More than 36 hours after the huge cache of data from Hacking Team’s corporate network was dumped online, researchers are continuing to find surprising bits and pieces in the documents. Among them is evidence that the company had an enterprise developer certificate from Apple, allowing it to develop internal apps, but could not get its[…]
Browsing Category: Apple
Dennis Fisher and Mike Mimoso discuss the OS X and iOS patches, the potential for the new cyber UL project run by Mudge, and the lawsuit against OPM after its data breach.
Researchers at Cisco Talos released details on a use-after-free vulnerability in Apple QuickTime that could lead to remote code execution.
Apple has released new versions of iOS and OS X, both of which include a significant number of security patches, several for bugs that can lead to remote code execution and other serious issues. Version 8.4 of iOS contains fixes for more than 30 security vulnerabilities, including bugs in the iOS kernel, WebKit, and CoreText.[…]
Facebook have added the ability for organizations to detect if their OS X system is being exploited by XARA with their framework osquery.
In the two years since the details of the NSA’s deep penetration of the Internet infrastructure began to emerge, there has been a major movement afoot among Web companies to encrypt more and more of their resources and services. The latest large property to make this move is Reddit, which by the end of the[…]
A group of researchers claim that they found a handful of vulnerabilities in both Apple’s OS X and iOS, and cracked the Keychain service that the company uses for apps and sandboxes on OS X.
The attackers behind the recently disclosed Duqu 2.0 APT have used stolen digital certificates to help sneak their malware past security defenses, and one of the certificates used in the attacks was issued to Foxconn, the Chinese company that manufactures products for Apple, BlackBerry, Dell, and many other companies. Researchers at Kaspersky Lab, who discovered[…]
In the forthcoming iOS 9.0 release, Apple is adding two-factor authentication and a number of other security features.
UPDATE–As the debate over potential government interference with encryption technologies rages in countries around the world, Congress is now going down a different path, asking technology companies whether it’s feasible and potentially effective for certificate authorities to restricting the way that government-owned CAs can issue certificates. Members of the House Committee on Energy and Commerce[…]