Your new post is loading...
Your new post is loading...
Security researcher Ariel Sanchez recently published a fascinating report on the sort of security you can expect if you do your internet banking on an iPhone or iPad. The answer, sadly, seems to be, "Very little." You should head over to IOActive's blog to read the whole report. Sanchez details the results of a series of offline security tests conducted against 40 different iOS banking apps used by 60 different banks in about 20 different countries.
Via Gust MEES
Kaspersky research shows that Safari, in saving a session for reopening later, stores session information in plain text. This includes usernames and passwords.
Via Gust MEES
Another day, another privacy vulnerability found in iOS. When will Apple learn that a lockscreen should really, properly, lock the phone?
Via Gust MEES
Two security vulnerabilities have been discovered in Apple's new mobile operating system, less than 24 hours after launch.
Via Gust MEES
Yesterday's iOS 7 update brought a slew of bug fixes, 80 in total, to Apple devices.
Via Gust MEES
Three Georgia Tech hackers have disclosed how to hack iPhones and iPads with malware in under sixty seconds using a "malicious charger."
Via Gust MEES
Further customizations of the Mac ransom pages discovered today shows the bad guys are busy updating their templates for each country's police force. ===> Not all countries currently have their own ‘theme’ but it is only a matter of time before the bad guys roll them out. <===
Via Gust MEES
The FBI has become aware of the recent news regarding the ransomware that’s designed to target Mac OS X users. The agency’s Internet Crime...
Via Gust MEES
Apple has published updates for all supported versions of OS X and for Safari version 6.
===> A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic... <===
Via Gust MEES
With the discovery of malware signed with a valid Apple ID, here are some steps you can take to help prevent the remote chance of any such programs infecting your computer. Read this article by Topher Kessler on CNET.
Via Gust MEES
Backdoor took screenshots, sent them to attackers.
Via Gust MEES
Minority groups in China appear to have been targeted by a Mac malware attack, delivered via boobytrapped Word documents. Who could possibly be interested in targeting their computers? It is true that there is much less malware for OS X than there is for Windows, but that's not going to make you feel any better if you end up targeted in an attack like this. Mac users, just like Windows users, need to ensure that they install the latest security patches and keep their software properly up-to-date. If you're not already doing so, run anti-virus software on your Macs. If you're a home user, there really is no excuse at all as we offer a free anti-virus for Mac consumers.
Via Gust MEES
|
Apple users are updating to OS X Mavericks in large numbers, but not fast enough. Corporate users in particular have been slow to upgrade, which could have serious security implications. Apple is famous for the secrecy around its product and service launches. ===> It's unfortunate it has decided that the safety of Mac users should also require reading tea leaves. <===
Via Gust MEES
Macs have never been that popular in business. But if Apple is indeed no longer supporting security updates for older Mac OS X versions, Macs won't have any place left in the enterprise office.
Via Gust MEES
Apple has quickly fixed two lockscreen bugs that it introduced with iOS 7. Well done, Cupertino! (To all hardcore Apple fans reading this: that's not irony. I really mean it.)
Via Gust MEES
Apple's new iOS 7, pre-loaded on the new iPhone 5s and 5c, is also available for download to older devices. It is said to include more than 200 new features – here we look at some of the security aspects and issues.
Via Gust MEES
iPhones and iPads will be vulnerable until they get the iOS 7 update, which is scheduled for release later this year. Until then, you might want to avoid plugging into sleazy charging stations, tho...
Via Gust MEES
These days, it seems that websites are hacked with alarming frequency. While even companies of Apple's sophistication and size aren't immune from successful attacks, it's not quite time to start wearing your tin foil hat--yet.
Via Gust MEES
Apple's Dev Center went down on Thursday causing issues for developers around the world. The system remained down for three days and is still currently unavailable. This brings up an interesting question regarding single points of failure in the mobile application distribution system. When one component goes down, or is breached in this case it affects the entire ecosystem. ===> We hear a lot about mobile apps and devices being hacked, however as I have stated before that is small potatoes when compared to the treasure trove of the back-end systems that power mobile applications and services. <=== What is the point of hacking one person’s phone when there are entire app store infrastructures to target?
Via Gust MEES
Tumblr has released a "very important" update for their iPad and iPhone apps following what they describe as a "security lapse". It appears that passwords were being sent over the internet unencrypted, making it easy for anyone with bad intentions and a little technical knowledge to harvest Tumblr users' login details.
Via Gust MEES
Although iOS generates seemingly random passwords for its hotspots to eliminate the use of 'default' passwords, researchers at a German university have found that ===> they are able to break these passwords in under a minute. <===
Via Gust MEES
Forget obscure apps, unexpected emails and suspicious links. A group of researchers from the Georgia Institute of Technology claim to have developed a new smartphone charger that can ...
Via Gust MEES
The Oslo Freedom Forum is an annual event "exploring how best to challenge authoritarianism and promote free and open societies." This year's conference (which took place May 13-15) had a workshop for freedom of speech activists on how to secure their devices against government monitoring. During the workshop, Jacob Appelbaum actually discovered a new and previously unknown backdoor on an African activist's Mac.
Our Mac analyst (Brod) is currently investigating the sample.
It's signed with an Apple Developer ID.
Via Gust MEES
Phishers appear to have concentrated their fire on a relatively new target: Apple IDs.
Via Gust MEES
|
Learn more:
- http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security