Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS
The vulnerability is under active exploitation by unknown attackers and affects a wide range of Apple’s products.
Apple
Apple to pay teenager who uncovered FaceTime bug
The decision to award the bug has been welcomed but one security researcher has said that they need to do more to compensate those who find bugs
Apple takes Group FaceTime offline after discovery of spying bug
The company is rushing to fix a glitch that may let other iPhone users hear and see you – before you answer the call
Apple yanks top grossing app from Mac App Store for grabbing private user data
The several thousand glowing reviews that Adware Doctor had garnered prior to its removal were “likely fake”, researchers say
Apple chip supplier blames WannaCryptor variant for plant shutdowns
The malware outbreak has even prompted concerns of delays in the shipments of the next wave of iPhones
Apple defuses ‘text bomb’ bug
A number of text-based apps crashed, became unresponsive or entered an endless bootloop when attempting to show the otherwise little-used character from a language that is spoken by some 75 million people.
Users of iPhones and Macs must update to avoid Stagefright‑like bug
Make sure that all your Apple devices are patched before online criminals attempt to take advantage of this flaw.
WireLurker: new malware targets Apple users
A new malware has been discovered that targets both Apple Mac computers and iPhones, Neowin reports. It is the first known malware that can infect iPhones that have not been jailbroken.
Urgent iPhone and iPad security update, Mac OS X as well
Users of Apple iPhone and/or iPad need to install iOS 7.0.6 right away to patch a vulnerability in the SSL code that protects connections with websites and other computers. Users of Mac OS X should be on alert for a similar fix, due shortly.
Flashback Wrap Up
Six months ago, Flashback was attracting a lot of attention from researchers and media due to its wide spread and interesting features. Since then, we have witnessed its operator abandoning control of the botnet by shutting down its latest command and control server. This happened in May this year. The number of infected systems has
The Dynamic Duo for Securing your Android: Common Sense and Security Software
On Thursday, September 12, Duo Security, a young-but-respected vendor of two-factor authentication devices, announced the preliminary results of a study of over 20,000 Android devices from a two month old study they performed. Based on the results, they calculated that over half of Android devices on the market have security vulnerabilities that are, as yet,
Authentication attacks: Apple, Amazon, iCloud, Google, anything with a password
Sharing details of the hack that “wiped his life” has earned Mat Honan a place in the annals of information system security; the specific inter-dependence of flawed authentication systems that cost him so dearly–encompassing Apple, iCloud, Amazon.com, Gmail and more–would probably still exist if Mat had not gone public. Wired has the full story here
Mac OSX/iOS hacks at Blackhat – are scammers setting their sights?
For years scammers and hackers focused largely on Windows x86-based platforms, in many ways because that’s where the bulk of the users were. But times change, and new targets emerge. At Blackhat and Defcon last week we saw a flurry of talks on Mac OSX/iOS security, trying to illuminate possible chinks in the armor. From
Windows Phone 8: Security Heaven or Hell?
Introduction Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC counterpart, Windows 8. While Microsoft was an early adopter in the creation of smartphones with
Updates on OSX/Tsunami.A, a Mac OS X Trojan
Yesterday, ESET announced the discovery of a new threat against the Apple Mac OS X platform. Today, we have found a new version of the same threat. The new version is similar to the previous version with two important differences. The first addition to this threat is that it now implements persistence on an infected
Steve Jobs 1955 – 2011
ESET would like to extend our sincere sympathies to the friends, family and colleagues of Steve Jobs.
New Apple OS X Malware: Fake Adobe Flash Installer
A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego. The threat is a Trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware, the Flashback attack uses social engineering to entice the user to download then
PDF Trojan Appears on Mac OS X
A new trojan has been released targeting the Macintosh Chinese-language user community. The trojan appears to the user to be a PDF containing a Chinese language article on the long-running dispute over whether Japan or China owns the Diaoyu Islands. When the user opens the “PDF” file, it attempts to mask the installation
Where there’s smoke, there’s FireWire
Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer
MacDefender undergoes a name change, MacShield
The MacDefender malware has morphed again, now taking the guise of "MacShield." As in the case of its oldest sibling MacDefender, the MacShield variant has taken the name of a legitimate Mac OSX software product with small distribution, doubtless causing the real developer significant heartache. The UI is essentially unchanged, but as usual all