Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
10.1K views | +2 today
Follow
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

iOS / OS X : un faille critique touche presque toutes les versions | #Apple #CyberSecurity #Mac

iOS / OS X : un faille critique touche presque toutes les versions | #Apple #CyberSecurity #Mac | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Des chercheurs de SentinelOne ont mis au jour une importante faille de sécurité qui touche presque la totalité des versions d'iOS et de Mac OS X. Cette dernière permet de réécrire la mémoire afin de prendre le contrôle d'un Mac ou d'un appareil sous iOS et d'exécuter des commandes illicites. Là où le bât blesse, est que ce type d'attaque est difficilement décelable, il est donc possible d'être infecté sans s'en rendre compte et réagir. 

Cette vulnérabilité découverte début 2015 et présentée à Apple en janvier 2016 a été corrigée sur les dernières versions d'iOS 9.3 et OS X 10.11.4, vous n'avez pas effectué ces MAJ, on ne peut donc que vous recommander de le faire. L'utilisation de cette faille est complexe et n'est pas du ressort de tout le monde, à ce jour selon les chercheurs de SentinelOne aucun virus ne semble l'exploiter. 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Des chercheurs de SentinelOne ont mis au jour une importante faille de sécurité qui touche presque la totalité des versions d'iOS et de Mac OS X. Cette dernière permet de réécrire la mémoire afin de prendre le contrôle d'un Mac ou d'un appareil sous iOS et d'exécuter des commandes illicites. Là où le bât blesse, est que ce type d'attaque est difficilement décelable, il est donc possible d'être infecté sans s'en rendre compte et réagir. 

Cette vulnérabilité découverte début 2015 et présentée à Apple en janvier 2016 a été corrigée sur les dernières versions d'iOS 9.3 et OS X 10.11.4, vous n'avez pas effectué ces MAJ, on ne peut donc que vous recommander de le faire. L'utilisation de cette faille est complexe et n'est pas du ressort de tout le monde, à ce jour selon les chercheurs de SentinelOne aucun virus ne semble l'exploiter. 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X – Attention à ne pas être pris en otage par le ransomware KeRanger | CyberSecurity | CyberCrime

Mac OS X – Attention à ne pas être pris en otage par le ransomware KeRanger | CyberSecurity | CyberCrime | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Des chercheurs en sécurité ont découvert ce qu’ils pensent être la toute première attaque par ransomware ou rançongiciel ciblant les utilisateurs de Mac d’Apple. Cette menace est actuellement active sur Internet et se diffuse via un logiciel de téléchargement de fichiers Torrent.

Cette attaque a été détectée en toute fin de semaine dernière par des chercheurs de Palo Alto Networks. Ces derniers ont donc identifié un ransomware, "KeRanger", dissimulé au sein d’un client BitTorrent populaire sous OS X, Transmission.

400 dollars pour récupérer ses fichiers 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

Gust MEES's insight:
Des chercheurs en sécurité ont découvert ce qu’ils pensent être la toute première attaque par ransomware ou rançongiciel ciblant les utilisateurs de Mac d’Apple. Cette menace est actuellement active sur Internet et se diffuse via un logiciel de téléchargement de fichiers Torrent.

Cette attaque a été détectée en toute fin de semaine dernière par des chercheurs de Palo Alto Networks. Ces derniers ont donc identifié un ransomware, "KeRanger", dissimulé au sein d’un client BitTorrent populaire sous OS X, Transmission.

400 dollars pour récupérer ses fichiers 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

First Mac-targeting ransomware hits Transmission users, researchers say | Apple | CyberSecurity | Apps

First Mac-targeting ransomware hits Transmission users, researchers say | Apple | CyberSecurity | Apps | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Rogue copy of BitTorrent client results in KeRanger install, which demands 1 bitcoin.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

Gust MEES's insight:
Rogue copy of BitTorrent client results in KeRanger install, which demands 1 bitcoin.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

First known OS X ransomware spotted in Mac torrenting app | CyberSecurity | Nobody Is Perfect | Apple

First known OS X ransomware spotted in Mac torrenting app | CyberSecurity | Nobody Is Perfect | Apple | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Users of BitTorrent client app Transmission became the first reported victims of Mac ransomware this week. People who downloaded infected versions of the app also received "KeRanger" malware, 9to5Mac says, nefarious software that would encrypt a user's hard drive three days after being installed and demand payment to unlock the data.

 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

 

Gust MEES's insight:
Users of BitTorrent client app Transmission became the first reported victims of Mac ransomware this week. People who downloaded infected versions of the app also received "KeRanger" malware, 9to5Mac says, nefarious software that would encrypt a user's hard drive three days after being installed and demand payment to unlock the data.

 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

10 Years of Mac Malware: How OS X Threats Have Evolved [Infographic] | CyberSecurity | Apple 

10 Years of Mac Malware: How OS X Threats Have Evolved [Infographic] | CyberSecurity | Apple  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
This infographic timeline highlights the nastiest, most prevalent Mac OS X security threats to demonstrate just how Mac malware has evolved over the past 10 years.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
This infographic timeline highlights the nastiest, most prevalent Mac OS X security threats to demonstrate just how Mac malware has evolved over the past 10 years.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

OceanLotus OS X Malware Disguises Itself as Adobe Flash Update | CyberSecurity | Apple | Mac

OceanLotus OS X Malware Disguises Itself as Adobe Flash Update | CyberSecurity | Apple | Mac | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Is your Mac protected against the OS X version of OceanLotus, a sophisticated trojan horse that has been used to spy against businesses and government agencies?


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Is your Mac protected against the OS X version of OceanLotus, a sophisticated trojan horse that has been used to spy against businesses and government agencies?


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Flaw in Sparkle Updater for Mac opens users of popular apps to system compromise

Flaw in Sparkle Updater for Mac opens users of popular apps to system compromise | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

A security engineer has recently discovered a serious vulnerability in Sparkle, the widely used open source software update framework for Mac applications, that could be exploited by attackers to mount a man-in-the-middle attack and ultimately take control of the computer if they are located on the same network.

Since it inception in 2006, Sparkle slowly became the de-facto standard for OS X application updates. It is used by many, many popular applicationsincluding Evernote, Coda, VLC Media Player, Slack, and TeamViewer (to name a few), but not all these apps are vulnerable to this attack.

That's because the flaw can be exploited only if the app using the vulnerable version of Sparkle also uses HTTP to receive updates.

"The vulnerability is not in code signing itself. It exists due to the functionality provided by the WebKit view that allows JavaScript execution and the ability to modify unencrypted HTTP traffic (XML response)," explained the researcher, who goes by the name of Radek.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



Gust MEES's insight:

A security engineer has recently discovered a serious vulnerability in Sparkle, the widely used open source software update framework for Mac applications, that could be exploited by attackers to mount a man-in-the-middle attack and ultimately take control of the computer if they are located on the same network.

Since it inception in 2006, Sparkle slowly became the de-facto standard for OS X application updates. It is used by many, many popular applicationsincluding Evernote, Coda, VLC Media Player, Slack, and TeamViewer (to name a few), but not all these apps are vulnerable to this attack.

That's because the flaw can be exploited only if the app using the vulnerable version of Sparkle also uses HTTP to receive updates.

"The vulnerability is not in code signing itself. It exists due to the functionality provided by the WebKit view that allows JavaScript execution and the ability to modify unencrypted HTTP traffic (XML response)," explained the researcher, who goes by the name of Radek.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security





more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Software with the most vulnerabilities in 2015: Mac OS X, iOS, and Flash | Apple | Nobody Is Perfect

Software with the most vulnerabilities in 2015: Mac OS X, iOS, and Flash | Apple | Nobody Is Perfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/securite-pc-et-internet


Gust MEES's insight:
Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/securite-pc-et-internet


more...
Gust MEES's curator insight, January 1, 11:39 AM
Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/securite-pc-et-internet


Umberto Orefice's curator insight, January 2, 11:09 AM

Good to know..

Dennis Swender's curator insight, March 13, 10:07 AM
Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/securite-pc-et-internet


Scooped by Gust MEES
Scoop.it!

iOS, Mac OS X, WatchOS : le Patch Tuesday made in Apple | CyberSecurity | CyberHygiene | Updates

iOS, Mac OS X, WatchOS : le Patch Tuesday made in Apple | CyberSecurity | CyberHygiene | Updates | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Après Microsoft qui a publié un Patch Tuesday bien fourni en correctifs critiques, c’est au tour d’Apple de mener un grande vague de mises à jour de sécurité sur plusieurs produits. Les OS de la firme de Cupertino sont bien évidement aux premières loges.

Différentes versions de Mac OS X sont concernées : OS X El Capitan 10.11.2, OS X Yosemite 10.10.5, et Mavericks 10.9.5. Au total, la Security Update 2015-008 corrige 54 vulnérabilités dans des services et des composants tel qu’App Sandbox, Bluetooth, Compression, Configuration Profiles, CoreGraphics, CoreMedia Playback, EFI, File Bookmark, Hypervisor, ImageIO, Intel Graphics Driver, IOAcceleratorFamily, IOHIDFamily, IOKit SCSI, Kernel, Keychain Access, OpenGL, Sandbox, Security, etc. A noter que la moitié des failles découvertes sont critiques, car elles peuvent permettre à des pirates d’exécuter du code arbitraire à distance.


Learn more / Mehr erfahren / En savoir plus :


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Patch+Tuesday+made+in+Apple


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

Après Microsoft qui a publié un Patch Tuesday bien fourni en correctifs critiques, c’est au tour d’Apple de mener un grande vague de mises à jour de sécurité sur plusieurs produits. Les OS de la firme de Cupertino sont bien évidement aux premières loges.

Différentes versions de Mac OS X sont concernées : OS X El Capitan 10.11.2, OS X Yosemite 10.10.5, et Mavericks 10.9.5. Au total, la Security Update 2015-008 corrige 54 vulnérabilités dans des services et des composants tel qu’App Sandbox, Bluetooth, Compression, Configuration Profiles, CoreGraphics, CoreMedia Playback, EFI, File Bookmark, Hypervisor, ImageIO, Intel Graphics Driver, IOAcceleratorFamily, IOHIDFamily, IOKit SCSI, Kernel, Keychain Access, OpenGL, Sandbox, Security, etc. A noter que la moitié des failles découvertes sont critiques, car elles peuvent permettre à des pirates d’exécuter du code arbitraire à distance.


Learn more / Mehr erfahren / En savoir plus :


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Patch+Tuesday+made+in+Apple


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X Malware Soars in 2015

Mac OS X Malware Soars in 2015 | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
“For years, Mac users have watched their PC-using counterparts struggle with cyber-attacks, while enjoying the relative immunity that their hardware provides from malware. This view is becoming increasingly outdated; our research shows that Mac users should be just as worried,” argued Bit9 + Carbon Black Emea MD, David Flower.

“With 45 per cent of businesses now offering Macs as an option to staff, our research should be seen as a timely reminder that every device on the network is a potential target—businesses can’t just rely on a clearly outdated perception of invulnerability.”


Mac malware is set to accelerate over the coming months after having its most prolific year ever so far in 2015, according to new research from endpoint security firm Bit9 + Carbon Black.


After an analysis of the year so far, the vendor concluded that five times more Mac malware appeared in 2015 than the previous five years combined.  


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
For years, Mac users have watched their PC-using counterparts struggle with cyber-attacks, while enjoying the relative immunity that their hardware provides from malware. This view is becoming increasingly outdated; our research shows that Mac users should be just as worried,” argued Bit9 + Carbon Black Emea MD, David Flower.

“With 45 per cent of businesses now offering Macs as an option to staff, our research should be seen as a timely reminder that every device on the network is a potential target—businesses can’t just rely on a clearly outdated perception of invulnerability.”


Mac malware is set to accelerate over the coming months after having its most prolific year ever so far in 2015, according to new research from endpoint security firm Bit9 + Carbon Black.


After an analysis of the year so far, the vendor concluded that five times more Mac malware appeared in 2015 than the previous five years combined.  


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Votre Mac peut être piraté par une simple photo | Nobody Is Perfect | CyberSecurity | Apple

Votre Mac peut être piraté par une simple photo | Nobody Is Perfect | CyberSecurity | Apple | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
SÉCURITÉ - On dit souvent qu'un Mac est plus sécurisé qu'un ordinateur sous Windows. Sauf qu'il n'en est rien: en 2014, le nombre de failles de sécurité découvertes sur Mac OS était bien supérieur à celles découvertes sur le système d'exploitation de Microsoft. Et la dernière en date accessible aux pirates fait froid dans le dos: avec une simple photo, il est possible de se faire voler tous ses mots de passe.

C'est en effet ce qu'ont découvert deux développeurs, Antoine Vincent Jebara et Raja Rahbani, rapporte 01Net. Le fautif? Keychain, le gestionnaire de mot de passe de Mac OS X. C'est lors de tests sur leur propre logiciel de gestion de mots de passe, MyKi, qu'ils se sont aperçus du problème.

En tapant quelques lignes de commande dans l'opérateur de commandes, il est possible d'accéder à toutes les informations stockées par Keychain... sans avoir besoin de rentrer le mot de passe principal. En effet, seule une petite fenêtre s'affiche, qui demande à l'utilisateur de cliquer sur "autoriser".


En savoir plus / Mehr erfahren / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
SÉCURITÉ - On dit souvent qu'un Mac est plus sécurisé qu'un ordinateur sous Windows. Sauf qu'il n'en est rien: en 2014, le nombre de failles de sécurité découvertes sur Mac OS était bien supérieur à celles découvertes sur le système d'exploitation de Microsoft. Et la dernière en date accessible aux pirates fait froid dans le dos: avec une simple photo, il est possible de se faire voler tous ses mots de passe.

C'est en effet ce qu'ont découvert deux développeurs, Antoine Vincent Jebara et Raja Rahbani, rapporte 01Net. Le fautif? Keychain, le gestionnaire de mot de passe de Mac OS X. C'est lors de tests sur leur propre logiciel de gestion de mots de passe, MyKi, qu'ils se sont aperçus du problème.

En tapant quelques lignes de commande dans l'opérateur de commandes, il est possible d'accéder à toutes les informations stockées par Keychain... sans avoir besoin de rentrer le mot de passe principal. En effet, seule une petite fenêtre s'affiche, qui demande à l'utilisateur de cliquer sur "autoriser".


En savoir plus / Mehr erfahren / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Sécurité : des failles dans iCloud, XProtect et Gatekeeper | Nobody Is Perfect | ICT | eSkills

Sécurité : des failles dans iCloud, XProtect et Gatekeeper | Nobody Is Perfect | ICT | eSkills | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Les conférences Black Hat battent leur plein à Las Vegas, et les chercheurs en sécurité informatique qui se pressent durant ce raout n’ont pas manqué de pointer du doigt les vulnérabilités qui touchent les produits d’Apple : Thunderstrike 2 et dyld (qui serabouché avec OS X 10.10.5) ont occupé les gazettes cette semaine, tandis que d’autres failles sont annoncées.


Patrick Wardle, directeur de recherche pour Synack, a levé le voile sur plusieurs faiblesses d’OS X. Gatekeeper tout d’abord : ce système qui, une fois activé, n’installe que les logiciels dument signés peut être contourné. En utilisant des bibliothèques dynamiques qui injectent du code vérolé dans des applications pourtant identifiées comme sûres, il est possible d’infecter un Mac.


Plus généralement, il estime que développer un malware pour OS X est facile et qu’Apple devrait mettre en place une véritable stratégie pour la sécurité de ses produits, même s’il reconnait que des efforts sont faits en ce sens. La popularité toujours plus forte des Mac et des appareils iOS oblige le constructeur à en faire plus, les plateformes d’Apple étant apparues sur le radar des malandrins du code.


Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html


Mehr erfahren / En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike




Gust MEES's insight:

Les conférences Black Hat battent leur plein à Las Vegas, et les chercheurs en sécurité informatique qui se pressent durant ce raout n’ont pas manqué de pointer du doigt les vulnérabilités qui touchent les produits d’Apple : Thunderstrike 2 et dyld (qui serabouché avec OS X 10.10.5) ont occupé les gazettes cette semaine, tandis que d’autres failles sont annoncées.


Patrick Wardle, directeur de recherche pour Synack, a levé le voile sur plusieurs faiblesses d’OS X. Gatekeeper tout d’abord : ce système qui, une fois activé, n’installe que les logiciels dument signés peut être contourné. En utilisant des bibliothèques dynamiques qui injectent du code vérolé dans des applications pourtant identifiées comme sûres, il est possible d’infecter un Mac.


Plus généralement, il estime que développer un malware pour OS X est facile et qu’Apple devrait mettre en place une véritable stratégie pour la sécurité de ses produits, même s’il reconnait que des efforts sont faits en ce sens. La popularité toujours plus forte des Mac et des appareils iOS oblige le constructeur à en faire plus, les plateformes d’Apple étant apparues sur le radar des malandrins du code.


Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html


Mehr erfahren / En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac : un premier ver s'attaque aux firmwares installés, en silence

Mac : un premier ver s'attaque aux firmwares installés, en silence | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
C'est la première fois qu'une telle menace est observée chez Apple. Elle ne peut pas être détectée par les anti-virus et est difficilement patchable.


Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html


Mehr erfahren / En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike


Gust MEES's insight:
C'est la première fois qu'une telle menace est observée chez Apple. Elle ne peut pas être détectée par les anti-virus et est difficilement patchable.


Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html


Mehr erfahren / En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple-User erpresst: Mac-Virus KeRanger greift OS X an | CyberSecurity | CyberCrime | KeRanger

Apple-User erpresst: Mac-Virus KeRanger greift OS X an | CyberSecurity | CyberCrime | KeRanger | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Erstmals greift ein Erpresser-Trojaner Mac-User an. Die Ransomware KeRanger hat sich über eine infizierte Version der Torrentsoftware Transmission verbreitet.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

Gust MEES's insight:
Erstmals greift ein Erpresser-Trojaner Mac-User an. Die Ransomware KeRanger hat sich über eine infizierte Version der Torrentsoftware Transmission verbreitet.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

KeRanger: Erste Ransomware-Kampagne bedroht Mac OS X | Apple | CyberSecurity

KeRanger: Erste Ransomware-Kampagne bedroht Mac OS X | Apple | CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Ein Erpressungs-Trojaner verschlüsselt erstmals auch Daten von Mac-Nutzern. Der Schädling versteckt sich im BitTorrent-Client Transmission. Apple und die Entwickler haben bereits reagiert.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

Gust MEES's insight:
Ein Erpressungs-Trojaner verschlüsselt erstmals auch Daten von Mac-Nutzern. Der Schädling versteckt sich im BitTorrent-Client Transmission. Apple und die Entwickler haben bereits reagiert.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac Users Hit by Rare Ransomware Attack, Spread via Transmission BitTorrent App | Apple | CyberSecurity

Mac Users Hit by Rare Ransomware Attack, Spread via Transmission BitTorrent App | Apple | CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Sadly it seems clear that ransomware has well and truly arrived for OS X.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

Gust MEES's insight:
Sadly it seems clear that ransomware has well and truly arrived for OS X.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=RANSOMWARE

 

http://www.scoop.it/t/ict-security-tools/?tag=Ransomware

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

All your Mac's old install CDs won't work anymore | Nobody Is Perfect | Apple | EdTech 

All your Mac's old install CDs won't work anymore | Nobody Is Perfect | Apple | EdTech  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
When Apple’s Worldwide Developer Certificate expired in February it caused problems for some developers, but another major problem that’s going to affect more people has just surfaced: it breaks OS X installers.

If you’ve created an OS X installation CD or downloaded an installer it won’t work anymore because it can’t be verified with Apple. To get it going again, you need to re-download the entire installer and create a new CD, which is an utter hassle.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

Gust MEES's insight:
When Apple’s Worldwide Developer Certificate expired in February it caused problems for some developers, but another major problem that’s going to affect more people has just surfaced: it breaks OS X installers.

If you’ve created an OS X installation CD or downloaded an installer it won’t work anymore because it can’t be verified with Apple. To get it going again, you need to re-download the entire installer and create a new CD, which is an utter hassle.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Mac-Trojaner löst Spekulationen über Hacking-Team-Rückkehr aus | Apple | CyberSecurity

Mac-Trojaner löst Spekulationen über Hacking-Team-Rückkehr aus | Apple | CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Auf Virus Total ist ein Trojaner für OS X aufgetaucht, der allem Anschein nach zu einem Spionage-Tool der Firma Hacking Team gehört. Sind die Italiener zurück und hacken wieder?

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Auf Virus Total ist ein Trojaner für OS X aufgetaucht, der allem Anschein nach zu einem Spionage-Tool der Firma Hacking Team gehört. Sind die Italiener zurück und hacken wieder?

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
Gust MEES's curator insight, March 1, 12:13 PM
Auf Virus Total ist ein Trojaner für OS X aufgetaucht, der allem Anschein nach zu einem Spionage-Tool der Firma Hacking Team gehört. Sind die Italiener zurück und hacken wieder?

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Available On THE AppStore: 'Huge' number of Mac apps are vulnerable to man-in-the-middle attacks | Apple | Nobody Is Perfect | CyberSecurity

Available On THE AppStore: 'Huge' number of Mac apps are vulnerable to man-in-the-middle attacks | Apple | Nobody Is Perfect | CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Many of OS X’s most popular apps were recently revealed to be vulnerable to man-in-the-middle (MiTM) attacks.

The vulnerability specifically targets those that use Sparkle — a third-party software update framework — and unencrypted HTTP connections.

A security engineer from Vulnsec, known as Radek, said the vulnerability works on both El Capitan and its predecessor, Yosemite.

The total number of apps affected isn’t known, but Radek did estimate the number to be “huge.” Some of those confirmed as vulnerable are:

Camtasia 2 (v2.10.4)
DuetDisplay (v1.5.2.4)
uTorrent (v1.8.7)
Sketch (v3.5.1)
Additionally, security researcher Jonathan Zdziarski told Ars Technica that the ‘Hopper’ reverse engineering tool and ‘DXO Optics Pro’ are also susceptible.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



Gust MEES's insight:
Many of OS X’s most popular apps were recently revealed to be vulnerable to man-in-the-middle (MiTM) attacks.

The vulnerability specifically targets those that use Sparkle — a third-party software update framework — and unencrypted HTTP connections.

A security engineer from Vulnsec, known as Radek, said the vulnerability works on both El Capitan and its predecessor, Yosemite.

The total number of apps affected isn’t known, but Radek did estimate the number to be “huge.” Some of those confirmed as vulnerable are:

Camtasia 2 (v2.10.4)
DuetDisplay (v1.5.2.4)
uTorrent (v1.8.7)
Sketch (v3.5.1)
Additionally, security researcher Jonathan Zdziarski told Ars Technica that the ‘Hopper’ reverse engineering tool and ‘DXO Optics Pro’ are also susceptible.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
Gust MEES's curator insight, February 14, 6:41 PM
Many of OS X’s most popular apps were recently revealed to be vulnerable to man-in-the-middle (MiTM) attacks.

The vulnerability specifically targets those that use Sparkle — a third-party software update framework — and unencrypted HTTP connections.

A security engineer from Vulnsec, known as Radek, said the vulnerability works on both El Capitan and its predecessor, Yosemite.

The total number of apps affected isn’t known, but Radek did estimate the number to be “huge.” Some of those confirmed as vulnerable are:

Camtasia 2 (v2.10.4)
DuetDisplay (v1.5.2.4)
uTorrent (v1.8.7)
Sketch (v3.5.1)
Additionally, security researcher Jonathan Zdziarski told Ars Technica that the ‘Hopper’ reverse engineering tool and ‘DXO Optics Pro’ are also susceptible.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Scooped by Gust MEES
Scoop.it!

Fake Flash Player Update Infects Mac with Scareware

Fake Flash Player Update Infects Mac with Scareware | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Anyone who has been using computers for any length of time should (hopefully) be aware of the endless ritual of updating Adobe Flash against security vulnerabilities. Even if you don't run Flash on your computer, you've surely seen the many headlines in the tech media over the years of the importance of keeping Adobe Flash (and its Acrobat PDF Reader stablemate) updated to protect against malicious attack.

So, what better way to trick someone into having their computer infected than by disguising it as an actual Adobe Flash update?

That's precisely what criminals are doing now, in their attempts to infect Apple Mac users with scareware.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

Anyone who has been using computers for any length of time should (hopefully) be aware of the endless ritual of updating Adobe Flash against security vulnerabilities. Even if you don't run Flash on your computer, you've surely seen the many headlines in the tech media over the years of the importance of keeping Adobe Flash (and its Acrobat PDF Reader stablemate) updated to protect against malicious attack.

So, what better way to trick someone into having their computer infected than by disguising it as an actual Adobe Flash update?

That's precisely what criminals are doing now, in their attempts to infect Apple Mac users with scareware.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security




more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

MacKeeper carelessly leaves 13 million Mac users exposed | Apple | Nobody Is Perfect

MacKeeper carelessly leaves 13 million Mac users exposed | Apple | Nobody Is Perfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Researcher Chris Vickery stumbled across over 13 million sensitive account details related to MacKeeper, after using the Shodan search engine to hunt for database servers left open to the internet, that required no authentication.

Sure enough, Vickery's search found four different IP addresses of servers belonging to Kromtech.

And on those servers, Vickery found over 20GB of MacKeeper user data - including names, email addresses, phone numbers, IP addresses, software licenses, system information and users' hashed passwords.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Researcher Chris Vickery stumbled across over 13 million sensitive account details related to MacKeeper, after using the Shodan search engine to hunt for database servers left open to the internet, that required no authentication.

Sure enough, Vickery's search found four different IP addresses of servers belonging to Kromtech.

And on those servers, Vickery found over 20GB of MacKeeper user data - including names, email addresses, phone numbers, IP addresses, software licenses, system information and users' hashed passwords.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X malware is heating up | Apple | Nobody Is Perfect | CyberSecurity

Mac OS X malware is heating up | Apple | Nobody Is Perfect | CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
A new threat research report conducted by Bit9+ Carbon Black’s research team found that in 2015, there was 948 malware instances. The number of  OS X malware samples this year is five times greater than in 2010-2014 combined — where there was only 180 malware instances over a four-year period. Based on observations in a 10-week analysis: the research team anticipates MAC OS X malware to surge in the coming months.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
A new threat research report conducted by Bit9+ Carbon Black’s research team found that in 2015, there was 948 malware instances. The number of  OS X malware samples this year is five times greater than in 2010-2014 combined — where there was only 180 malware instances over a four-year period. Based on observations in a 10-week analysis: the research team anticipates MAC OS X malware to surge in the coming months.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

A dangerous silent AirDrop attack is threatening Apple users | CyberSecurity | NobodyIsPerfect

A dangerous silent AirDrop attack is threatening Apple users | CyberSecurity | NobodyIsPerfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

A new evil vulnerability affecting the AirDrop service could be exploited by attackers to silently infect iPhones and Apple Macs.

Versions prior to the latest Apple OS version, the newborn iOS 9, are affected by a serious AirDrop Bug. The AirDrop Bug could be exploited by hackers to take full control of Apple iPhone or Mac machines.

The AirDrop Bug has been disclosed by the Australian security researcher Mark Dowd, AirDrop is a proprietary service that enables the transfer of documents among supported Macintosh computers and iOS devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=ZERODIUM


Gust MEES's insight:

A new evil vulnerability affecting the AirDrop service could be exploited by attackers to silently infect iPhones and Apple Macs.

Versions prior to the latest Apple OS version, the newborn iOS 9, are affected by a serious AirDrop Bug. The AirDrop Bug could be exploited by hackers to take full control of Apple iPhone or Mac machines.

The AirDrop Bug has been disclosed by the Australian security researcher Mark Dowd, AirDrop is a proprietary service that enables the transfer of documents among supported Macintosh computers and iOS devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=ZERODIUM


more...
Gust MEES's curator insight, September 23, 2015 11:33 AM
A new evil vulnerability affecting the AirDrop service could be exploited by attackers to silently infect iPhones and Apple Macs.

Versions prior to the latest Apple OS version, the newborn iOS 9, are affected by a serious AirDrop Bug. The AirDrop Bug could be exploited by hackers to take full control of Apple iPhone or Mac machines.

The AirDrop Bug has been disclosed by the Australian security researcher Mark Dowd, AirDrop is a proprietary service that enables the transfer of documents among supported Macintosh computers and iOS devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



Scooped by Gust MEES
Scoop.it!

Mac OS X : une faille critique permet de subtiliser tous les mots de passe de l'utilisateur | Nobody Is Perfect

Mac OS X : une faille critique permet de subtiliser tous les mots de passe de l'utilisateur | Nobody Is Perfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
En faille critique viens d'être dévoilée, et cette fois c'est le système Mac OS X qui est concerné.


Le Trousseau d'accès ( Keychain) de Mac OS X souffre actuellement d'une faille qui permettrait à des pirates de récupérer l'intégralité des mots de passe y étant stockés. Ce qui se présente ainsi comme un espace sécurisé permettant de stocker ses accès devient une véritable boite de pandore.


En savoir plus / Mehr erfahren / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
En faille critique viens d'être dévoilée, et cette fois c'est le système Mac OS X qui est concerné.


Le Trousseau d'accès ( Keychain) de Mac OS X souffre actuellement d'une faille qui permettrait à des pirates de récupérer l'intégralité des mots de passe y étant stockés. Ce qui se présente ainsi comme un espace sécurisé permettant de stocker ses accès devient une véritable boite de pandore.


En savoir plus / Mehr erfahren / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Zero-Day Exploit Can Completely Brick Your Mac | Nobody Is Perfect | ICT | eSkills

New Zero-Day Exploit Can Completely Brick Your Mac | Nobody Is Perfect | ICT | eSkills | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
This zero-day exploit dubbed Thunderstrike 2 targets your Mac’s firmware thanks to an attached Thunderbolt accessory, such as an Ethernet adaptor or an external hard drive. After receiving the code via a phishing email or a malicious web site, malware code could look for connected Thunderbolt accessories and flash their option ROMs.

If you reboot your Mac with this infected Thunderbolt accessory plugged in, the EFI will execute the option ROM before booting OS X. As this option ROM has been infected, it will execute malicious code infecting the EFI itself. For example, it could simply make your Mac’s firmware refuse to boot OS X, turning your Mac into a useless machine. And if your firmware is compromised, there is no way to boot OS X, update the firmware and remove the malicious code.

The best part of this zero-day vulnerability is that your Thunderbolt accessory remains infected. If you plug your Ethernet adaptor into a new Mac, this Mac will get infected as well when it reboots. It’s not as harmful as malware that spreads through the Internet, but it could make some serious damage in an office environment for example.


Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html


Mehr erfahren / En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike


Gust MEES's insight:
This zero-day exploit dubbed Thunderstrike 2 targets your Mac’s firmware thanks to an attached Thunderbolt accessory, such as an Ethernet adaptor or an external hard drive. After receiving the code via a phishing email or a malicious web site, malware code could look for connected Thunderbolt accessories and flash their option ROMs.

If you reboot your Mac with this infected Thunderbolt accessory plugged in, the EFI will execute the option ROM before booting OS X. As this option ROM has been infected, it will execute malicious code infecting the EFI itself. For example, it could simply make your Mac’s firmware refuse to boot OS X, turning your Mac into a useless machine. And if your firmware is compromised, there is no way to boot OS X, update the firmware and remove the malicious code.

The best part of this zero-day vulnerability is that your Thunderbolt accessory remains infected. If you plug your Ethernet adaptor into a new Mac, this Mac will get infected as well when it reboots. It’s not as harmful as malware that spreads through the Internet, but it could make some serious damage in an office environment for example.


Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html


Mehr erfahren / En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike


more...
Fernando de la Cruz Naranjo Grisales's curator insight, August 5, 2015 2:16 PM
This zero-day exploit dubbed Thunderstrike 2 targets your Mac’s firmware thanks to an attached Thunderbolt accessory, such as an Ethernet adaptor or an external hard drive. After receiving the code via a phishing email or a malicious web site, malware code could look for connected Thunderbolt accessories and flash their option ROMs.

If you reboot your Mac with this infected Thunderbolt accessory plugged in, the EFI will execute the option ROM before booting OS X. As this option ROM has been infected, it will execute malicious code infecting the EFI itself. For example, it could simply make your Mac’s firmware refuse to boot OS X, turning your Mac into a useless machine. And if your firmware is compromised, there is no way to boot OS X, update the firmware and remove the malicious code.

The best part of this zero-day vulnerability is that your Thunderbolt accessory remains infected. If you plug your Ethernet adaptor into a new Mac, this Mac will get infected as well when it reboots. It’s not as harmful as malware that spreads through the Internet, but it could make some serious damage in an office environment for example.

 

Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html

 

Mehr erfahren / En savoir plus / Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike