Proxy authentication flaw can be exploited to crack HTTPS protection
Mistakes made in the implementation of proxy authentication in a variety of operating systems and applications have resulted in security vulnerabilities that allow MitM …
FlockFlock: File access enforcement for macOS
The more serious you are about information security, the more you realize it’s difficult to be sure a system isn’t compromised. While malware authors don’t target the Mac …
Fake iPhone order dispatch confirmations hitting inboxes
Fake dispatch confirmation emails for a bogus order of an iPhone from Apple’s App Store are hitting inboxes, warns Hoax-Slayer. This is just the latest variant of the …
Apple finally announces bug bounty program
Apple is finally going to monetarily reward security researchers for spotting and responsibly disclosing bugs in the company’s products. The announcement that a bug …
There’s no virus in the iTunes database – it’s a phish!
A new phishing campaign aimed at Apple users has been spotted by security researcher Bryan Campbell. It takes the form of a fake email supposedly sent by Apple Service, …
iOS app detecting phones jailbroken by malware booted from App Store
The System and Security Info iOS app by German IT security outfit SektionEins has been pulled from Apple’s App Store less than a week after it was made available. The …
The fragile security of the mobile ecosystem
Mobile devices such as smartphones and tablets have become indispensable in our daily lives. In fact, in Q4 2015, smartphones accounted for around 75 percent of all mobile …
Uninstall QuickTime for Windows today!
The time has come to deinstall QuickTime from your Windows machine. Trend Micro’s Zero Day Initiative has just released advisories (ZDI-16-241 and ZDI-16-242) detailing …
Bug in OS X Messages client exposes messages, attachments
When in March Apple pushed out security updates for its many products, much attention has been given to a zero-day bug discovered by a team of Johns Hopkins University …
SideStepper vulnerability can be used to install malicious apps on iOS
Check Point researchers have identified SideStepper, a vulnerability that can be used to install malicious apps on iPhones and iPads to steal login credentials and sensitive …
US govt has unlocked San Bernardino gunman’s iPhone
The US Department of Justice has found a way to get into the iPhone 5C owned by Syed Farook, one of the San Bernardino shooters. With a short status report filed with the …
OS X zero day bug allows hackers to bypass system integrity protection
An OS X zero day vulnerability could allow attackers to bypass System Integrity Protection, Apple’s newest protection feature, and to escalate their privileges, simplifying …