[img_assist|nid=3540|title=|desc=|link=none|align=left|width=100|height=100]Over the last two weeks, security researchers have reported eight different zero-day vulnerabilities in Apple’s Safari browser.Details of these vulnerabilities, all rated “high risk,” have been sold to Tippingpoint’s Zero Day Initiative (ZDI), a program that purchases the rights to vulnerability information in exchange for exclusivity to broker fixes with affected vendors.
Browsing Tag: apple
[img_assist|nid=3035|title=|desc=|link=none|align=left|width=100|height=100]There are several flaws in the way that the iPhone handles digital certificates which could lead to an attacker being able to create his own trusted certificate and entice users into downloading malicious files onto their iPhones.
[img_assist|nid=2356|title=|desc=|link=none|align=left|width=100|height=100]The iKee worm that was infecting jailbroken iPhones last month was a simple, yet effective, piece of software that shows how easy it might be for an attacker to create a fairly large, functioning botnet comprising mobile devices, an analysis of the worm shows.
[img_assist|nid=2126|title=|desc=|link=none|align=left|width=100|height=100]A security researcher has released a proof-of-concept attack that
exploits critical vulnerabilities that Apple patched on Thursday; The
vulns stem from bugs in the Java runtime environment that allow
attackers to remotely execute malicious code. Read the full article. [The Register]
[img_assist|nid=2122|title=|desc=|link=none|align=right|width=100|height=100]A Swiss iPhone developer has released a new application that is capable of harvesting huge amounts of personal data from iPhones, including geolocation data, passwords, address book entries and email account information, all using just the public API.
[img_assist|nid=1672|title=|desc=|link=none|align=left|width=115|height=115]Apple today shipped Safari 4.0.4 to fix a total of seven security flaws that expose Windows and Mac users to a wide range of malicious hacker attacks.The high-priority update patches vulnerabilities that allow remote code execution (drive-by downloads) if a user simply surfs to a maliciously rigged Web site. Some of the issues affect Microsoft’s new Windows 7 operating system.
[img_assist|nid=1618|title=|desc=|link=none|align=left|width=115|height=115]Apple has dropped another mega-patch to cover a total of 58 documented vulnerabilities affecting the Mac OS X ecosystem. The majority of the flaws could allow a remote attacker to gain complete control of an unpatched system, meaning that this update carries an “extremely critical rating.”
Gue[img_assist|nid=1544|title=|desc=|link=none|align=left|width=115|height=115]st editorial by Costin RaiuIn every system designed by man, there is always a balance between features, usability and security. While designing pretty, easy to use and secure systems is possible, quite often this is not what the users get, or, worse, this is not what the users want.
Yesterday, a “Your iPhone’s been hacked because it’s really insecure! Pleas[img_assist|nid=1504|title=|desc=|link=none|align=left|width=115|height=115]e visit doiop.com/iHacked and secure your phone right now!” message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from appearing at startup. Read the full story [Dancho Danchev/ZDNet]
[img_assist|nid=966|title=|desc=|link=none|align=left|width=115|height=115]President Barack Obama has nominated Caryn
Wagner to be the Homeland Security Department s intelligence chief, a
position that oversees information technology systems designed to share
information with federal, state and local officials.