Mobile attacks may have reached a tipping point, as researchers observe search engine optimization used to spread a malicious program for mobile devices running the Android operating system.
Browsing Tag: apple
Apple has shipped Safari 5.0.2 and Safari 4.1.2 with patches for three gaping holes that expose Web surfers to drive-by download attacks.
[img_assist|nid=6514|title=|desc=|link=none|align=right|width=95|height=95]Spammers have been quick off the mark in exploiting Apple’s new iTunes social network to punt survey scams. Read the full article. [The Register]
[img_assist|nid=6499|title=|desc=|link=none|align=left|width=100|height=100]Social networking features, a rockin’ new logo and GUI improvements aren’t the only reason you should upgrade to iTunes 10, says Apple. The update to Apple’s popular music player software, released on Wednesday, also fixes a bunch of gaping vulnerabilities that could make earlier versions susceptible to Web based attacks.
[img_assist|nid=6441|title=|desc=|link=none|align=right|width=100|height=100]Search giant Google cried foul after an IBM X-Force report labeled it the vendor with the highest percentage of unpatched, critical security holes, prompting a correction by IBM.
[img_assist|nid=6424|title=|desc=|link=none|align=right|width=100|height=100]A Spanish security researcher has discovered a new vulnerability in Apple’s QuickTime software that can be used to bypass both ASLR and DEP on current versions of Windows and give an attacker control of a remote PC. The flaw apparently results from a parameter from an older version of QuickTime that was left in the code by mistake.
[img_assist|nid=6353|title=|desc=|link=none|align=left|width=70|height=70]With Web based software vulnerabilities on the rise, Google displaces HP on the list of vendors with the most reported software holes in the first half of 2010.software vulnerabilities.
[img_assist|nid=6344|title=|desc=|link=none|align=left|width=100|height=100]Apple released a patch Tuesday that fixes more than a dozen bugs, including a critical remote code-execution flaw in Apple Type Services. The patch release also includes a fix for a flaw in CFNetwork that enabled an attacker to intercept user credentials and other sensitive data silently on a network.
[img_assist|nid=6328|title=|desc=|link=none|align=left|width=100|height=100]Malware may be difficult to define but, as former U.S. Supreme Court Justice Potter Stewart famously quipped about pornography “you know it when you see it.” At least that’s the position being taken by Google and anti malware firms about two applications designed for mobile phones running Google’s Android operating system. Now the developer is crying foul.
[img_assist|nid=6204|title=|desc=|link=none|align=left|width=95|height=95]The drumbeat for more secure application development picked up pace on Tuesday, with news that software giant HP had acquired privately funded Fortify Software, a maker of static code analysis tools, for an undisclosed amount.