Browsing Tag: apple

Five ways Apple can improve Mac and iPhone security

From TidBITS (Rich Mogull)
With the impending release of the next versions of both Mac OS X and the iPhone operating system, it seems a good time to evaluate how Apple could improve their security program. Rather than focusing on narrow issues of specific vulnerabilities or incidents, or offering mere criticism, I humbly present a few suggestions on how Apple can become a leader in consumer computing security over the long haul.  Read the full story [tidbits.com]

Read more...

Apple plugs 10 QuickTime code execution holes

Categories: Vulnerabilities

Apple today released QuickTime 7.6.2 with fixes for a variety of security vulnerabilities, some of which could lead to arbitrary code execution attacks.
The update, available for Mac OS X, Windows XP and Windows Vista, covers a total of 10 documented vulnerabilities that could be exploited via booby-trapped movie, video, image and audio files. Read the full story [zdnet.com]

Read more...

Apple iPhone security standards released

Categories: Compliance

From Information Week (George Hulme)
Today the Center for Internet Security released a set of benchmarks designed to help consumers and businesses alike communicate using their favorite toy. Whoops, I meant smartphone. The guidance is worth a look.

Read more...

Serious Mac OS X Java vulnerability disclosed

Categories: Vulnerabilities

There is an easily exploitable vulnerability in the Java implementation in Apple’s Mac OS X which could allow an attacker to run arbitrary code on a remote machine. The flaw, which is similar to a vulnerability that has been public for five months and affect other vendors’ products, affects even the most recent version of OS X, which was released last week.

Read more...

Apple Patch Day: 67 Mac OS X, Safari vulnerabilities

Categories: Vulnerabilities

On the same day Microsoft shipped a bundle of patches for gaping holes in its PowerPoint software, Apple followed suit, dropping a monster Mac OS X update to correct 67 security vulnerabilities.
The sudden Apple Patch Day also included a patch to cover a trio of flaws in the Safari Web browser (Mac OS X and Windows). Read the full story [zdnet.com]

Read more...

Prediction: Apple will recommend security software

Categories: Compliance

From CNet (Jon Oltsik)
As an analyst, it is my job to follow the industry, internalize trends, and then use this information to make predictions. OK, here goes: Within the next 18 months, Apple will begin recommending that Macintosh users install Internet security software on all systems.
Now I realize that this statement is blasphemy to dedicated Mac users, so let me start with a few qualifying statements. I am not comparing Mac OS with Windows, or Apple with Microsoft, and my prediction should not be interpreted as an attack on Apple, its developers, or the security of its code. Read the full story [cnet.com]

Read more...

15 easy fixes for Mac security risks

15 easy fixes for Mac security risks

Categories: Vulnerabilities

From Computerworld (Ryan Faas)

One of the commonly touted advantages to using a Mac is that it’s more secure and less prone to malware than a PC running Windows. It’s easy to see where this attitude comes from: The prevalence of viruses and network attacks against Windows machines is greater by several orders of magnitude.

Read more...

RSA Panel Review – Macs in the Enterprise

Categories: Malware

By Andrew Storms

Managing IT for a software company has its challenges.  For me, the lines between efficiency, security and innovation are difficult to draw at a company like nCircle where engineers require some freedom to perform their best.  The panelists at the RSA session “Responding to the ignored threat – Macs in the Enterprise” seemed to face the same kind of problems I do.

Read more...

Mac OS X malware turns into DoS botnet

Categories: Malware, Vulnerabilities

Multiple news outlets [ZDNet, CBC, The Register and Washington Post] are reporting on what appears to be the first malicious botnet made up only of machine’s running Apple’s Mac operating system.
The botnet is directly linked to a previously known Trojan that was embedded into pirated copies of Apple’s iWorks program.  It was being used in the past to launch denial-of-service attacks.  The full analysis of the botnet is available at Virus Bulletin [subscription required]

Read more...

iPhone security comes to the fore

Categories: Vulnerabilities

By Paul F. Roberts, The 451 Group
The security of smartphones such as the iPhone, Windows Mobile devices and the T-Mobile G1 has come under a lot of scrutiny lately. Each device has its own unique security model, and in the case of the iPhone, Apple has kept its platform closed to third-party security vendors. But that’s not stopping some of them from making an end run around Apple and creating their own security applications for the hugley popular device.

Read more...