The iPhone SMS app contains a quirky bug that could allow someone to send a user a text message that appears to come from any number that the sender specifies. The researcher who discovered the bug said that it could be used by attackers to spoof messages from a bank or credit card company and send the victim to a target site controlled by the attacker.
Browsing Category: Apple
Attackers and malware writers, like many other people, tend to specialize, honing their skills in one particular discipline in order to maximize their chances for success. But Microsoft researchers have come across a series of malware samples and exploits that show that some attackers are beginning to target the same vulnerability across multiple platforms as a way to make the most out of their efforts.
LAS VEGAS–An odd thing happened at Black Hat on Thursday: an Apple security official gave a talk. Seats began filling early, 20 minutes before the talk began, and expectations were high, with many people wondering how much the speaker would reveal about the inner workings of iOS security. And then the talk began and it was fairly clear that the answer to that question was, not much.
In concert with the release of their highly anticipated Mountain Lion OS X, Apple also updated their Web browser, Safari, including a number of security fixes.
LAS VEGAS–Do not stand near Charlie Miller. Actually, you might not even want to let him walk past you. It’s not that Miller is a bad person, you understand. The problem is that Miller has figured out a couple of methods that enable him–or an attacker–to use the NFC chip in some phones to exploit vulnerabilities in the phones’ software and force users to visit a Web site or even gain complete control of the phone.
There’s a new Mac Trojan dropper that uses a silent installation process and it also has the ability to establish backdoor access to infected machines. Security researchers at Intego found samples of the OSX/Crisis malware on the Virus Total website, but it has not yet been found in the wild.
In this special edition Threatpost editor-in-chief Dennis Fisher talks with founding editor, Ryan Naraine about Mac security. They discuss why it took longer for the security community to understand the vulnerabilities of the Mac and when these conversations started. You’ll hear how cybercriminals are targeting OS X more than ever before and what you need to know to protect yourself from an attack.
A scheduled talk at the Black Hat Briefings security conference in Las Vegas later this month may have dealt a fatal blow to the once ballyhooed Windows Sidebar and Windows Gadgets. Redmond, Washington-based Microsoft, on Tuesday, issued a software “fix” that disables gadgets and the Windows sidebar on Vista and Windows 7 entirely.
The FTC is nearing completion of its investigation into allegations that Google used a special technique to circumvent the privacy settings on Safari to enable better tracking of users, even when tracking was disabled by the user. The decision may cost Google millions of dollars in fines, but it’s not clear whether that will serve as any kind of deterrent for a company that brings in tens of billions of dollars in revenue each year.
A new Trojan that uploads users’ phonebooks to a remote server is making the rounds, circulating on both Apple’s App Store and the Google Play marketplaces, according to research by Kaspersky Lab posted on the Securelist web site earlier today.