11/20, 4:10pm
MS refutes talk of NSA-made security hole
Microsoft in a response late Thursday rejected assertions that it has put in a security "backdoor" at the request of the National Security Agency. The denial comes after the NSA's information assurance lead, Richard Schaeffer, told a US Senate terrorism subcommittee that the agency had worked with Microsoft to improve Windows 7's "security guide" and sparked fears that the government had deliberately left a secret window the NSA could use to spy on users.
more
11/19, 10:15am
Update includes over 50 changes
Agile Web Solutions has released the completed version of 1Password 3, its web login utility. The software generates custom passwords for websites, remembering login information for automatic insertion later. Users can also save content related to online shopping, such as credit card numbers.
more
11/17, 1:25pm
Kingston DT Locker+ has 256-bit encryption
Kingston on Tuesday announced the release of the DataTraveler Locker+ USB Flash drive series with 256-bit AES hardware-based encryption. Meant for businesses which require data security, the thumb drives won't reveal their contents without a complex password. They also thwart automated password cracks by automatically reformatting the drive after 10 consecutive incorrect guesses.
more
11/11, 5:05pm
Also addresses security holes
Apple has released Safari 4.0.4, a minor update to the Mac and Windows web browser. The patch makes relatively few changes, but does boost the performance of JavaScript, as well as Full History Searches in the case of a "large number" of items. Stability fixes have been implemented for the search field and Yahoo! Mail.
more
11/11, 11:35am
Also makes tweaks to specific features
Microsoft has posted a fresh update for Office 2008 for Mac, v12.2.3. The patch primarily addresses stability problems, such as one affecting the entire suite which could result in application crashes after a program was opened. Several unique crash scenarios have been fixed in Word, Excel, PowerPoint and Document Connection. Security has also been upgraded, closing a hole which could be used to overwrite memory with malicious code.
more
11/11, 9:55am
Again targets jailbroken devices
A new, more serious danger to jailbroken iPhones has emerged, says security firm Intego. The threat, currently labeled "iPhone/Privacy.A," is described as a hacking tool based on the same vulnerability used by the recent Ikee worm. Unlike Ikee however, Privacy.A is not meant as a warning but rather a malicious means of stealing data from an iPhone. Attackers can steal contacts, e-mail, text messages and anything else in an iPhone's storage.
more
11/09, 5:25pm
Security fixes include online content, image files
Apple on Monday released Security Update 2009-006 for Leopard and Snow Leopard operating systems, including Server and Client editions. The update addresses a number of vulnerabilities, including an issue that could have allowed disk images using FAT filesystems to execute arbitrary code. Memory handling has also been improved with DirectoryService to prevent remote attacks.
more
11/09, 4:55pm
Also corrects litany of lesser-known bugs
Apple has at last released Mac OS X 10.6.2, a key update to Snow Leopard. The patch addresses a variety of technical problems, most notably one which would permanently delete data when logging into a main account after having just used a guest one. The bug has been known since at least early October. Other resolved account problems include unexpected logouts, and difficulty authenticating as an administrator.
more
11/09, 9:55am
Only affects jailbroken devices
The first known iPhone worm has been observed in the wild, reports say. Called Ikee, the worm is considered relatively inoffensive, as it does not steal information or sabotage hardware or software. Instead the package merely changes a phone's wallpaper to a photo of singer Rick Astley before seeking out more points to infect.
more
11/06, 9:55am
Raises iPhone privacy issues
A California iPhone developer, Storm8, has been accused of spying on iPhone owners, according to court documents. A lawsuit was recently submitted on behalf of Washington resident Michael Turner, charging Storm8 with several violations including breaches of contract, the California Computer Crime Law and the Computer Fraud and Abuse Act. On August 26th, says Turner, the company openly admitted that its games had been illicitly collecting phone numbers.
more
11/05, 3:45pm
Likely related to anti-jailbreaking efforts
Apple is looking to hire a new iPhone manager with significant responsibilities, observers note. In particular the company is now searching for an "iPhone OS Platform Security Manager," who will be responsible for a team securing the booting, installation and running of the firmware. The worker is also expected to help plot a roadmap for iPhone security, and bring at least three years of experience running a development team, plus hands-on knowledge in designing against hardware and software exploits.
more
11/05, 9:15am
New Mac anti-virus software protects files
Kaspersky has introduced Anti-Virus for Mac, a port of its long-running Windows and Linux software designed to cope with threats such as worms, Trojans and bots. Some features include e-mail and attachment protection, as well as download scans, and alerts on blocked files and programs. The software recognizes up to 30,000 threats; self-protection functions guard settings with a password, and attempt to prevent techniques from being modified or deleted.
more
11/03, 3:10pm
Exposes security vulnerability
A hacker in the Netherlands has attempted to extort several iPhone owners, reports say. The hacker is believed to have used port scanning to identify T-Mobile-branded phones running SSH, commonly used in jailbreaking techniques. Because many people do not change the default root password on jailbroken devices, the hacker was able to take control of iPhones, and send custom text messages warning them to visit a website in order to resecure their firmware.
more
10/28, 11:00am
Cuts off theoretical attacks
Mozilla has released Firefox 3.5.4, a minor but still significant update to its multi-platform web browser. The patch fixes 16 vulnerabilities, 11 of which are said to be critical. Among these are problems with third-party media libraries, the core and JavaScript engines, web worker calls, the GIF color map parser and the string-to-number converter.
more
10/28, 12:10am
Enhanced support for large image collections
Excel Software has announced an update to its project- and document-protection application, DocProtect 1.1. The program is designed to protect rights and prevent access to HTML projects, image collections, video and audio files, PDFs, and Excel spreadsheets for all non-licensed users. The latest version enables users to release and restore licenses between computers, while adding a new PDF-style subscription model for newsletter and magazine publishers.
more
10/27, 4:35pm
Includes Snow Leopard info
Open Door Networks has announced a set of upgrades for its DoorStop line of Internet security apps. At the center is DoorStop X Security Suite 2.3, which consists of an updated DoorStop X Firewall, Who’s There? Firewall Advisor, and the e-book Internet Security for Your Macintosh and iPhone. The suite has been expanded to include a Twitter stream, a series of bugfixes, and iPhone support in the integrated isfym.com blog.
more
10/27, 3:55pm
Software introduces remote data access
Agile Web Solutions has launched a public beta version of 1Password 3, an updated Mac login utility. The software saves passwords and other forms of personal identity for quicker insertion into web forms. Version 3's major addition is said to be inclusion of 1PasswordAnywhere, a feature which lets users remotely access information via a web browser. The update also adds 64-bit support for Snow Leopard, and a new user interface.
more
10/27, 1:10am
SecretBox 2 improves interface, adds features
App4mac has released a major upgrade to its data protection program for both the Mac and iPhone: SecretBox 2 is designed to create a database which can be used to store information such as credit card numbers, software registrations, and e-mail logins. New features in the Mac version include an upgraded user interface, additional support for syncing with the iPhone or iPod touch, and improved stability. Approximately 60 percent of the code s also said to be re-written to help enhance performance and security.
more
10/15, 4:50pm
Also supports Windows 7
CoSoSys has released a new version of Endpoint Protector 2009, its data-loss prevention and endpoint security application. The update adds support for Mac OS X Snow Leopard, along with the soon-to-be-launched Windows 7. Endpoint Protector is designed to protect confidential data, and provides tools for monitoring and controlling activities on other systems. File tracking lets users see copy sources and destinations, as well as determine which files can be copied.
more
10/13, 5:00pm
Works with Viper security systems
Viper has launched Viper SmartStart for the iPhone. The app works with Viper remote start systems to start a car, lock or unlock its doors, and open its trunk. It can also be used to find a car, or set off a panic alarm. The app can control more than one car, and allows for multiple users to control the same vehicle.
more
10/13, 10:40am
Anti-virus, anti-spyware for enterprise
Noting the rise of Macs in the workplace, McAfee has released Endpoint for Mac, allowing centralized anti-virus, anti-spyware and firewall control, as well as application protection. The software allows IT administrators to use the same basic security console that works with Windows machines for their Mac users.
more
10/07, 1:05am
Likewise Open 5.3, Enterprise 5.3 updates
Likewise has announced two new updates to its authentication software for Mac, Likewise Open 5.3 and Likewise Enterprise 5.3. The latest versions add support for 32-bit and 64-bit versions of Apple’s Snow Leopard operating system. Likewise Open is designed to connect Linux and Mac machines to a Microsoft Active Directory and authenticate users with their domain credentials.
more
09/28, 11:50pm
Security Essentials utility to be offered for free
Microsoft is set to launch its new anti-malware service, Security Essentials. The utility is designed to help protect systems against viruses, spyware or other maliciously crafted software. Following the same basic structure as third-party antivirus software, Microsoft's program runs in the background and alerts users as potential threats arise.
more
09/28, 9:15pm
Verizon internet security, online storage
Verizon has announced both a new Mac versions of its Verizon Online Backup and sharing software (VOBS) and its Verizon Internet Security Suite. With the storing and sharing app, users can back-up selected files and folders to their designated storage plan, and restore them at a later date. Users can also send or receive invitations which allow people to download or upload photos onto their storage space, for simpler sharing of music, videos, or files. The online storage plans range in size from 5GB to 250GB, with monthly fees starting at $2 and ending at $20.
more
09/28, 5:25pm
Part of criminal profit-making scheme
Macs are being deliberately targeted by a Russian hacking group, says Sophos security researcher Dmitry Samosseiko. The group is a subset of a larger criminal network known as the Partnerka, which normally turns a profit through spam promoting fake online drug vendors, and malware in the form of "scareware" anti-virus protection. The Partnerka have generally concentrated malware efforts on Windows users, who together represent the largest possible target.
more
09/21, 7:30pm
Protection tools for cross-platform enterprises
Trend Micro has released an update to Security for Mac, its threat protection software designed for enterprises. Version 1.5 features improvements to manual scan performance when using the Quick Scan utility. The Cocoa client user interface has been revamped, while enabling automatic registration with the server.
more
09/17, 12:35pm
Firewall adds web updates, other fixes
ProteMac has updated its network firewall, releasing NetMine 1.5. The Mac-based firewall can control all Internet and network access from Mac applications, limiting the possibility of attacks from network worms, trojans malware and viruses. It can limit any specified network traffic from reaching specified Macs. NetMine is a two-way firewall that can prevent the spread of Malware on a network.
more
09/15, 3:55pm
Feature requires specific set of actions
Apple has issued a clarification regarding the iPhone 3.1 firmware's anti-phishing capabilities. Released September 9th, the update includes a promised ability to detect phishing and malware sites while using Safari. Early accounts have shown inconsistent performance however, with some phones recognizing hazards, and others missing them completely. The behavior may create the impression that the feature is broken.
more
09/10, 8:15pm
Future iPods to get anti-theft technology?
A recent patent filing, submitted by Apple, describes an anti-theft system that utilizes acceleration data to detect if a portable device is stolen. Information from the accelerometer would be analyzed by a controller to determine if the particular direction and speed of movement indicates that a thief might be taking the device.
more
09/10, 6:30pm
Long list of vulnerabilities addressed
Apple on Thursday released security updates for Mac OS X v10.5.8 and v10.4.11, including the standard and Server editions. The updates resolve a variety of security vulnerabilities relating to maliciously crafted alias files, resource forks, image files, PDFs, scheduler requests and PixarFilm files, among others.
more
09/10, 5:15pm
Flash vulnerability addressed in latest Mac udpate
Apple on Thursday released Mac OS X 10.6.1, its first maintenance update following the recent Snow Leopard launch. The company has addressed a variety of compatibility issues involving Sierra Wireless 3G modems, interrupted DVD playback, automatic account setup in Mail, and Motion 4 problems.
more
09/09, 4:05pm
For both Mac and Windows systems
In tandem with iTunes 9, Apple has released QuickTime 7.6.4, a minor update to its signature AV playback software. The patch primarily fixes problems with H.264 and/or MPEG-4 playback, which exposed systems to crashes or arbitrary code execution. H.264 vulnerabilities were connected to memory corruption and heap buffer overflows, while an MPEG-4 flaw involved conventional buffer overflows.
more
09/09, 3:50pm
Security issues fixed in latest iPhone firmware
The latest iPhone firmware, announced during Apple's music-themed media event, addresses a variety of security vulnerabilities. Previous releases had allowed unauthorized use of a device after a timeout period configured by an Exchange administrator. The system now disables any "Require Passcode" values greater than the maximum inactivity time lock setting, eliminating the time gap.
more
09/08, 9:15pm
Disk Station Manager 2.2 improves performance
Synology has released Disk Station Manager 2.2, an update to its cross platform file-sharing and data storing app that was previously available as a beta program. The upgrade delivers new Surveillance Station 3 software, iPhone and Time Machine support along with a DLNA compliant media server for streaming multimedia digital content between a Disk station and DLNA home-compliant devices. System enhancements include improved HDD driver quality and compatibility, and a dynamic bad sector remapping and recovery function.
more
09/08, 11:50am
Windows 7 returns remote BSOD
(Updated with Microsoft advisory) Windows 7 when it ships next month will be vulnerable to an attack that hasn't been possible since 1999, a new vulnerability found by a security researcher shows. Sending a deliberately malformed network negotiation request can force a Windows 7 system into a page fault that triggers a "blue screen of death" error, even without the user's help in launching the code. The attack affects both 32-bit and 64-bit versions of the OS.
more
09/07, 10:30am
May close some common vulnerabilities
Beginning with two Tuesday updates, all future iterations of Mozilla's Firefox browser will check for at least some outdated plug-ins, the company has announced. Firefox 3.5.3 and 3.0.14 will both scan for the latest version of Flash, prompting users to visit a link where an updated plug-in can be downloaded. "For now, our focus is on the Adobe Flash Player both because of its popularity and because some studies have shown that as many as 80 percent of users currently have an out-of-date version," says Firefox security team member Johnathan Nightingale.
more
09/03, 6:15pm
iAntiVirus get four of five stars in review
MacNN has reviewed PC tools' iAntiVirus, rating the Mac virus protection software four out of five stars. It protects against Mac-based malware, keyloggers, viruses, Trojans, and other threats, while running in the background and available from a menubar. The software monitors the system and scans for prior infection. Users can also run immediate scans via drag-and-drop for individual files.
more
09/03, 5:40pm
iPhone GPS catches criminals
The iPhone’s GPS system has reportedly assisted yet another individual attempting to find and catch thieves, according to Mashable.com. An unidentified person living in Shadyside, PA, was held at gunpoint by two men demanding the victim's wallet, PIN numbers and iPhone. The robbed individual than used his computer and the iPhone’s GPS technology to locate the thieves and helped provide police with information necessary to capture the suspects.
more
09/03, 5:00pm
Several Java threats addressed via security update
Apple has released a Java update for Mac OS X 10.5.8 that addresses a wide range of security vulnerabilities. The most serious issue allowed untrusted Java applets to obtain elevated privileges after users visit a web page containing maliciously crafted code. The problem has been addressed for systems running Mac OS X 10.5.8 or 10.5.8 Server.
more
09/02, 8:50pm
Intego takes a closer look at OS X anti-malware
Mac security company Intego has taken a closer look at the limitations of Apple's new anti-malware features in the recent Snow Leopard update. The new security functions, noticed by developers shortly before the public release, alert users to malicious code found in downloaded files.
more
09/02, 3:40pm
ProteMac Meter 3.0 updated
ProteMac has released ProteMac Meter 3.0, updating the network activity monitor with a new interface, featuring real-time traffic summaries. The tool watches activity passing through all applications on a Mac, and keeps tabs on network connections, host availability, remote host names, timestamps and the amount of traffic. It presents views of total and app-specific traffic, and can send out user-tailored notifications.
more
09/02, 10:55am
S. Lep. security too weak?
Apple has still left considerable gaps in Mac security, despite advances in Mac OS X Snow Leopard, say some security experts. The OS is said to have several protection advances over Leopard, most notably a built-in anti-virus scanner, perhaps the first concrete admission from Apple that Macs are now vulnerable to malware. The tool scans content received through apps like Safari, Mail and iChat, and can also check signatures to determine whether a file has been altered since its creation.
more
09/01, 11:35pm
Opera 10 update
Opera Software has introduced the latest version of its web browser, Opera 10. Three main features in the update include an enhanced browser interface, a new compression technology for dealing with slow network speeds, and improvements to the browser tabs. With the added network support the browser is capable of compressing pages to lower the amount of data transferred, and increase the users browsing speed. For the browser tabs users can now view full thumbnails of all their open tabs, as well as customize the size of the tab bar by pulling down or double clicking on the handle.
more
09/01, 5:15pm
SignalScope, R10cipher
KavaMovies 1.4 ($35) is a movie database application that allows users to organize the movies they have seen, the ones they want to see and those that are a part of their collection. The application also connects to the internet to obtain extra information about each movie such as actors, directors, genres and more. The latest update adds a new favorites browser and has been optimized to run under Snow Leopards 64-bit architecture. The move to 64-bit should also result in improved interface performance and database access speeds. [Download - 4.6MB]
more
08/28, 6:20pm
Controversial web bill
A proposed bill has Internet companies and civil liberty groups in a huff, as it would grant the US President the power to cut off private-sector users from the Internet during cyber security emergencies. The 55-page S. 773 bill (pdf), months in the making behind closed doors, is vague in its wording, but does suggest private Internet networks could be taken over by specially licensed individuals in the government.
more
08/28, 10:25am
New notebook border rules
US lawmakers have introduced new measures regarding searches of notebook computers entering the US, according to a Friday report. The revised rules attempt to address concerns regarding violations of privacy and Constitutional rights. The Department of Homeland Security (DHS) maintains such searches are necessary to fight potential terrorism plots, child pornography and copyright infringement. Air travelers with notebooks are often asked to power up their devices to ensure they are what they appear to be, with some incidents going on to more in-depth searches of hard drive content.
more
08/25, 10:50pm
User's MobileMe hacked
Philp Hayes, a self-declared IT expert, claims his MobileMe account was hacked. The user asserts that hackers accessed his account, changed the password and made a €55 PayPal purchase from RapidShare. The blog entry lends insight to the way Apple reps communicate with each other, suggesting those that assisted Hayes used iChat and prompted him to also chat online via an Apple Support page.
more
08/25, 9:15pm
Snow Leopard antivirus
The upcoming Snow Leopard update reportedly contains new anti-malware functionality, according to the Mac security company Intego. A number of beta testers have noticed a new warning screen that alerts users to malicious code. A leaked screenshot shows an alert dialog for an RSPlug Trojan contained in a disk image downloaded through Safari.
more
08/25, 9:40am
New 'Get a Mac' TV ads
Apple has produced two more TV ads as part of its long-running "Get a Mac" campaign, touting the advantages of Macs over Windows PCs. The new commercials are primarily negative, accusing PCs of being subject to many more virus attacks than Macs. The first spot, "Surprise," has PC (John Hodgman) disguise himself as Mac (Justin Long), and insist to a computer buyer that PCs are very reliable.
more
08/24, 10:45pm
ContactCrypt iPhone app
SMobile Systems has released ContactCrypt 1.6, an iPhone app that provides an extra layer of security for sensitive information such as contacts. Unlike apps that simply store passwords, ContactCrypt specifically encrypts contact names, addresses, account numbers, phone numbers, e-mail addresses and more. The app is claimed to prevent unauthorized bypass of the iPhone's breakable encryption methods.
more
