Apple, Mac, iOS4, iPad, iPhone and (in)security...
10.0K views | +0 today
Follow
Apple, Mac, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Panic over! Apple fixes iPhone 6S lockscreen bug

Panic over! Apple fixes iPhone 6S lockscreen bug | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple just fixed yet another lockscreen bug caused by Siri... and you didn't even need to download an update.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Apple just fixed yet another lockscreen bug caused by Siri... and you didn't even need to download an update.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple promises iOS fix “soon” for crashes in Safari and other apps

Apple promises iOS fix “soon” for crashes in Safari and other apps | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple made iOS 9.3 available last week, fixing a number of serious security holes.

But it hasn’t been plain sailing for everyone, with hundreds of Apple users complaining in the Apple Support Communities and on Twitter that links in Safari, Mail, Messages and other apps sometimes cause their iDevices to crash, freeze or hang.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Apple made iOS 9.3 available last week, fixing a number of serious security holes.

But it hasn’t been plain sailing for everyone, with hundreds of Apple users complaining in the Apple Support Communities and on Twitter that links in Safari, Mail, Messages and other apps sometimes cause their iDevices to crash, freeze or hang.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Opening a PDF on your iPhone could infect it with malware | #Update asap!!!

Opening a PDF on your iPhone could infect it with malware | #Update asap!!! | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Newly-disclosed vulnerability reveals that an attacker could send you a boobytrapped PDF that would cause malicious code to run on your iPhone.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

Newly-disclosed vulnerability reveals that an attacker could send you a boobytrapped PDF that would cause malicious code to run on your iPhone.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
Fernando de la Cruz Naranjo Grisales's curator insight, March 25, 4:36 PM

Newly-disclosed vulnerability reveals that an attacker could send you a boobytrapped PDF that would cause malicious code to run on your iPhone.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

Scooped by Gust MEES
Scoop.it!

iOS malware AceDeceiver can infect non-jailbroken Apple devices | #iPad #iPhone

iOS malware AceDeceiver can infect non-jailbroken Apple devices | #iPad #iPhone | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
This new strain of malware designed for the iPhone and iPad poses a major risk to hundreds of millions of devices, because it can infect non-jailbroken devices without the user's knowledge.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=AceDeceiver

 

 

Gust MEES's insight:
This new strain of malware designed for the iPhone and iPad poses a major risk to hundreds of millions of devices, because it can infect non-jailbroken devices without the user's knowledge.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=AceDeceiver

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

First Mac-targeting ransomware hits Transmission users, researchers say | Apple | CyberSecurity | Apps

First Mac-targeting ransomware hits Transmission users, researchers say | Apple | CyberSecurity | Apps | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Rogue copy of BitTorrent client results in KeRanger install, which demands 1 bitcoin.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

Gust MEES's insight:
Rogue copy of BitTorrent client results in KeRanger install, which demands 1 bitcoin.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

First known OS X ransomware spotted in Mac torrenting app | CyberSecurity | Nobody Is Perfect | Apple

First known OS X ransomware spotted in Mac torrenting app | CyberSecurity | Nobody Is Perfect | Apple | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Users of BitTorrent client app Transmission became the first reported victims of Mac ransomware this week. People who downloaded infected versions of the app also received "KeRanger" malware, 9to5Mac says, nefarious software that would encrypt a user's hard drive three days after being installed and demand payment to unlock the data.

 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

 

Gust MEES's insight:
Users of BitTorrent client app Transmission became the first reported victims of Mac ransomware this week. People who downloaded infected versions of the app also received "KeRanger" malware, 9to5Mac says, nefarious software that would encrypt a user's hard drive three days after being installed and demand payment to unlock the data.

 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

10 Years of Mac Malware: How OS X Threats Have Evolved [Infographic] | CyberSecurity | Apple 

10 Years of Mac Malware: How OS X Threats Have Evolved [Infographic] | CyberSecurity | Apple  | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
This infographic timeline highlights the nastiest, most prevalent Mac OS X security threats to demonstrate just how Mac malware has evolved over the past 10 years.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
This infographic timeline highlights the nastiest, most prevalent Mac OS X security threats to demonstrate just how Mac malware has evolved over the past 10 years.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Available On THE AppStore: 'Huge' number of Mac apps are vulnerable to man-in-the-middle attacks | Apple | Nobody Is Perfect | CyberSecurity

Available On THE AppStore: 'Huge' number of Mac apps are vulnerable to man-in-the-middle attacks | Apple | Nobody Is Perfect | CyberSecurity | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Many of OS X’s most popular apps were recently revealed to be vulnerable to man-in-the-middle (MiTM) attacks.

The vulnerability specifically targets those that use Sparkle — a third-party software update framework — and unencrypted HTTP connections.

A security engineer from Vulnsec, known as Radek, said the vulnerability works on both El Capitan and its predecessor, Yosemite.

The total number of apps affected isn’t known, but Radek did estimate the number to be “huge.” Some of those confirmed as vulnerable are:

Camtasia 2 (v2.10.4)
DuetDisplay (v1.5.2.4)
uTorrent (v1.8.7)
Sketch (v3.5.1)
Additionally, security researcher Jonathan Zdziarski told Ars Technica that the ‘Hopper’ reverse engineering tool and ‘DXO Optics Pro’ are also susceptible.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



Gust MEES's insight:
Many of OS X’s most popular apps were recently revealed to be vulnerable to man-in-the-middle (MiTM) attacks.

The vulnerability specifically targets those that use Sparkle — a third-party software update framework — and unencrypted HTTP connections.

A security engineer from Vulnsec, known as Radek, said the vulnerability works on both El Capitan and its predecessor, Yosemite.

The total number of apps affected isn’t known, but Radek did estimate the number to be “huge.” Some of those confirmed as vulnerable are:

Camtasia 2 (v2.10.4)
DuetDisplay (v1.5.2.4)
uTorrent (v1.8.7)
Sketch (v3.5.1)
Additionally, security researcher Jonathan Zdziarski told Ars Technica that the ‘Hopper’ reverse engineering tool and ‘DXO Optics Pro’ are also susceptible.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
Gust MEES's curator insight, February 14, 6:41 PM
Many of OS X’s most popular apps were recently revealed to be vulnerable to man-in-the-middle (MiTM) attacks.

The vulnerability specifically targets those that use Sparkle — a third-party software update framework — and unencrypted HTTP connections.

A security engineer from Vulnsec, known as Radek, said the vulnerability works on both El Capitan and its predecessor, Yosemite.

The total number of apps affected isn’t known, but Radek did estimate the number to be “huge.” Some of those confirmed as vulnerable are:

Camtasia 2 (v2.10.4)
DuetDisplay (v1.5.2.4)
uTorrent (v1.8.7)
Sketch (v3.5.1)
Additionally, security researcher Jonathan Zdziarski told Ars Technica that the ‘Hopper’ reverse engineering tool and ‘DXO Optics Pro’ are also susceptible.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Scooped by Gust MEES
Scoop.it!

MacKeeper carelessly leaves 13 million Mac users exposed | Apple | Nobody Is Perfect

MacKeeper carelessly leaves 13 million Mac users exposed | Apple | Nobody Is Perfect | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Researcher Chris Vickery stumbled across over 13 million sensitive account details related to MacKeeper, after using the Shodan search engine to hunt for database servers left open to the internet, that required no authentication.

Sure enough, Vickery's search found four different IP addresses of servers belonging to Kromtech.

And on those servers, Vickery found over 20GB of MacKeeper user data - including names, email addresses, phone numbers, IP addresses, software licenses, system information and users' hashed passwords.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Researcher Chris Vickery stumbled across over 13 million sensitive account details related to MacKeeper, after using the Shodan search engine to hunt for database servers left open to the internet, that required no authentication.

Sure enough, Vickery's search found four different IP addresses of servers belonging to Kromtech.

And on those servers, Vickery found over 20GB of MacKeeper user data - including names, email addresses, phone numbers, IP addresses, software licenses, system information and users' hashed passwords.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple security updates a sign of things to come | CyberSecurity

Apple security updates a sign of things to come | CyberSecurity | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
While Patch Tuesday is a well-known event for Microsoft and Adobe users, Apple product owners this week received a dose of reality when they found themselves on the receiving end of several security updates.

Apple released multiple updates that touch most of its product portfolio and Apple fans can look forward to more of the same as the company's devices are targeted by cybercriminals, according to Symantec blogger and senior information developer Dick O'Brien. While the number of threats is miniscule compared to what Microsoft, Google and Adobe users face, they are increasing.


Learn more / Mehr erfahren / En savoir plus :


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Patch+Tuesday+made+in+Apple


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
While Patch Tuesday is a well-known event for Microsoft and Adobe users, Apple product owners this week received a dose of reality when they found themselves on the receiving end of several security updates.

Apple released multiple updates that touch most of its product portfolio and Apple fans can look forward to more of the same as the company's devices are targeted by cybercriminals, according to Symantec blogger and senior information developer Dick O'Brien. While the number of threats is miniscule compared to what Microsoft, Google and Adobe users face, they are increasing.


Learn more / Mehr erfahren / En savoir plus :


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Patch+Tuesday+made+in+Apple


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X malware is heating up | Apple | Nobody Is Perfect | CyberSecurity

Mac OS X malware is heating up | Apple | Nobody Is Perfect | CyberSecurity | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
A new threat research report conducted by Bit9+ Carbon Black’s research team found that in 2015, there was 948 malware instances. The number of  OS X malware samples this year is five times greater than in 2010-2014 combined — where there was only 180 malware instances over a four-year period. Based on observations in a 10-week analysis: the research team anticipates MAC OS X malware to surge in the coming months.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
A new threat research report conducted by Bit9+ Carbon Black’s research team found that in 2015, there was 948 malware instances. The number of  OS X malware samples this year is five times greater than in 2010-2014 combined — where there was only 180 malware instances over a four-year period. Based on observations in a 10-week analysis: the research team anticipates MAC OS X malware to surge in the coming months.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iOS 9 Can Now Finally Be Remotely Jailbroken | Apple | ZERODIUM | Nobody Is Perfect

iOS 9 Can Now Finally Be Remotely Jailbroken | Apple | ZERODIUM | Nobody Is Perfect | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Bad news iOS 9 users. Someone has developed a way of jailbreaking your iPhone or iPad and spying on you, in a way that is currently unstoppable.


This new hack has implications far exceeding the million dollar bounty.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=ZERODIUM


Gust MEES's insight:
Bad news iOS 9 users. Someone has developed a way of jailbreaking your iPhone or iPad and spying on you, in a way that is currently unstoppable.


This new hack has implications far exceeding the million dollar bounty.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=ZERODIUM


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Hackers Claim Million-Dollar Bounty for iOS Zero Day Attack | Zerodium | Apple | Nobody Is Perfect

Hackers Claim Million-Dollar Bounty for iOS Zero Day Attack | Zerodium | Apple | Nobody Is Perfect | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
HACKING APPLE’S IOS isn’t easy. But in the world of cybersecurity, even the hardest target isn’t impossible—only expensive. And the price of a working attack that can compromise the latest iPhone is apparently somewhere around $1 million.

On Monday, the security startup Zerodium announced that it’s agreed to pay out that seven-figure sum to a team of hackers who have successfully developed a technique that can hack any iPhone or iPad that can be tricked into visiting a carefully crafted web site. Zerodium describes that technique as a “jailbreak”—a term used by iPhone owners to hack their own phones to install unauthorized apps. But make no mistake: Zerodium and its founder Chaouki Bekrar have made clear that its customers include governments who no doubt use such “zero-day” hacking techniques on unwitting surveillance targets.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=ZERODIUM




Gust MEES's insight:
HACKING APPLE’S IOS isn’t easy. But in the world of cybersecurity, even the hardest target isn’t impossible—only expensive. And the price of a working attack that can compromise the latest iPhone is apparently somewhere around $1 million.

On Monday, the security startup Zerodium announced that it’s agreed to pay out that seven-figure sum to a team of hackers who have successfully developed a technique that can hack any iPhone or iPad that can be tricked into visiting a carefully crafted web site. Zerodium describes that technique as a “jailbreak”—a term used by iPhone owners to hack their own phones to install unauthorized apps. But make no mistake: Zerodium and its founder Chaouki Bekrar have made clear that its customers include governments who no doubt use such “zero-day” hacking techniques on unwitting surveillance targets.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=ZERODIUM


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple releases iOS 9.3.1 to kill the app-freezing Safari bug

Apple releases iOS 9.3.1 to kill the app-freezing Safari bug | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Earlier this week we reported a bug in iOS 9.3 that caused apps to become unresponsive after tapping on links in Safari. The bug seemed to affect any iOS device, but was most prevalent on the iPhone 6s and 6s Plus.

Today, Apple released an update to fix the problem.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Earlier this week we reported a bug in iOS 9.3 that caused apps to become unresponsive after tapping on links in Safari. The bug seemed to affect any iOS device, but was most prevalent on the iPhone 6s and 6s Plus.

Today, Apple released an update to fix the problem.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iOS 9.3 to fix serious iMessages encryption flaw | #Update asap!!!

iOS 9.3 to fix serious iMessages encryption flaw | #Update asap!!! | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

For some time, Apple has forcefully pushed a message to consumers that it takes privacy seriously.
Here, for instance, is what Apple’s website says about its approach to privacy when it comes to iMessages:
Your iMessages and FaceTime calls are your business, not ours. Your communications are protected by end-to-end encryption across all your devices when you use iMessage and FaceTime...

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

For some time, Apple has forcefully pushed a message to consumers that it takes privacy seriously.
Here, for instance, is what Apple’s website says about its approach to privacy when it comes to iMessages:
Your iMessages and FaceTime calls are your business, not ours. Your communications are protected by end-to-end encryption across all your devices when you use iMessage and FaceTime...

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple iPhone zero-day could let crooks steal photos, videos and more…

Apple iPhone zero-day could let crooks steal photos, videos and more… | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Well known American cryptographer Matthew Green has just announced a zero-day flaw in Apple’s iMessage, and perhaps in other online Apple services.

Green and a team of students from Johns Hopkins University in Baltimore, Maryland, figured out a cryptographic flaw in the way iPhones interact with Apple’s servers.

(To give them their due, the students are named by The Register as: Ian Miers, Christina Garman, Gabriel Kaptchuk, and Michael Rushanan.)

The hole apparently allows a determined attacker to shake loose photos and videos sent via Apple’s iMessage service by figuring out the needed cryptographic secrets bit-by-bit, photo-by-photo.

In other words, this is not a trivial attack; it doesn’t break open any of your Apple accounts to give open access to crooks; and it doesn’t let an attacker download all your digital treasures in one go.

As far as we can see, you get one photo or video each time you mount the attack, about which the abovementioned Ian Miers has tweeted “you have 14 hours to guess what the attack is.”

That tweet was 8 hours ago [as at 2016-03-21T12:30Z], so perhaps he means that Apple’s fix is coming out in six hours’ time, because the team’s paper will intentionally only be published after Apple ships its patch.

Miers also tweeted that “[t]he attack is more interesting than just attachments and affected more than just iMessage. Apple had to fix other apps, but won’t say what.”

Ah, the mystery!

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Well known American cryptographer Matthew Green has just announced a zero-day flaw in Apple’s iMessage, and perhaps in other online Apple services.

Green and a team of students from Johns Hopkins University in Baltimore, Maryland, figured out a cryptographic flaw in the way iPhones interact with Apple’s servers.

(To give them their due, the students are named by The Register as: Ian Miers, Christina Garman, Gabriel Kaptchuk, and Michael Rushanan.)

The hole apparently allows a determined attacker to shake loose photos and videos sent via Apple’s iMessage service by figuring out the needed cryptographic secrets bit-by-bit, photo-by-photo.

In other words, this is not a trivial attack; it doesn’t break open any of your Apple accounts to give open access to crooks; and it doesn’t let an attacker download all your digital treasures in one go.

As far as we can see, you get one photo or video each time you mount the attack, about which the abovementioned Ian Miers has tweeted “you have 14 hours to guess what the attack is.”

That tweet was 8 hours ago [as at 2016-03-21T12:30Z], so perhaps he means that Apple’s fix is coming out in six hours’ time, because the team’s paper will intentionally only be published after Apple ships its patch.

Miers also tweeted that “[t]he attack is more interesting than just attachments and affected more than just iMessage. Apple had to fix other apps, but won’t say what.”

Ah, the mystery!

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
Fernando de la Cruz Naranjo Grisales's curator insight, March 25, 4:36 PM
Well known American cryptographer Matthew Green has just announced a zero-day flaw in Apple’s iMessage, and perhaps in other online Apple services.

Green and a team of students from Johns Hopkins University in Baltimore, Maryland, figured out a cryptographic flaw in the way iPhones interact with Apple’s servers.

(To give them their due, the students are named by The Register as: Ian Miers, Christina Garman, Gabriel Kaptchuk, and Michael Rushanan.)

The hole apparently allows a determined attacker to shake loose photos and videos sent via Apple’s iMessage service by figuring out the needed cryptographic secrets bit-by-bit, photo-by-photo.

In other words, this is not a trivial attack; it doesn’t break open any of your Apple accounts to give open access to crooks; and it doesn’t let an attacker download all your digital treasures in one go.

As far as we can see, you get one photo or video each time you mount the attack, about which the abovementioned Ian Miers has tweeted “you have 14 hours to guess what the attack is.”

That tweet was 8 hours ago [as at 2016-03-21T12:30Z], so perhaps he means that Apple’s fix is coming out in six hours’ time, because the team’s paper will intentionally only be published after Apple ships its patch.

Miers also tweeted that “[t]he attack is more interesting than just attachments and affected more than just iMessage. Apple had to fix other apps, but won’t say what.”

Ah, the mystery!

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Scooped by Gust MEES
Scoop.it!

Here's how easy it is to get past an iPhone's fingerprint sensor | Apple | Nobody Is Perfect

Here's how easy it is to get past an iPhone's fingerprint sensor | Apple | Nobody Is Perfect | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
All you need is a dental mould and some Play-Doh.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
All you need is a dental mould and some Play-Doh.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
Scooped by Gust MEES
Scoop.it!

Mac Users Hit by Rare Ransomware Attack, Spread via Transmission BitTorrent App | Apple | CyberSecurity

Mac Users Hit by Rare Ransomware Attack, Spread via Transmission BitTorrent App | Apple | CyberSecurity | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Sadly it seems clear that ransomware has well and truly arrived for OS X.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

Gust MEES's insight:
Sadly it seems clear that ransomware has well and truly arrived for OS X.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

All your Mac's old install CDs won't work anymore | Nobody Is Perfect | Apple | EdTech 

All your Mac's old install CDs won't work anymore | Nobody Is Perfect | Apple | EdTech  | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
When Apple’s Worldwide Developer Certificate expired in February it caused problems for some developers, but another major problem that’s going to affect more people has just surfaced: it breaks OS X installers.

If you’ve created an OS X installation CD or downloaded an installer it won’t work anymore because it can’t be verified with Apple. To get it going again, you need to re-download the entire installer and create a new CD, which is an utter hassle.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

Gust MEES's insight:
When Apple’s Worldwide Developer Certificate expired in February it caused problems for some developers, but another major problem that’s going to affect more people has just surfaced: it breaks OS X installers.

If you’ve created an OS X installation CD or downloaded an installer it won’t work anymore because it can’t be verified with Apple. To get it going again, you need to re-download the entire installer and create a new CD, which is an utter hassle.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Discover how many ways there were to hack your Apple TV | IoT | Internet Of Things | CyberSecurity

Discover how many ways there were to hack your Apple TV | IoT | Internet Of Things | CyberSecurity | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

IoT devices are enlarging our attack surface, we are surrounded by devices that manage a huge quantity of information and that could be abused by hackers.

Apple has patched more than 60 vulnerabilities affecting the Apple TV, including flaws that can lead to arbitrary code execution, information disclosure, crash of the application, modifications to protect parts of the filesystem.

This new release of Apple TV version 7.2.1, comes 10 months after the lasted update issued in April 2015. The new version fixes a number of security vulnerabilities in several components of the Apple TV. The company has patched 33 issued, collectively referenced in 58 CVEs, Apple fixed 19 code execution holes that could be exploited with crafted web content.

The changes will be automatically applied to the users that have enabled the automatic updates.


Learn more / En savoir plus / Mehr erfahren:


https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/


http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine


http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things


http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV


http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things


http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/


http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



Gust MEES's insight:

IoT devices are enlarging our attack surface, we are surrounded by devices that manage a huge quantity of information and that could be abused by hackers.

Apple has patched more than 60 vulnerabilities affecting the Apple TV, including flaws that can lead to arbitrary code execution, information disclosure, crash of the application, modifications to protect parts of the filesystem.

This new release of Apple TV version 7.2.1, comes 10 months after the lasted update issued in April 2015. The new version fixes a number of security vulnerabilities in several components of the Apple TV. The company has patched 33 issued, collectively referenced in 58 CVEs, Apple fixed 19 code execution holes that could be exploited with crafted web content.

The changes will be automatically applied to the users that have enabled the automatic updates.


Learn more / En savoir plus / Mehr erfahren:


https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/


http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine


http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things


http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV


http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things


http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/


http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Software with the most vulnerabilities in 2015: Mac OS X, iOS, and Flash | Apple | Nobody Is Perfect

Software with the most vulnerabilities in 2015: Mac OS X, iOS, and Flash | Apple | Nobody Is Perfect | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/securite-pc-et-internet


Gust MEES's insight:
Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/securite-pc-et-internet


more...
Gust MEES's curator insight, January 1, 11:39 AM
Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/securite-pc-et-internet


Umberto Orefice's curator insight, January 2, 11:09 AM

Good to know..

Dennis Swender's curator insight, March 13, 10:07 AM
Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/securite-pc-et-internet


Scooped by Gust MEES
Scoop.it!

Cybercriminals will target Apple in 2016, say experts - BBC News | CyberSecurity

Cybercriminals will target Apple in 2016, say experts - BBC News | CyberSecurity | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Cybercriminals are increasingly targeting Apple devices and 2016 will see a rise in attacks on its operating systems, security experts suggest.

According to security firm Symantec, the amount of malware aimed at Apple's mobile operating system (iOS) has more than doubled this year, while threats to Mac computers also rose.

Security firm FireEye also expects 2016 to be a bumper year for Apple malware.

Systems such as Apple Pay could be targeted, it predicts.

Apple is an obvious target for cybercriminals because its products are so popular, said Dick O'Brien, a researcher at Symantec.

While the total number of threats targeting Apple devices remains low compared with Windows and Android, Symantec is seeing the range of threats multiply.

Last year, it was seeing a monthly average of between 10,000 and 70,000 Mac computers infected with malware.

"This is far fewer than Windows desktops and we don't want to scaremonger. Apple remains a relatively safe platform but Apple users can no longer be complacent about security, as the number of infections and new threats rise," said Mr O'Brien.

The number of unique OS X computers infected with malware in the first nine months of 2015 was seven times higher than in all of 2014, its research found.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

Cybercriminals are increasingly targeting Apple devices and 2016 will see a rise in attacks on its operating systems, security experts suggest.

According to security firm Symantec, the amount of malware aimed at Apple's mobile operating system (iOS) has more than doubled this year, while threats to Mac computers also rose.

Security firm FireEye also expects 2016 to be a bumper year for Apple malware.

Systems such as Apple Pay could be targeted, it predicts.

Apple is an obvious target for cybercriminals because its products are so popular, said Dick O'Brien, a researcher at Symantec.

While the total number of threats targeting Apple devices remains low compared with Windows and Android, Symantec is seeing the range of threats multiply.

Last year, it was seeing a monthly average of between 10,000 and 70,000 Mac computers infected with malware.

"This is far fewer than Windows desktops and we don't want to scaremonger. Apple remains a relatively safe platform but Apple users can no longer be complacent about security, as the number of infections and new threats rise," said Mr O'Brien.

The number of unique OS X computers infected with malware in the first nine months of 2015 was seven times higher than in all of 2014, its research found.



Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple | Mac App Store Security Glitch Forced Users to Reinstall Apps | Nobody Is Perfect

Apple | Mac App Store Security Glitch Forced Users to Reinstall Apps | Nobody Is Perfect | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

A security glitch last night has caused uproar among Mac users after it forced many to reinstall software downloaded from the Mac App Store. It appears the security certificate Apple uses to prevent piracy expired overnight on Wednesday, causing trouble with Mac users’ apps.

Alex Hern, writing for The Guardian, further explained what happened, saying:

“Applications downloaded from the Mac App Store were temporarily unavailable from 10PM UK time, when a security certificate expired, five years after its creation, with no replacement immediately available.”

The issue was first spotted by a Mac and iOS developer, Paul Haddad,

...


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

A security glitch last night has caused uproar among Mac users after it forced many to reinstall software downloaded from the Mac App Store. It appears the security certificate Apple uses to prevent piracy expired overnight on Wednesday, causing trouble with Mac users’ apps.

Alex Hern, writing for The Guardian, further explained what happened, saying:

“Applications downloaded from the Mac App Store were temporarily unavailable from 10PM UK time, when a security certificate expired, five years after its creation, with no replacement immediately available.”

The issue was first spotted by a Mac and iOS developer, Paul Haddad,

...


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X Malware Soars in 2015

Mac OS X Malware Soars in 2015 | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
“For years, Mac users have watched their PC-using counterparts struggle with cyber-attacks, while enjoying the relative immunity that their hardware provides from malware. This view is becoming increasingly outdated; our research shows that Mac users should be just as worried,” argued Bit9 + Carbon Black Emea MD, David Flower.

“With 45 per cent of businesses now offering Macs as an option to staff, our research should be seen as a timely reminder that every device on the network is a potential target—businesses can’t just rely on a clearly outdated perception of invulnerability.”


Mac malware is set to accelerate over the coming months after having its most prolific year ever so far in 2015, according to new research from endpoint security firm Bit9 + Carbon Black.


After an analysis of the year so far, the vendor concluded that five times more Mac malware appeared in 2015 than the previous five years combined.  


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
For years, Mac users have watched their PC-using counterparts struggle with cyber-attacks, while enjoying the relative immunity that their hardware provides from malware. This view is becoming increasingly outdated; our research shows that Mac users should be just as worried,” argued Bit9 + Carbon Black Emea MD, David Flower.

“With 45 per cent of businesses now offering Macs as an option to staff, our research should be seen as a timely reminder that every device on the network is a potential target—businesses can’t just rely on a clearly outdated perception of invulnerability.”


Mac malware is set to accelerate over the coming months after having its most prolific year ever so far in 2015, according to new research from endpoint security firm Bit9 + Carbon Black.


After an analysis of the year so far, the vendor concluded that five times more Mac malware appeared in 2015 than the previous five years combined.  


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Hackers claim $1 million bounty after remotely jailbreaking iPhones | Apple | ZERODIUM | Nobody Is Perfect

Hackers claim $1 million bounty after remotely jailbreaking iPhones | Apple | ZERODIUM | Nobody Is Perfect | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple devices are generally considered by security experts to be safe, and rather difficult to hack. But difficult doesn’t mean impossible.

Over the weekend someone proved just how possible it is to hack at least one of these devices, the iPhone.

The hack came about as part of a challenge issued in September by bug bounty startup Zeriodium, which offered up a million dollar bounty for “an exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices” that was set to expire on October 31.


This new hack has implications far exceeding the million dollar bounty.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=ZERODIUM



Gust MEES's insight:
Apple devices are generally considered by security experts to be safe, and rather difficult to hack. But difficult doesn’t mean impossible.

Over the weekend someone proved just how possible it is to hack at least one of these devices, the iPhone.

The hack came about as part of a challenge issued in September by bug bounty startup Zeriodium, which offered up a million dollar bounty for “an exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices” that was set to expire on October 31.


This new hack has implications far exceeding the million dollar bounty.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=ZERODIUM


more...
No comment yet.