The chief executive of a Florida-based digital publisher said Monday he believes his company is the source of a data leak of a million Apple unique device IDs — not the FBI as a hacktivist group claimed.
Browsing Category: Apple
Apple pushed out a Java update for its Snow Leopard, Lion and Mountain Lion systems Wednesday, fixing vulnerabilities Oracle tackled in last week’s emergency CVE-2012-4681 patch. Both Java for Mac OS X 10.6 Update 10 and Java for OS X 2012-005 update the Java SE 6 plugin and, in what might be a sign of Apple’s growing displeasure with the platform, help configure browsers to not automatically run Java applets.
Apple has released a fix for a vulnerability in its Remote Desktop product that could result in sensitive data not being encrypted, even when users have the product configured to send all data in encrypted form. The vulnerability can lead to information leakage and Apple says the issue affects versions 3.0 and later.
There is no such thing as a trivial detail when it comes to the impending release of an Apple product and scammers are well aware of this. A recent attack is exploiting the public’s fascination with all things Apple and the ubiquitous interest in anything iPhone 5-related with an email phishing scam that includes a file that claims to contain pictures of the unreleased iPhone’s battery but actually contains a malicious Word document.
The iPhone SMS app contains a quirky bug that could allow someone to send a user a text message that appears to come from any number that the sender specifies. The researcher who discovered the bug said that it could be used by attackers to spoof messages from a bank or credit card company and send the victim to a target site controlled by the attacker.
Attackers and malware writers, like many other people, tend to specialize, honing their skills in one particular discipline in order to maximize their chances for success. But Microsoft researchers have come across a series of malware samples and exploits that show that some attackers are beginning to target the same vulnerability across multiple platforms as a way to make the most out of their efforts.
LAS VEGAS–An odd thing happened at Black Hat on Thursday: an Apple security official gave a talk. Seats began filling early, 20 minutes before the talk began, and expectations were high, with many people wondering how much the speaker would reveal about the inner workings of iOS security. And then the talk began and it was fairly clear that the answer to that question was, not much.
In concert with the release of their highly anticipated Mountain Lion OS X, Apple also updated their Web browser, Safari, including a number of security fixes.
LAS VEGAS–Do not stand near Charlie Miller. Actually, you might not even want to let him walk past you. It’s not that Miller is a bad person, you understand. The problem is that Miller has figured out a couple of methods that enable him–or an attacker–to use the NFC chip in some phones to exploit vulnerabilities in the phones’ software and force users to visit a Web site or even gain complete control of the phone.
There’s a new Mac Trojan dropper that uses a silent installation process and it also has the ability to establish backdoor access to infected machines. Security researchers at Intego found samples of the OSX/Crisis malware on the Virus Total website, but it has not yet been found in the wild.