Apple, Mac, iOS4,...
Follow
Find tag "Apple-Insecurity"
7.5K views | +9 today
Apple, Mac, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Opera for Mac OS X patches six security vulnerabilities

Opera for Mac OS X patches six security vulnerabilities | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Opera recently released version 12.10 of its flagship browser, patching six security vulnerabilities on Mac OS X systems.

 

Read more and update:

http://www.zdnet.com/opera-for-mac-os-x-patches-six-security-vulnerabilities-7000007174/

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Apple Patches Kernel, Passcode Lock and WebKit Flaws in iOS 6.0.1

Apple Patches Kernel, Passcode Lock and WebKit Flaws in iOS 6.0.1 | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple released its first security updates to iOS 6. Version 6.0.1 includes patches for critical vulnerabilities in the operating system kernel, Passcode Lock and WebKit.

 

Read more:

http://threatpost.com/en_us/blogs/apple-patches-kernel-passcode-lock-and-webkit-flaws-ios-601-110212

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Apple fixes Safari security flaws

Apple fixes Safari security flaws | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Company bolsters anti-hacker defences...

 

Apple has released an update for its Safari web browser designed to fix a number of security flaws.


The iPhone maker released the Safari update alongside a security patch for its iOS mobile operating system on Friday.
The update aims to protect Safari users from drive-by download attacks and patch a number of Java vulnerabilities within the web browser.


===> Drive-by download attacks use malicious websites that infect machines with malware when visited. <===


The update is available now on Apple's OS X Lion v10.7.5, OS X Lion Server v10.7.5 and OS X Mountain Lion v10.8.2 operating systems.


===> The release follows a number of high-profile attacks on Apple's Mac OS. Prior to the update numerous exploits targeting Safari using Java vulnerabilities had been detected. <===

 

Read more, a MUST:

http://www.v3.co.uk/v3-uk/news/2222043/apple-fixes-safari-security-flaws?utm_source=dlvr.it&amp;amp;utm_medium=twitter

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Mac-focused malware is big and getting bigger

Mac-focused malware is big and getting bigger | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Despite the Mac reputation as being more secure because of Apple’s tight control over its vertically integrated ecosystem, Mac-specific malware and advanced persistent attacks (APTs) against human rights groups is on the rise, cautions Citizen Lab...

 

Read more, a MUST:

http://www.infosecurity-magazine.com/view/28671/macfocused-malware-is-big-and-getting-bigger/?utm_source=twitterfeed&amp;amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Imuler Variant Found–Steer Clear of “Your Dirty Pics”

New Imuler Variant Found–Steer Clear of “Your Dirty Pics” | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Intego has discovered a new version of the Imuler Trojan horse, which was first discovered in September 2011. Right now the risk is considered to be low – a sample of this malware was found on the VirusTotal website in a ZIP archive named “your dirty pics.zip.” Inside the ZIP file is an application with an icon making it look like an image.

 

If the file is run, ===> it installs a backdoor without the need for an admin password. <===

 

Read more:

http://www.intego.com/mac-security-blog/new-imuler-variant-found-steer-clear-of-your-dirty-pics/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple issues Mac OS X patches, Facebook integration

Apple issues Mac OS X patches, Facebook integration | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has released Mac OS X 10.8.2 with security updates for Snow Leopard, Lion, Mountain Lion, iOS and iTunes – along with a single sign-on feature for Facebook and a Java patch.

 

Apple recommends that users upgrade using System Update, which can determine what fixes are already installed on the system, thus lightening the heft of the download.

 

As for the Facebook angle, users can now opt to have Facebook contact information integrated with the Mac’s native Contacts and Game Center applications. Users gain a single sign-on and the ability to be alerted to Facebook activity via Mac OS X's Notification Center.

 

                                  ===> UPDATE!!! <===

 

 

Read more:

http://www.infosecurity-magazine.com/view/28372/apple-issues-mac-os-x-patches-facebook-integration/?utm_source=dlvr.it&amp;amp;amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple plugs Java hole, shifts away from plug-in

Apple plugs Java hole, shifts away from plug-in | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
By turning off Java by default, Apple is making customers choose whether to take the risk in using the troubled browser software...

 

Apple's patches automatically deactivated the Java plug-ins in browsers, leaving it up to Mac users to turn them back on. Until a few months ago, Apple had handled the release of all Java updates. Now, customers can download and install fixes directly from Oracle.

 

Read more:

http://www.csoonline.com/article/715630/apple-plugs-java-hole-shifts-away-from-plug-in?source=rss_news&amp;utm_source=dlvr.it&amp;utm_medium=twitter

 

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Dirt cheap Mac malware points up growing threat to Apple users

Dirt cheap Mac malware points up growing threat to Apple users | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Poorly written Mac NetWeird zombie available for just $60 online...

 

Read more:

http://www.v3.co.uk/v3-uk/news/2200826/dirt-cheap-mac-malware-points-up-growing-threat-to-apple-users

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac malware Crisis can spread to different environments

Mac malware Crisis can spread to different environments | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

The malware - dubbed Crisis or Morcut - was not spotted in the wild, but received by the security researcher from VirusTotal in the form of a JAR file, the analysis of which revealed that it contained a .class file named WebEnhancer, and two installers - one for Windows and the other for OS X.

 

Symantec's researchers have continued analyzing the file, and have recently discovered that the Windows version of the threat uses three methods to spread itself: to a removable disk drive, to a VMware virtual machine, and to a Windows Mobile device.

 

Read more:

http://www.net-security.org/malware_news.php?id=2235&amp;utm_source=dlvr.it&amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Researcher finds serious SMS spoofing flaw on iOS

Researcher finds serious SMS spoofing flaw on iOS | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Summary: A well-known security researcher urges iPhone users to distrust the legitimacy of text messages at first sight.

 

A security research who goes by the handle "pod2g" has found a serious security vulnerability in the way iOS devices handle SMS messages, warning that this could be exploited by online criminals.

The flaw, which the researcher describes as "severe," exists since the beginning of the implementation of SMS in the iPhone, and is still there in iOS 6 beta 4.

 

According to a post on pod2g's blog, an attacker can exploit this flaw to send an SMS that seems to come from the receiver's bank asking for sensitive information or luring them to a maliciously rigged web site. In another scenario, an attacker could send a spoofed text message to an iPhone user to use as false evidence; or send spoofed messages to manipulate iPhone users into thinking they are receving legitimate SMS messages.

 

A MUST read:

http://www.zdnet.com/researcher-finds-serious-sms-spoofing-flaw-on-ios-7000002821/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Sécurité : Amazon et Apple prennent des mesures

Sécurité : Amazon et Apple prennent des mesures | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Suite aux mésaventures du journaliste Mat Honan qui a perdu le contrôle sur sa vie numérique, mais aussi le contenu de son ordinateur suite à une attaque vendredi soir (lire : Sécurité : Amazo...

 

En savoir plus :

http://www.macgeneration.com/news/voir/254352/securite-amazon-et-apple-prennent-des-mesures

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple, Amazon change their security policies following epic hack

Apple, Amazon change their security policies following epic hack | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

According to Wired, Amazon no longer allows people to call Amazon and change account settings such as email addresses and credit cards, and Apple has temporarily suspended the option of asking for an AppleID password reset over the phone.

 

Read more:

http://www.net-security.org/secworld.php?id=13392

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

How Apple and Amazon Security Flaws Led to My Epic Hacking

How Apple and Amazon Security Flaws Led to My Epic Hacking | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

By Mat Honan August 6, 2012 | 8:01 pm |

 

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages.

 

Read more:

http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/2/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Vulnérabilités : Kaspersky pointe Adobe, Oracle et Apple

Vulnérabilités : Kaspersky pointe Adobe, Oracle et Apple | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

L'éditeur de logiciel de sécurité Kaspersky a publié quelques statistiques sur les failles de sécurité découvertes dans le monde au troisième trimestre. Pour délivrer ces chiffres, Kaspersky s'appuie sur la base d'utilisateurs de ses produits.

 

On trouve ensuite des logiciels d'Adobe (Flash, Adobe Reader et Shockwave) qui est le plus représenté dans ce top 10 avec cinq mentions. Apple est également présent avec des failles concernant QuickTime (14 % des utilisateurs concernés) et iTunes (12 %). Nullsoft avec Winamp ferme la marche.

 

En savoir plus :

 

http://www.macg.co/news/voir/257709/vulnerabilites-kaspersky-pointe-adobe-oracle-et-apple

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Safari Update Fixes Security Flaws

Safari Update Fixes Security Flaws | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Two security vulnerabilities in Safari are being addressed in an update of the browser software released by Apple earlier today. This update coincides with Apple’s iOS 6.0.1 software update, which addressed multiple security problems. The 48.5 MB update to Safari 6.0.2 is available for OS X Lion and OS X Mountain Lion, and is recommended as it fixes security flaws in the software.

 

                          ===> UPDATE asap!!! <===

 

Read more, a MUST:

http://www.intego.com/mac-security-blog/safari-update-fixes-security-flaws/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Jacksbot Java malware can take control of Windows, Mac, and Linux systems

Jacksbot Java malware can take control of Windows, Mac, and Linux systems | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Two weeks ago, Mac security software company Intego discovered malware which it classified as "a new Java backdoor trojan called Java/Jacksbot.A.” New threats are discovered all the time, but Intego later concluded that even though Jacksbot is a variant of the Java remote access tool (RAT) created by the jailbreaking group Redpois0n, it can target multiple platforms.

 

The malware writers behind JACKSBOT may just be testing the waters for a successful multiplatform malware; however for now they appear to be unwilling to invest the time and resources to develop the code more completely.

 

===> It’s likely that the authors will continue to improve the code to fully support infection for OS X and Linux. <===

 

Read more, a MUST:

http://thenextweb.com/2012/10/31/jacksbot-java-malware-can-take-control-of-windows-mac-and-linux-systems/?utm_source=dlvr.it&amp;utm_medium=twitter

 

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Sécurité Mac : XMCO actu-secu [pdf]

Sécurité Mac : XMCO actu-secu [pdf] | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

l’ACTUSÉCU est un magazine numérique rédigé et édité par les consultants du cabinet de conseil XMCO

 

Numéro spécial dédié à la sécurité Mac...

 

En savoir plus :

 

http://www.xmco.fr/actu-secu/XMCO-ActuSecu-32-MACOS_Flashback.pdf

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iPhone 4S Falls at Hacker Contest; New iPhone 5 Vulnerable to Same Exploit

iPhone 4S Falls at Hacker Contest; New iPhone 5 Vulnerable to Same Exploit | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Two Dutch researchers successfully hacked a patched iPhone 4S, exploit a vulnerability also likely present in the new iPhone 5 due to be released tomorrow.

 

Joost Pol and Daan Keuper won the mobile Pwn2Own contest yesterday at EUSecWest event in Amsterdam by compromising a fully patched iPhone 4S device and stealing contacts, browsing history, photos and videos from the phone.

 

The pair was able to build an exploit for a vulnerability in WebKit to beat Apple's code-signing features and the MobileSafari sandbox. The same bug is present in the iOS6 Golden Master development code base, meaning iPhone 5 is vulnerable to the same exploit. Apple iPads and iPod Touch devices are also vulnerable, Pol and Keuper said, adding that it took them three weeks find the flaw and write an exploit.

 

Read more, a MUST:

http://threatpost.com/en_us/blogs/iphone-4s-falls-hacker-contest-new-iphone-5-vulnerable-same-exploit-092012

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mythbusting - Mac Security

As the popularity of Mac OS has increased, so has its attractiveness to online criminals. This cartoon busts some of the myths that still prevail when it com...
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple patcht vier gravierende Sicherheitslücken in Java 6 für Mac OS X

Apple patcht vier gravierende Sicherheitslücken in Java 6 für Mac OS X | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Apple patcht vier gravierende Sicherheitslücken in Java 6 für Mac OS X


Betroffen sind Mac OS X 10.6, 10.7 und 10.8. Die Lücken lassen sich mit manipulierten Java-Applets ausnutzen. Sie sind seit dem durch den von Oracle in der vergangenen Woche bereitgestellten Patch öffentlich bekannt.

 

Da Apple für die Aktualisierung von Java 6 verantwortlich ist, mussten Nutzer von OS X warten, bis das Unternehmen aus Cupertino ein Update herausgibt. Ab Java 7 ist Oracle für die Mac-OS-Updates zuständig. Ein entsprechendes Update wurde letzte Woche bereitgestellt. Allerdings liegt Java 7 unter Mac OS nur als 64-Bit-Version vor, sodass 32-Bit-Browser wie Google Chrome noch auf die ältere Version zurückgreifen.

 

Zudem wurde auch in diesem Patch eine Sicherheitslücke entdeckt, die Angreifer missbrauchen können, um Schadcode einzuschleusen udn auszuführen. Das polnische Sicherheitsunternehmen Security Explorations hatte den Fehler nur wenige Stunden nachdem das Update bereitgestellt worden war entdeckt.

 

Mehr erfahren:

http://www.itespresso.de/2012/09/06/apple-patcht-vier-gravierende-sicherheitslucken-in-java-6-fur-mac-os-x/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple zombie malware 'NetWeird' rummages for browser and email passwords

Apple zombie malware 'NetWeird' rummages for browser and email passwords | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

When we write Naked Security articles about Mac malware, we often end up creating a bit of a stir.

So, with a deep breath, here's some Mac malware news: this time, it's a zombie Trojan called 'NetWeird...

 

Read more, a MUST:

http://nakedsecurity.sophos.com/2012/08/24/apple-zombie-malware-netweird-rummages-for-browser-and-email-passwords/?utm_source=twitter&amp;utm_medium=duckblog&amp;utm_campaign=naked%2Bsecurity

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Sicherheitslücke in iOS-SMS-System aufgedeckt

Sicherheitslücke in iOS-SMS-System aufgedeckt | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Eine Schwachstelle im Apple-Betriebssystem iOS könnte dazu führen, dass Kurznachrichten an die falsche Nummer geschickt werden.

 

Der Blogger Pod2g will Hinweise für eine Sicherheitslücke in iOS ausgemacht haben, die den Versand von SMS-Nachrichten auf dem iPhone betrifft. So wäre es möglich, Kurznachrichten im PDU-Format zu verfassen, deren Zieladresse sich über einen editierbaren Abschnitt namens PDU (Protocol Description Unit) ändern ließe. Antwortet der Nutzer auf eine solche SMS, dann könnte die Antwort nicht an den ehemaligen Absender, sondern an ein fremdes Smartphone geschickt werden.

 

Mehr lesen:

http://www.pcwelt.de/news/Apple-Sicherheitsluecke-in-iOS-SMS-System-aufgedeckt-6477693.html?r=661529125805606&amp;lid=191580

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Un compte iCloud piraté révèle des failles de sécurité chez Apple et Amazon (màj)

Un compte iCloud piraté révèle des failles de sécurité chez Apple et Amazon (màj) | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Mat Honan / Crédits : WiredLa mésaventure numérique vécue en fin de semaine dernière par Mathew Honan, journaliste américain officiant chez Wired et Gizmodo, a permis de mettre en avant deux mécanis...

 

 

 

En savoir plus :

http://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/hackers/actualite-504960-hack-mesaventure-journaliste-importantes-failles-apple-amazon.html

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

One-quarter of websites examined by testing service were malicious

One-quarter of websites examined by testing service were malicious | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
One-quarter of the 30,156 websites tested in the second quarter by Zscaler’s Zulu service, which tests the security of websites, were malicious, according to Zscaler’s second quarter 2012 State of the Web report.

 

The State of the Web report found that users are slow to update browser plug-ins and attackers know it, as witnessed by the Flashback Trojan, which infected over 650,000 Macs leveraging a Java vulnerability. However, the situation is improving. In the second quarter, 35% of installed Adobe Shockwave plug-ins were outdated, down from 52% in the fourth quarter of 2011.

 

Adobe Acrobat was the worst in terms of updating, with close to 62% of plug-ins being outdated in the second quarter, followed by Adobe Shockwave with 38%, Microsoft Outlook with 5.7%, and Adobe Flash with 4.3%.

 

===> “Outdated plug-ins are vulnerable to exploitation, and the bad guys know that”, Geide observed. <===

 

Read more:

http://www.infosecurity-magazine.com/view/27471/onequarter-of-websites-examined-by-testing-service-were-malicious/?utm_source=twitterfeed&amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iCloud Hacking Could Tarnish Apple's Image - Forbes

iCloud Hacking Could Tarnish Apple's Image - Forbes | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple (NASDAQ: AAPL) reportedly allowed a hacker to take over a journalist's iCloud account by deceiving the company's tech support team. What affect will this have on the future of Apple's success?

 

This situation could cause irreparable harm to Apple, which touts iCloud as an “automatic and effortless” offer that integrates into users’ apps. The iPhone maker heavily promotes the fact that iCloud allows users to backup and restore their data.

 

Read more:

http://www.forbes.com/sites/benzingainsights/2012/08/07/icloud-hacking-could-tarnish-apples-image/

 

more...
No comment yet.