[img_assist|nid=6004|title=|desc=|link=none|align=right|width=100|height=100]A Web site set up to help iPhone users jailbreak their devices is using a flaw in the way that the iPhone handles PDF files to escape the phone’s sandbox security function and enable users to load applications that aren’t in Apple’s official App Store. The same flaw could easily be used to install malicious software in drive-by download attacks, experts say.
Browsing Tag: apple
[img_assist|nid=5904|title=|desc=|link=none|align=left|width=90|height=90]A new change to the much-maligned Digital Millennium Copyright Act free users who jailbreak their iPhones and other mobile handsets from worries about prosecution under the provisions of the DMCA that prevented circumvention of protection technologies. A separate change announced Monday also gives security researchers some new protections.
[img_assist|nid=5862|title=|desc=|link=none|align=right|width=100|height=100]A prominent security researcher is urging users of Apple’s Safari browser to immediately turn off the AutoFill feature to block hackers from stealing sensitive information.
According to Jeremiah Grossman, founder and Chief Technology Officer of WhiteHat Security, the AutoFill Web Forms feature can be hacked to steal data from the computer’s address book.
[img_assist|nid=5802|title=|desc=|link=none|align=left|width=90|height=90]Apple has shipped a critical iTunes update to fix a security vulnerability that exposes Windows users to malicious hacker attacks.The latest iTunes 9.2.1 is available for Windows XP, Windows Vista and Windows 7.
[img_assist|nid=5372|title=|desc=|link=none|align=right|width=100|height=100]There’s an ongoing argument in barrooms, pubs and wherever else soccer fans gather about who is the best player in the world. The general consensus right now is Lionel Messi, the Argentinian genius, but others can build a case for Wayne Rooney, Didier Drogba or even Cristiano Ronaldo. A similar discussion often breaks out among security professionals about which vendor currently is wearing the goat’s horns, and while Adobe has topped the list of late, AT&T, a late entrant, is gunning for that number one spot right now.
[img_assist|nid=5377|title=|desc=|link=none|align=right|width=100|height=100]The Adobe Flash Player plugin that was included in yesterday’s Mac OS X software update contains multiple vulnerabilities that expose users to malicious hacker attacks.Apple shipped a new Flash Player plugin (10.0.45.2) in the Mac OS X patch bundle but that version became outdated on June 10th when Adobe shipped Flash Player 10.1.53.64.
[img_assist|nid=5380|title=|desc=|link=none|align=left|width=82|height=82]Apple has shipped another mega Mac OS X patch bundle to fix a total of 28 documented security vulnerabilities affecting the Mac ecosystem.
[img_assist|nid=5253|title=|desc=|link=none|align=right|width=100|height=100]Apple has shipped new versions of its Safari browser with patches for at least 48 security vulnerabilities.The Safari 4.1 and 5.0 updates, considered “highly critical,” is available for both Windows and Mac OS X. Exploitation of some of these vulnerabilities could lead to drive-by download (remote code execution) attacks.
[img_assist|nid=4561|title=|desc=|link=none|align=right|width=100|height=100]Information security is an unpredictable, fluid discipline. There are very few absolute truths, but for the last few years, one of those has been that Apple isn’t paying much attention to software security. At least that’s the received wisdom.
[img_assist|nid=4403|title=|desc=|link=none|align=right|width=100|height=100]Forbes reporter Andy Greenberg polled a group of security researchers about the security posture of Apple’s new iPad device and comes away with a simple conclusion: The iPad is just as insecure as the iPhone. Some quotes from the story: