Apple, Mac, iOS4,...
Follow
Find tag "Apple-Insecurity"
8.2K views | +0 today
Apple, Mac, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Dirt cheap Mac malware points up growing threat to Apple users

Dirt cheap Mac malware points up growing threat to Apple users | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Poorly written Mac NetWeird zombie available for just $60 online...

 

Read more:

http://www.v3.co.uk/v3-uk/news/2200826/dirt-cheap-mac-malware-points-up-growing-threat-to-apple-users

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac malware Crisis can spread to different environments

Mac malware Crisis can spread to different environments | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

The malware - dubbed Crisis or Morcut - was not spotted in the wild, but received by the security researcher from VirusTotal in the form of a JAR file, the analysis of which revealed that it contained a .class file named WebEnhancer, and two installers - one for Windows and the other for OS X.

 

Symantec's researchers have continued analyzing the file, and have recently discovered that the Windows version of the threat uses three methods to spread itself: to a removable disk drive, to a VMware virtual machine, and to a Windows Mobile device.

 

Read more:

http://www.net-security.org/malware_news.php?id=2235&utm_source=dlvr.it&utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Researcher finds serious SMS spoofing flaw on iOS

Researcher finds serious SMS spoofing flaw on iOS | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Summary: A well-known security researcher urges iPhone users to distrust the legitimacy of text messages at first sight.

 

A security research who goes by the handle "pod2g" has found a serious security vulnerability in the way iOS devices handle SMS messages, warning that this could be exploited by online criminals.

The flaw, which the researcher describes as "severe," exists since the beginning of the implementation of SMS in the iPhone, and is still there in iOS 6 beta 4.

 

According to a post on pod2g's blog, an attacker can exploit this flaw to send an SMS that seems to come from the receiver's bank asking for sensitive information or luring them to a maliciously rigged web site. In another scenario, an attacker could send a spoofed text message to an iPhone user to use as false evidence; or send spoofed messages to manipulate iPhone users into thinking they are receving legitimate SMS messages.

 

A MUST read:

http://www.zdnet.com/researcher-finds-serious-sms-spoofing-flaw-on-ios-7000002821/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Sécurité : Amazon et Apple prennent des mesures

Sécurité : Amazon et Apple prennent des mesures | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Suite aux mésaventures du journaliste Mat Honan qui a perdu le contrôle sur sa vie numérique, mais aussi le contenu de son ordinateur suite à une attaque vendredi soir (lire : Sécurité : Amazo...

 

En savoir plus :

http://www.macgeneration.com/news/voir/254352/securite-amazon-et-apple-prennent-des-mesures

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple, Amazon change their security policies following epic hack

Apple, Amazon change their security policies following epic hack | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

According to Wired, Amazon no longer allows people to call Amazon and change account settings such as email addresses and credit cards, and Apple has temporarily suspended the option of asking for an AppleID password reset over the phone.

 

Read more:

http://www.net-security.org/secworld.php?id=13392

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

How Apple and Amazon Security Flaws Led to My Epic Hacking

How Apple and Amazon Security Flaws Led to My Epic Hacking | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

By Mat Honan August 6, 2012 | 8:01 pm |

 

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages.

 

Read more:

http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/2/

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Apple soll schuld sein an Hacker-Angriff

Apple soll schuld sein an Hacker-Angriff | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Daten gelöscht aus der Ferne, Twitter- und Gmail-Account gekapert – ein amerikanischer Journalist gibt Apple die Schuld an einem besonders heftigen Hacker-Angriff.

 

 

 

 

 

===> Mittlerweile habe er wieder die Kontrolle über seine Accounts und Geräte. Apple arbeite an einer Wiederherstellung seiner Daten, die insofern erleichtert wird, weil dem Macbook der Strom ausging, bevor alle Daten gelöscht werden konnten. <===

 

Gust MEES: das muss man unbedingt lesen und schmunzeln ist garantiert, LOL ;)

 

http://www.pcwelt.de/news/Apple-soll-schuld-haben-an-Hacker-Angriff-6182702.html?r=761528923305658&amp;amp;amp;lid=189335

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

How Apple let a hacker remotely wipe an iPhone, iPad, MacBook

How Apple let a hacker remotely wipe an iPhone, iPad, MacBook | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Summary: Gizmodo's Twitter account was recently hacked, after a former employee's iCloud account was breached, and all his Apple devices (iPhone, iPad, MacBook Air) were remotely wiped.

 

Read more (nobody is perfect)...:

http://knolinfos.visibli.com/share/yETAZs

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Where are the Safari security updates for Windows and Snow Leopard? Users left exposed

Where are the Safari security updates for Windows and Snow Leopard? Users left exposed | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Apple released Safari 6 as part of its new Mac operating system, OS X Mountain Lion, as well as a version for Lion that fixes a whopping 121 security vulnerabilties.

 

Unfortunately, Apple did not release security updates for Safari for either Snow Leopard or Windows to coincide with the release of Safari 6.0.


===> Unfortunately for Apple, ignoring security issues that affect a large percentage of users does not make the security issues disappear. <===

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac malware spies on infected users through video and audio capture

Mac malware spies on infected users through video and audio capture | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
After further analysis, more information has emerged about the Morcut Mac OS X malware which was discovered this week.

 

Clearly OSX/Morcut-A was created with spying in mind, as its code includes hooks to control/monitor the following operations:

 

mouse coordinates
instant messengers (for instance, Skype [including call data], Adium and MSN Messenger)
location
internal webcam
clipboard contents
key presses
running applications
web URLs
screenshots
internal microphone
calendar data & alerts
device information
address book contents


===> In short, if this malware managed to infect your Mac computer it could learn an awful lot about you, and potentially steal information which could read your private messages and conversations, and open your email and other online accounts. <===

 

Read more:

http://nakedsecurity.sophos.com/2012/07/26/mac-malware-spies-morcut-crisis/?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+nakedsecurity+%28Naked+Security+-+Sophos%29

 

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple plugs staggering number of holes in Safari browser

Apple plugs staggering number of holes in Safari browser | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has released an update to its Safari browser, version 6, that plugs 121 security holes, most of which involve the WebKit rendering engine.

 

The Safari update fixes a staggering 121 vulnerabilities, 117 of those flaws in WebKit, a browser engine designed to render HTML webpages. Most of the WebKit vulnerabilities could result in an unexpected application termination or arbitrary code execution if the user visits a maliciously created website, according to the security update.

 

Apple also patched two issues with the handling of feed:// URLs – one is a cross-site scripting vulnerability that could be exploited if a user visited a maliciously crafted site, and the other is an access control issue that could be exploited to send files from a user’s system to a remote server.

 

Another Safari fix resolves a problem in which passwords may autocomplete even when the site specifies that autocomplete should be disabled.

 

Read more:

http://www.infosecurity-magazine.com/view/27219/apple-plugs-staggering-number-of-holes-in-safari-browser/?utm_source=twitterfeed&amp;utm_medium=twitter

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

After Malware Scare, Apple Makes First Appearance at Black Hat Conference

After Malware Scare, Apple Makes First Appearance at Black Hat Conference | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple will be making its first appearance at computer security conference Black Hat Thursday.

 

The first iOS malware app was confirmed earlier this month. Called “Find and Call” the app would have users upload all of their contact information to a server that would them spam all of their contacts with messages that appeared to come from the victim’s phone.

Hackers have started to pay more attention to the OSX platform.

 

Previously thought to be free from viruses and attacked, Apple computers have started to see a rise in malicious software attacks.

 

Read more:

http://mashable.com/2012/07/24/apple-black-hat/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New OSX/Crisis malware found for OS X 10.6 and 10.7

New OSX/Crisis malware found for OS X 10.6 and 10.7 | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
While the mode of infection is currently unknown, this new threat has uniquenesses over past malware for OS X. Read this blog post by Topher Kessler on MacFixIt.

 

Read more:

http://reviews.cnet.com/8301-13727_7-57479015-263/new-osx-crisis-malware-found-for-os-x-10.6-and-10.7/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple zombie malware 'NetWeird' rummages for browser and email passwords

Apple zombie malware 'NetWeird' rummages for browser and email passwords | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

When we write Naked Security articles about Mac malware, we often end up creating a bit of a stir.

So, with a deep breath, here's some Mac malware news: this time, it's a zombie Trojan called 'NetWeird...

 

Read more, a MUST:

http://nakedsecurity.sophos.com/2012/08/24/apple-zombie-malware-netweird-rummages-for-browser-and-email-passwords/?utm_source=twitter&amp;utm_medium=duckblog&amp;utm_campaign=naked%2Bsecurity

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Sicherheitslücke in iOS-SMS-System aufgedeckt

Sicherheitslücke in iOS-SMS-System aufgedeckt | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Eine Schwachstelle im Apple-Betriebssystem iOS könnte dazu führen, dass Kurznachrichten an die falsche Nummer geschickt werden.

 

Der Blogger Pod2g will Hinweise für eine Sicherheitslücke in iOS ausgemacht haben, die den Versand von SMS-Nachrichten auf dem iPhone betrifft. So wäre es möglich, Kurznachrichten im PDU-Format zu verfassen, deren Zieladresse sich über einen editierbaren Abschnitt namens PDU (Protocol Description Unit) ändern ließe. Antwortet der Nutzer auf eine solche SMS, dann könnte die Antwort nicht an den ehemaligen Absender, sondern an ein fremdes Smartphone geschickt werden.

 

Mehr lesen:

http://www.pcwelt.de/news/Apple-Sicherheitsluecke-in-iOS-SMS-System-aufgedeckt-6477693.html?r=661529125805606&amp;lid=191580

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Un compte iCloud piraté révèle des failles de sécurité chez Apple et Amazon (màj)

Un compte iCloud piraté révèle des failles de sécurité chez Apple et Amazon (màj) | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Mat Honan / Crédits : WiredLa mésaventure numérique vécue en fin de semaine dernière par Mathew Honan, journaliste américain officiant chez Wired et Gizmodo, a permis de mettre en avant deux mécanis...

 

 

 

En savoir plus :

http://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/hackers/actualite-504960-hack-mesaventure-journaliste-importantes-failles-apple-amazon.html

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

One-quarter of websites examined by testing service were malicious

One-quarter of websites examined by testing service were malicious | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
One-quarter of the 30,156 websites tested in the second quarter by Zscaler’s Zulu service, which tests the security of websites, were malicious, according to Zscaler’s second quarter 2012 State of the Web report.

 

The State of the Web report found that users are slow to update browser plug-ins and attackers know it, as witnessed by the Flashback Trojan, which infected over 650,000 Macs leveraging a Java vulnerability. However, the situation is improving. In the second quarter, 35% of installed Adobe Shockwave plug-ins were outdated, down from 52% in the fourth quarter of 2011.

 

Adobe Acrobat was the worst in terms of updating, with close to 62% of plug-ins being outdated in the second quarter, followed by Adobe Shockwave with 38%, Microsoft Outlook with 5.7%, and Adobe Flash with 4.3%.

 

===> “Outdated plug-ins are vulnerable to exploitation, and the bad guys know that”, Geide observed. <===

 

Read more:

http://www.infosecurity-magazine.com/view/27471/onequarter-of-websites-examined-by-testing-service-were-malicious/?utm_source=twitterfeed&amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iCloud Hacking Could Tarnish Apple's Image - Forbes

iCloud Hacking Could Tarnish Apple's Image - Forbes | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple (NASDAQ: AAPL) reportedly allowed a hacker to take over a journalist's iCloud account by deceiving the company's tech support team. What affect will this have on the future of Apple's success?

 

This situation could cause irreparable harm to Apple, which touts iCloud as an “automatic and effortless” offer that integrates into users’ apps. The iPhone maker heavily promotes the fact that iCloud allows users to backup and restore their data.

 

Read more:

http://www.forbes.com/sites/benzingainsights/2012/08/07/icloud-hacking-could-tarnish-apples-image/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Sécurité : Apple a donné trop facilement accès à un compte iCloud

Sécurité : Apple a donné trop facilement accès à un compte iCloud | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
L'affaire a fait grand bruit ce week-end : vendredi, Mat Honan, journaliste chez Wired a perdu les données personnelles sur son iPhone, iPad et son Mac.

 

En savoir plus :

http://www.macgeneration.com/news/voir/254122/securite-apple-a-donne-trop-facilement-acces-a-un-compte-icloud

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple Allowed Hackers Access To User's iCloud Account - Forbes

Apple Allowed Hackers Access To User's iCloud Account - Forbes | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Photo credit: Wikipedia

 

Is your iCloud account secured by a good password? That's not going to help you if Apple sidesteps your security and hands hackers access to your account. Yesterday I posted Mat Honan's tale of woe.

 

A MUST read:

http://www.forbes.com/sites/adriankingsleyhughes/2012/08/05/apple-allowed-hackers-access-to-users-icloud-account/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac Malware Spies On Email, Survives Reboots

Mac Malware Spies On Email, Survives Reboots | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Crisis malware lets attackers install without an administrator password and intercept email, IM, and other communications.

 

Mac users, beware new malware targeting Apple OS X systems that's disguised as an Adobe Flash Player installer.
That warning comes via antivirus software vendor Kaspersky Lab, which said it first spotted the Crisis malware--also known as Morcut--last week.

 

While not widespread, the malware's ability to intercept email and IM, among other features, demonstrates that malicious applications written to target Macs can be just as powerful as malware that comes gunning for PCs.

 

Read more, a MUST...:

http://www.informationweek.com/news/security/attacks/240004583?cid=RSSfeed_IWK_security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X Targeted By Clever New Trojan

Mac OS X Targeted By Clever New Trojan | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
A new Trojan dubbed 'OSX/Crisis' has been discovered which takes sneaky to a whole new level for infecting Mac OS X systems.

 

Andrew, director of security operations for nCircle, declared, “Mac malware is no joke. Despite Apple’s marketing hype about security, it should be obvious to everyone that their devices are susceptible to malware. Earlier this year the Flashback Trojan infected hundreds of thousands of Macs. The new OSX/Crisis malware is another Apple wake up call.”

 

For many Mac users, though, there is still a disconnect between realizing that the threat landscape has shifted, and actually doing something about it.

 

===> Mac users need to embrace the mindset that has been conditioned into Windows users over time, and install antimalware and other security tools to proactively protect against new attacks. <===

 

 

 ===> “Mac users are going to have to learn to be more security minded and Apple needs to step up and offer users practical, effective security support.” <===

 

Read more, a MUST:

http://www.pcworld.com/businesscenter/article/259963/mac_os_x_targeted_by_clever_new_trojan.html#tk.rss_main

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

All eyes on Apple with it set to take security public

All eyes on Apple with it set to take security public | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
In a first, Apple manager scheduled to take stage Thursday at Black Hat to discuss security technologies in iOS...

 

Beyond Flashback, research has shown that Macs are carrying malware unbeknownst to users. A security scan of 100,000 Macs found 3 percent infected with Mac-capable malware, according to anti-virus vendor Sophos. When Windows malware was included, one in five Macs were found to be harboring some type of malware.

 

While the Mac has been the primary target, hackers are taking notice of iOS. This month, Kaspersky Lab reported finding an iOS Trojan that uploaded a user's address book to a remote server. Spam messages with a URL to the application, called "Find and Call," were sent from the server to all the users' contacts.

 

For years hackers focused on Microsoft Windows PCs instead of Apple products, which had a fraction of the market share. Today,

 

===> Apple's success in selling the iPhone and iPad have made it the world's most valuable company and its products a potentially lucrative target for cybercriminals. <===

 

Read more:

http://www.csoonline.com/article/712227/all-eyes-on-apple-with-it-set-to-take-security-public?utm_source=dlvr.it&amp;utm_medium=twitter

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Mac malware spies on you via Adium, Firefox, Safari, Skype

New Mac malware spies on you via Adium, Firefox, Safari, Skype | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Summary: A new Mac OS X Trojan referred to as OSX/Crisis silently infects OS X 10.6 Snow Leopard and OS X 10.7 Lion. It then spies on the user by monitoring Adium, Firefox, Microsoft Messenger, Safari, and Skype.

 

Read more:

http://www.zdnet.com/new-mac-malware-spies-on-you-via-adium-firefox-safari-skype-7000001665/

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Mac backdoor Trojan spotted

New Mac backdoor Trojan spotted | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

A new Mac Trojan - dubbed Crisis or Morcut - has been spotted but, luckily, not in the wild.

 

Security firms Intego and Sophos have picked up samples from Virus Total, which shares the samples submitted to it with AV developers, and the fact that it could be found only there shows that the threat is extremely low risk.

 

Nevertheless, the malware itself is far from harmless.

It can compromise the last two version of Apple's OS X (10.6 and 10.7) and it doesn't require a password to be entered to do it.

 

Read more:

http://www.net-security.org/malware_news.php?id=2197&amp;utm_source=dlvr.it&amp;utm_medium=twitter

 

more...
No comment yet.