OS X security researcher Patrick Wardle is expected at Black Hat to demonstrate how to write advanced Mac malware, including Gatekeeper and Xprotect bypasses, in hopes of raising awareness to the current state of OS malware detection.
Browsing Tag: apple
Apple recently patched a serious issue in its App Store and iTunes Store web apps that could have let a remote attacker inject their own malicious script code into invoices that come from Apple.
More than 36 hours after the huge cache of data from Hacking Team’s corporate network was dumped online, researchers are continuing to find surprising bits and pieces in the documents. Among them is evidence that the company had an enterprise developer certificate from Apple, allowing it to develop internal apps, but could not get its[…]
Researchers at Cisco Talos released details on a use-after-free vulnerability in Apple QuickTime that could lead to remote code execution.
Apple has released new versions of iOS and OS X, both of which include a significant number of security patches, several for bugs that can lead to remote code execution and other serious issues. Version 8.4 of iOS contains fixes for more than 30 security vulnerabilities, including bugs in the iOS kernel, WebKit, and CoreText.[…]
Facebook have added the ability for organizations to detect if their OS X system is being exploited by XARA with their framework osquery.
In the two years since the details of the NSA’s deep penetration of the Internet infrastructure began to emerge, there has been a major movement afoot among Web companies to encrypt more and more of their resources and services. The latest large property to make this move is Reddit, which by the end of the[…]
A group of researchers claim that they found a handful of vulnerabilities in both Apple’s OS X and iOS, and cracked the Keychain service that the company uses for apps and sandboxes on OS X.
In the forthcoming iOS 9.0 release, Apple is adding two-factor authentication and a number of other security features.
Apple is encouraging developers who create apps for iOS to begin moving their apps to an HTTPS-only model as soon as possible in an effort to thwart eavesdropping on insecure, plaintext HTTP connections. The move is yet one more sign that major Internet and technology companies are becoming ever more resistant to large-scale, passive surveillance[…]