Apps that do send data, with no warning

 

Foursquare stands alone here as an app that was, until an update issued on February 14th, sending personal data with no warning. This is similar to the previous behavior of Path that got it in so much hot water. Since the update, Foursqare now warns users before uploading data. Foursquare says that, while it was uploading the data, it was not storing it.

 

Foursquare (Email, Phone Numbers no warning)

 

Read more, a MUST:

http://thenextweb.com/insider/2012/02/15/what-ios-apps-are-grabbing-your-data-why-they-do-it-and-what-should-be-done/

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Un développeur tiers responsable de la fuite d'identifiants Apple

Un développeur tiers responsable de la fuite d'identifiants Apple | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
La société américaine BlueToad explique s'être fait voler ces données il y a deux semaines. Le vol présumé à un agent du FBI perd en crédibilité.

 

La fuite de plus d'un million d'identifiants de terminaux Apple (iPhone et iPad) de la semaine dernière trouve une explication. Dans un entretien à NBC News, le PDG de l'éditeur d'applications BlueToad, Paul DeHart, déclare que les données publiées par un membre d'Anonymous ont été dérobées à sa société il y a deux semaines. Les serveurs les contenant n'étaient, semble-t-il, pas assez protégés.

 

En savoir plus :

 

http://www.lemonde.fr/technologies/article/2012/09/11/un-developpeur-tiers-responsable-de-la-fuite-d-identifiants-apple_1758361_651865.html?utm_source=dlvr.it&amp;amp;utm_medium=twitter#xtor=RSS-3208001

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple plugs Java hole, shifts away from plug-in

Apple plugs Java hole, shifts away from plug-in | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
By turning off Java by default, Apple is making customers choose whether to take the risk in using the troubled browser software...

 

Apple's patches automatically deactivated the Java plug-ins in browsers, leaving it up to Mac users to turn them back on. Until a few months ago, Apple had handled the release of all Java updates. Now, customers can download and install fixes directly from Oracle.

 

Read more:

http://www.csoonline.com/article/715630/apple-plugs-java-hole-shifts-away-from-plug-in?source=rss_news&amp;utm_source=dlvr.it&amp;utm_medium=twitter

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple patcht vier gravierende Sicherheitslücken in Java 6 für Mac OS X

Apple patcht vier gravierende Sicherheitslücken in Java 6 für Mac OS X | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Apple patcht vier gravierende Sicherheitslücken in Java 6 für Mac OS X


Betroffen sind Mac OS X 10.6, 10.7 und 10.8. Die Lücken lassen sich mit manipulierten Java-Applets ausnutzen. Sie sind seit dem durch den von Oracle in der vergangenen Woche bereitgestellten Patch öffentlich bekannt.

 

Da Apple für die Aktualisierung von Java 6 verantwortlich ist, mussten Nutzer von OS X warten, bis das Unternehmen aus Cupertino ein Update herausgibt. Ab Java 7 ist Oracle für die Mac-OS-Updates zuständig. Ein entsprechendes Update wurde letzte Woche bereitgestellt. Allerdings liegt Java 7 unter Mac OS nur als 64-Bit-Version vor, sodass 32-Bit-Browser wie Google Chrome noch auf die ältere Version zurückgreifen.

 

Zudem wurde auch in diesem Patch eine Sicherheitslücke entdeckt, die Angreifer missbrauchen können, um Schadcode einzuschleusen udn auszuführen. Das polnische Sicherheitsunternehmen Security Explorations hatte den Fehler nur wenige Stunden nachdem das Update bereitgestellt worden war entdeckt.

 

Mehr erfahren:

http://www.itespresso.de/2012/09/06/apple-patcht-vier-gravierende-sicherheitslucken-in-java-6-fur-mac-os-x/

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

FBI: Wir haben nicht geklaut

FBI: Wir haben nicht geklaut | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Der Vorwurf des Hacker-Kollektivs Antisec gegen das FBI wiegt schwer: Auf einem FBI-Laptop habe man eine Datei mit Millionen Seriennummern von iOS-Geräten gefunden. Die Ermittlungsbehörde dementiert.

 

Mehr erfahren:

http://www.tageblatt.lu/nachrichten/story/13507432

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Piratage : des millions d’identifiants iPhone dévoilés ?

Piratage : des millions d’identifiants iPhone dévoilés ? | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

La firme de Cupertino n'est visiblement pas au repos ces derniers temps, c’est une liste d’identifiants d’iPhone qui vient d’être mise en ligne par un groupe de hackers.

 

Ces pirates informatiques, dont le groupe semble dériver de la bande de LulzSec qui a été démantelée il y a peu par le FBI, dit avoir obtenu ces données en piratant l’ordinateur d’un agent du FBI. Ce méfait leur a permis de disposer d’une liste de près de 12 millions d’identifiants d’iPhone. Dabs le fichier original obtenu par les pirates, on retrouverait aussi les noms, les numéros de téléphones, les adresses postales et autres données personnelles d’utilisateurs d’iPhone.

 

En savoir plus :

 

http://www.logiciel.net/piratage-des-millions-didentifiants-iphone-devoiles-24063.htm?utm_source=Logiciel.net

 

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Toronto study shows mobile spyware's long shadow

Toronto study shows mobile spyware's long shadow | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
(Phys.org)—Spyware sold legally can infect BlackBerrys, iPhones, and other mobile devices, according to a study from two security researchers at the University of Toronto Munk School of Global Affairs' Citizen Lab.

 

Gust MEES: NOBODY IS PERFECT!

 

Read more:

http://phys.org/news/2012-09-toronto-mobile-spyware-shadow.html

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Une faille dans Java 7, aussi sur Mac

Une faille dans Java 7, aussi sur Mac | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Encore une faille dans Java qui menace la sécurité des Mac.

 

 

 

 

 

 

En savoir plus :

http://www.macworld.fr/mac/actualites,faille-java-7,530598,1.htm

 

more...
No comment yet.