Browsing Tag: apple

Research Shows Serious Problems With Android App SSL Implementations

Categories: Apple, Mobile Security

There are thousands of apps in the Google Play mobile market that contain serious mistakes in the way that SSL/TLS is implemented, leaving them vulnerable to man-in-the-middle attacks that could compromise sensitive user data such as banking credentials, credit card numbers and other information. Researchers from a pair of German universities conducted a detailed analysis of thousands of Android apps and found that better than 15 percent of those apps had weak or bad SSL implementations.

Read more...

Apple Patches Java Flaws

Categories: Apple

Apple has released a patch that fixes a laundry list of vulnerabilities in Java after Oracle pushed out a fix for the technology for users of Windows and other platforms. The patch from Apple also completely disables the Java plugin in users’ browsers in order to prevent users from falling victim to new attacks on the oft-vulnerable application.

Read more...

Researcher Charlie Miller Joins Twitter Security Team

Categories: Apple, Privacy

Twitter quietly is assembling a serious security team, with the most recent addition being Charlie Miller, the security researcher known for finding a long line of bugs in the iPhone and other Apple products. Miller, a respected and prolific researcher, will join the social network’s security team next week.

Read more...

Apple Fixes Huge Number of Flaws With iTunes 10.7

Categories: Apple

Apple has released a massive security update for iTunes on Windows, fixing more than 160 security vulnerabilities. The new version of iTunes is one of the larger security updates by any vendor in the last few years, and many of the fixes are for WebKit vulnerabilities.

Read more...

Scammers Exploit Apple iPhone Release with Accessory Offers

Scammers Exploit Apple iPhone Release with Accessory Offers

Categories: Apple, Social Engineering

With the release event for Apple’s newest iPhone model going on, quite literally, as I type, it comes as no surprise that scammers are exploiting the vast anticipation for the iPhone 5.

Read more...

Florida Digital Publisher Says It’s the Source of Apple UDID Leak

Categories: Apple, Data Breaches

The chief executive of a Florida-based digital publisher said Monday he believes his company is the source of a data leak of a million Apple unique device IDs – not the FBI as a hacktivist group claimed.

Read more...

Apple Fixes Flaws, Updates Java 6 for OS X

Apple pushed out a Java update for its Snow Leopard, Lion and Mountain Lion systems Wednesday, fixing vulnerabilities Oracle tackled in last week’s emergency CVE-2012-4681 patch. Both Java for Mac OS X 10.6 Update 10 and Java for OS X 2012-005 update the Java SE 6 plugin and, in what might be a sign of Apple’s growing displeasure with the platform, help configure browsers to not automatically run Java applets.

Read more...

Anonymous Leaks Apple UDIDs Following Alleged Hack of FBI

Categories: Hacks

UPDATE–The Antisec arm of hacktivist group Anonymous published one million unique device identifier numbers, or UDIDs, for Apple devices, including iPhones and iPads, on Monday night. The group alleges the slew of information was swiped from a laptop belonging to the FBI earlier this year.

Read more...

Apple Patches Remote Desktop Flaw

Categories: Apple

Apple has released a fix for a vulnerability in its Remote Desktop product that could result in sensitive data not being encrypted, even when users have the product configured to send all data in encrypted form. The vulnerability can lead to information leakage and Apple says the issue affects versions 3.0 and later.

Read more...

Phishing for Fanboys with Phony iPhone 5 Images

There is no such thing as a trivial detail when it comes to the impending release of an Apple product and scammers are well aware of this. A recent attack is exploiting the public’s fascination with all things Apple and the ubiquitous interest in anything iPhone 5-related with an email phishing scam that includes a file that claims to contain pictures of the unreleased iPhone’s battery but actually contains a malicious Word document.

Read more...