[img_assist|nid=1672|title=|desc=|link=none|align=left|width=115|height=115]Apple today shipped Safari 4.0.4 to fix a total of seven security flaws that expose Windows and Mac users to a wide range of malicious hacker attacks.The high-priority update patches vulnerabilities that allow remote code execution (drive-by downloads) if a user simply surfs to a maliciously rigged Web site. Some of the issues affect Microsoft’s new Windows 7 operating system.
Browsing Tag: apple
[img_assist|nid=1618|title=|desc=|link=none|align=left|width=115|height=115]Apple has dropped another mega-patch to cover a total of 58 documented vulnerabilities affecting the Mac OS X ecosystem. The majority of the flaws could allow a remote attacker to gain complete control of an unpatched system, meaning that this update carries an “extremely critical rating.”
Gue[img_assist|nid=1544|title=|desc=|link=none|align=left|width=115|height=115]st editorial by Costin RaiuIn every system designed by man, there is always a balance between features, usability and security. While designing pretty, easy to use and secure systems is possible, quite often this is not what the users get, or, worse, this is not what the users want.
Yesterday, a “Your iPhone’s been hacked because it’s really insecure! Pleas[img_assist|nid=1504|title=|desc=|link=none|align=left|width=115|height=115]e visit doiop.com/iHacked and secure your phone right now!” message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from appearing at startup. Read the full story [Dancho Danchev/ZDNet]
[img_assist|nid=966|title=|desc=|link=none|align=left|width=115|height=115]President Barack Obama has nominated Caryn
Wagner to be the Homeland Security Department s intelligence chief, a
position that oversees information technology systems designed to share
information with federal, state and local officials.
GENEVA — In a sign that cyber-criminals are investing more time and resources into attacks against Apple’s Mac users, a new malware affiliate program has been discovered offering 43c for every infected Mac machine.
During an eye-opening presentation at the VB Conference 2009 conference here, Sophos Labs researcher Dmitry Samosseikko provided a glimpse into the “Partnerka,” a Russian network of spam and malware affiliates that have turned their attention to the Mac platform — using social engineering tricks to load fake codecs and scareware programs.
Cyber-criminals are using interest in MMS or SMS on the iPhone to trick users into downloading rogue antivirus software.
According to security company Websense, attackers are abusing Google’s search engine to get users to click on links leading to a malicious page pushing scareware. Read the full story [eweek.com]
Apple has shipped iTunes 9.0.1to fix a critical security hole that puts Mac and Windows users at risk of computer takeover attacks.
The vulnerability could be used by hackers to launch code execution attacks via booby-trapped “.pls” files, Apple warned in an advisory.
Apple has released security patches to cover serious security vulnerabilities in its iPhone, iPod Touch and QuickTime products.
The most serious of the vulnerabilities could lead to remote code execution attacks that give malicious hackers an easy way to hijack computers and mobile devices. Read the full story for details on these vulnerabilities [zdnet.com]
Apple today released a new version of Java for Mac to plug a total of 15 documented security vulnerabilities that could lead to remote code execution attacks via rigged Web pages.
The Java for Mac OS X 10.5 Update 5 includes patches for security holes covered by Sun Microsystems last month.