Headline Feeds|
Microsoft Issues Fix to Keep Duqu at Bay November 07, 2011 
Microsoft on Friday released a temporary fix for a Microsoft Word vulnerability that allows the Duqu worm to attack PCs. The flaw, in TrueType font parsing, could let an attacker run arbitrary code in kernel mode, installing programs; view, change or delete data; or create new accounts with full user rights, Microsoft said.
|
The Apache Web Server's Not-So-Secret Weakness August 30, 2011 
If you thought the hacks by Anonymous and AntiSec were bad, boy, are you in for a revelation. This past week brings news that the Apache Web server -- the one that powers the majority of the Internet and most websites -- has a vulnerability that can be exploited with relatively little effort.
|
|
Apple's Golden Hoard August 03, 2011 
Apple's recent iCloud announcement was merely the icing on the cake of a week of positive news coming from Cupertino. For one thing, iPhone sales made Apple the world's largest smartphone vendor in Q2 of 2011, according to Strategy Analytics. For another, news has emerged that Apple has a cash balance of nearly $76 billion.
|
Security Wonks Urge iPhoners to Patch 'Em Up July 29, 2011 
The iOS vulnerability for which Apple issued a security patch on July 25 is very severe, according to security experts who are warning iOS device users to apply that patch as soon as possible. The vulnerability lies in a failure to validate SSL certificates correctly. That lets hackers use a tool called "sslsniff" to take over victims' iOS devices by using fake certificates.
|
|
iOS Jailbreakers Dig Up a Wormy Little Exploit July 08, 2011
Zero-day vulnerabilities in Apple's iOS that are used to jailbreak iPhones and iPads could also be used to access confidential information, according to the German Federal Office for Information Security. The bug, exposed by a team of hackers at JailbreakMe.com, exploits vulnerabilities on PDFs.
|
Will WebKit Be iOS' Achilles' Heel? June 17, 2011 
Apple recently issued a new beta version of its forthcoming Mac OS X 10.6.8 update to developers, reported to contain fixes for the Mac Defender malware and its variants. Cupertino and the Mac Defender clan have been trading shots since May, with the authors of the malware circumventing Apple's efforts to stomp out their attacks.
|
|
New Malware Variant Jukes Apple's Bug Fix June 01, 2011 
As promised, Apple on Tuesday released a security update to combat MacDefender, a type of fake antivirus malware that had targeted the Mac OS X platform over the last few weeks. On Wednesday, however, hackers apparently managed to figure out an end-run around its solution. Apple's fix updates its malware definition list daily, and it searches for and removes known variants of the MacDefender malware.
|
New Mac Malware: Passwords? We Don't Need No Stinking Passwords! May 26, 2011 
The newest strain of malware aimed at the Mac OS X platform doesn't require a user password to install and spread, according to a warning from security company Intego. Like a similar scam that arose weeks ago, this new version of malware promises visitors of certain websites a free security scan.
|
|
The Sony Horror Hacker Show May 07, 2011 
Sony's great big data leak could go down in history as the company's messiest mess of all time -- even worse than the CD rootkit disaster. Last week, we learned that hackers had broken into Sony's PlayStation Network and made off with a bunch of user data. Names, passwords and birth dates were definitely leaked, and Sony wasn't able to guarantee people's credit card numbers were safe either.
|
Scareware Gives Mac Users the Heebie-Jeebies May 02, 2011
Scareware has apparently made its way to the Apple Mac platform. Intego, which specializes in creating antivirus software for the Apple Mac platform, warned Monday that a fake antivirus program called "MACDefender" is attacking Apple Macs. Scareware in general is a common tactic used by online scammers, and it's been seen many times in the past to fool users of Windows PCs.
|
|
Google Puts a Whopping $20K on the Line to Crowdsource Chrome Security February 03, 2011 
Ever hunting for a better digital vaccine, HP's TippingPoint DVLabs announced a partnership with Google that has the scions of search cosponsoring a hacking contest at the CanSecWest security conference in March. "This is a part of the 4th annual Pwn2Own contest," said Google spokesperson Eitan Bencuya. Successfully hack into the Chrome Web browser, and Google will fork over $20,000 and a Chrome CR-48 notebook.
|
Cloud Security: The Journey Is the Reward December 21, 2010 
Skills develop with practice and repetition. It's true of anything, from playing the piano to driving a car. In any endeavor, the way to get better is to practice. Attempt the activity again and again, learning from mistakes made along the way. "Practice makes perfect" -- that's not a way we usually think about information security; instead, we usually approach security tasks with a "measure twice, cut once" mindset.
|
|
iOS Upgrade Slides In, Jailbreakers Bust Out September 09, 2010 
As promised last week, Apple delivered the first major upgrade of its mobile operating system, version 4.1 of iOS, and true to form, hackers found a way to jailbreak the software less than 24 hours following its official release. The major fun features of iOS 4.1 were revealed last week when Apple rolled out its latest line of iPods.
|
Apple, PayPal Dodge Questions About Ongoing iTunes Scam August 24, 2010 
A number of iTunes customers with PayPal accounts have fallen victim to a scam that apparently has been going on for some time. These customers know someone has been using their PayPal accounts to purchase items from the iTunes Store -- in some cases racking up thousands of dollars in fraudulent charges. What the victims don't know -- and may never find out -- is exactly how their accounts were compromised.
|
|
iOS Patch Draws Fast Action From Jailbreakers August 13, 2010 
Apple has issued a patch for the two iOS vulnerabilities that allowed iPhone owners to jailbreak their devices via the Web through the site JailbreakMe.com. It triggered a variety of reactions. Comex, the coauthors of the JailBreakMe exploit that leveraged the iOS 4 vulnerabilities to jailbreak the iPhone, promptly posted the code for the exploit on the Web.
|
Mixed Bag of News Keeps Apple Investors Guessing August 11, 2010
Apple shares sank $2.34 to close at $259.41 in volatile trading Tuesday, dipping below the $260 mark they had held onto since Aug. 2 after slipping below it in late June. Maybe investors were uncertain because of a slew of bad news, perhaps the most significant piece of which was that the United States and European Union are apparently investigating Apple's policies for mobile software developers.
|
See More Articles in Exploits & Flaws Section >>
