11/06, 9:55am
Raises iPhone privacy issues
A California iPhone developer, Storm8, has been accused of spying on iPhone owners, according to court documents. A lawsuit was recently submitted on behalf of Washington resident Michael Turner, charging Storm8 with several violations including breaches of contract, the California Computer Crime Law and the Computer Fraud and Abuse Act. On August 26th, says Turner, the company openly admitted that its games had been illicitly collecting phone numbers.
more
11/05, 3:45pm
Likely related to anti-jailbreaking efforts
Apple is looking to hire a new iPhone manager with significant responsibilities, observers note. In particular the company is now searching for an "iPhone OS Platform Security Manager," who will be responsible for a team securing the booting, installation and running of the firmware. The worker is also expected to help plot a roadmap for iPhone security, and bring at least three years of experience running a development team, plus hands-on knowledge in designing against hardware and software exploits.
more
11/05, 9:15am
New Mac anti-virus software protects files
Kaspersky has introduced Anti-Virus for Mac, a port of its long-running Windows and Linux software designed to cope with threats such as worms, Trojans and bots. Some features include e-mail and attachment protection, as well as download scans, and alerts on blocked files and programs. The software recognizes up to 30,000 threats; self-protection functions guard settings with a password, and attempt to prevent techniques from being modified or deleted.
more
11/03, 3:10pm
Exposes security vulnerability
A hacker in the Netherlands has attempted to extort several iPhone owners, reports say. The hacker is believed to have used port scanning to identify T-Mobile-branded phones running SSH, commonly used in jailbreaking techniques. Because many people do not change the default root password on jailbroken devices, the hacker was able to take control of iPhones, and send custom text messages warning them to visit a website in order to resecure their firmware.
more
10/28, 11:00am
Cuts off theoretical attacks
Mozilla has released Firefox 3.5.4, a minor but still significant update to its multi-platform web browser. The patch fixes 16 vulnerabilities, 11 of which are said to be critical. Among these are problems with third-party media libraries, the core and JavaScript engines, web worker calls, the GIF color map parser and the string-to-number converter.
more
10/28, 12:10am
Enhanced support for large image collections
Excel Software has announced an update to its project- and document-protection application, DocProtect 1.1. The program is designed to protect rights and prevent access to HTML projects, image collections, video and audio files, PDFs, and Excel spreadsheets for all non-licensed users. The latest version enables users to release and restore licenses between computers, while adding a new PDF-style subscription model for newsletter and magazine publishers.
more
10/27, 4:35pm
Includes Snow Leopard info
Open Door Networks has announced a set of upgrades for its DoorStop line of Internet security apps. At the center is DoorStop X Security Suite 2.3, which consists of an updated DoorStop X Firewall, Who’s There? Firewall Advisor, and the e-book Internet Security for Your Macintosh and iPhone. The suite has been expanded to include a Twitter stream, a series of bugfixes, and iPhone support in the integrated isfym.com blog.
more
10/27, 3:55pm
Software introduces remote data access
Agile Web Solutions has launched a public beta version of 1Password 3, an updated Mac login utility. The software saves passwords and other forms of personal identity for quicker insertion into web forms. Version 3's major addition is said to be inclusion of 1PasswordAnywhere, a feature which lets users remotely access information via a web browser. The update also adds 64-bit support for Snow Leopard, and a new user interface.
more
10/27, 1:10am
SecretBox 2 improves interface, adds features
App4mac has released a major upgrade to its data protection program for both the Mac and iPhone: SecretBox 2 is designed to create a database which can be used to store information such as credit card numbers, software registrations, and e-mail logins. New features in the Mac version include an upgraded user interface, additional support for syncing with the iPhone or iPod touch, and improved stability. Approximately 60 percent of the code s also said to be re-written to help enhance performance and security.
more
10/15, 4:50pm
Also supports Windows 7
CoSoSys has released a new version of Endpoint Protector 2009, its data-loss prevention and endpoint security application. The update adds support for Mac OS X Snow Leopard, along with the soon-to-be-launched Windows 7. Endpoint Protector is designed to protect confidential data, and provides tools for monitoring and controlling activities on other systems. File tracking lets users see copy sources and destinations, as well as determine which files can be copied.
more
10/13, 5:00pm
Works with Viper security systems
Viper has launched Viper SmartStart for the iPhone. The app works with Viper remote start systems to start a car, lock or unlock its doors, and open its trunk. It can also be used to find a car, or set off a panic alarm. The app can control more than one car, and allows for multiple users to control the same vehicle.
more
10/13, 10:40am
Anti-virus, anti-spyware for enterprise
Noting the rise of Macs in the workplace, McAfee has released Endpoint for Mac, allowing centralized anti-virus, anti-spyware and firewall control, as well as application protection. The software allows IT administrators to use the same basic security console that works with Windows machines for their Mac users.
more
10/07, 1:05am
Likewise Open 5.3, Enterprise 5.3 updates
Likewise has announced two new updates to its authentication software for Mac, Likewise Open 5.3 and Likewise Enterprise 5.3. The latest versions add support for 32-bit and 64-bit versions of Apple’s Snow Leopard operating system. Likewise Open is designed to connect Linux and Mac machines to a Microsoft Active Directory and authenticate users with their domain credentials.
more
09/28, 11:50pm
Security Essentials utility to be offered for free
Microsoft is set to launch its new anti-malware service, Security Essentials. The utility is designed to help protect systems against viruses, spyware or other maliciously crafted software. Following the same basic structure as third-party antivirus software, Microsoft's program runs in the background and alerts users as potential threats arise.
more
09/28, 9:15pm
Verizon internet security, online storage
Verizon has announced both a new Mac versions of its Verizon Online Backup and sharing software (VOBS) and its Verizon Internet Security Suite. With the storing and sharing app, users can back-up selected files and folders to their designated storage plan, and restore them at a later date. Users can also send or receive invitations which allow people to download or upload photos onto their storage space, for simpler sharing of music, videos, or files. The online storage plans range in size from 5GB to 250GB, with monthly fees starting at $2 and ending at $20.
more
09/28, 5:25pm
Part of criminal profit-making scheme
Macs are being deliberately targeted by a Russian hacking group, says Sophos security researcher Dmitry Samosseiko. The group is a subset of a larger criminal network known as the Partnerka, which normally turns a profit through spam promoting fake online drug vendors, and malware in the form of "scareware" anti-virus protection. The Partnerka have generally concentrated malware efforts on Windows users, who together represent the largest possible target.
more
09/21, 7:30pm
Protection tools for cross-platform enterprises
Trend Micro has released an update to Security for Mac, its threat protection software designed for enterprises. Version 1.5 features improvements to manual scan performance when using the Quick Scan utility. The Cocoa client user interface has been revamped, while enabling automatic registration with the server.
more
09/17, 12:35pm
Firewall adds web updates, other fixes
ProteMac has updated its network firewall, releasing NetMine 1.5. The Mac-based firewall can control all Internet and network access from Mac applications, limiting the possibility of attacks from network worms, trojans malware and viruses. It can limit any specified network traffic from reaching specified Macs. NetMine is a two-way firewall that can prevent the spread of Malware on a network.
more
09/15, 3:55pm
Feature requires specific set of actions
Apple has issued a clarification regarding the iPhone 3.1 firmware's anti-phishing capabilities. Released September 9th, the update includes a promised ability to detect phishing and malware sites while using Safari. Early accounts have shown inconsistent performance however, with some phones recognizing hazards, and others missing them completely. The behavior may create the impression that the feature is broken.
more
09/10, 8:15pm
Future iPods to get anti-theft technology?
A recent patent filing, submitted by Apple, describes an anti-theft system that utilizes acceleration data to detect if a portable device is stolen. Information from the accelerometer would be analyzed by a controller to determine if the particular direction and speed of movement indicates that a thief might be taking the device.
more
09/10, 6:30pm
Long list of vulnerabilities addressed
Apple on Thursday released security updates for Mac OS X v10.5.8 and v10.4.11, including the standard and Server editions. The updates resolve a variety of security vulnerabilities relating to maliciously crafted alias files, resource forks, image files, PDFs, scheduler requests and PixarFilm files, among others.
more
09/10, 5:15pm
Flash vulnerability addressed in latest Mac udpate
Apple on Thursday released Mac OS X 10.6.1, its first maintenance update following the recent Snow Leopard launch. The company has addressed a variety of compatibility issues involving Sierra Wireless 3G modems, interrupted DVD playback, automatic account setup in Mail, and Motion 4 problems.
more
09/09, 4:05pm
For both Mac and Windows systems
In tandem with iTunes 9, Apple has released QuickTime 7.6.4, a minor update to its signature AV playback software. The patch primarily fixes problems with H.264 and/or MPEG-4 playback, which exposed systems to crashes or arbitrary code execution. H.264 vulnerabilities were connected to memory corruption and heap buffer overflows, while an MPEG-4 flaw involved conventional buffer overflows.
more
09/09, 3:50pm
Security issues fixed in latest iPhone firmware
The latest iPhone firmware, announced during Apple's music-themed media event, addresses a variety of security vulnerabilities. Previous releases had allowed unauthorized use of a device after a timeout period configured by an Exchange administrator. The system now disables any "Require Passcode" values greater than the maximum inactivity time lock setting, eliminating the time gap.
more
09/08, 9:15pm
Disk Station Manager 2.2 improves performance
Synology has released Disk Station Manager 2.2, an update to its cross platform file-sharing and data storing app that was previously available as a beta program. The upgrade delivers new Surveillance Station 3 software, iPhone and Time Machine support along with a DLNA compliant media server for streaming multimedia digital content between a Disk station and DLNA home-compliant devices. System enhancements include improved HDD driver quality and compatibility, and a dynamic bad sector remapping and recovery function.
more
09/08, 11:50am
Windows 7 returns remote BSOD
(Updated with Microsoft advisory) Windows 7 when it ships next month will be vulnerable to an attack that hasn't been possible since 1999, a new vulnerability found by a security researcher shows. Sending a deliberately malformed network negotiation request can force a Windows 7 system into a page fault that triggers a "blue screen of death" error, even without the user's help in launching the code. The attack affects both 32-bit and 64-bit versions of the OS.
more
09/07, 10:30am
May close some common vulnerabilities
Beginning with two Tuesday updates, all future iterations of Mozilla's Firefox browser will check for at least some outdated plug-ins, the company has announced. Firefox 3.5.3 and 3.0.14 will both scan for the latest version of Flash, prompting users to visit a link where an updated plug-in can be downloaded. "For now, our focus is on the Adobe Flash Player both because of its popularity and because some studies have shown that as many as 80 percent of users currently have an out-of-date version," says Firefox security team member Johnathan Nightingale.
more
09/03, 6:15pm
iAntiVirus get four of five stars in review
MacNN has reviewed PC tools' iAntiVirus, rating the Mac virus protection software four out of five stars. It protects against Mac-based malware, keyloggers, viruses, Trojans, and other threats, while running in the background and available from a menubar. The software monitors the system and scans for prior infection. Users can also run immediate scans via drag-and-drop for individual files.
more
09/03, 5:40pm
iPhone GPS catches criminals
The iPhone’s GPS system has reportedly assisted yet another individual attempting to find and catch thieves, according to Mashable.com. An unidentified person living in Shadyside, PA, was held at gunpoint by two men demanding the victim's wallet, PIN numbers and iPhone. The robbed individual than used his computer and the iPhone’s GPS technology to locate the thieves and helped provide police with information necessary to capture the suspects.
more
09/03, 5:00pm
Several Java threats addressed via security update
Apple has released a Java update for Mac OS X 10.5.8 that addresses a wide range of security vulnerabilities. The most serious issue allowed untrusted Java applets to obtain elevated privileges after users visit a web page containing maliciously crafted code. The problem has been addressed for systems running Mac OS X 10.5.8 or 10.5.8 Server.
more
09/02, 8:50pm
Intego takes a closer look at OS X anti-malware
Mac security company Intego has taken a closer look at the limitations of Apple's new anti-malware features in the recent Snow Leopard update. The new security functions, noticed by developers shortly before the public release, alert users to malicious code found in downloaded files.
more
09/02, 3:40pm
ProteMac Meter 3.0 updated
ProteMac has released ProteMac Meter 3.0, updating the network activity monitor with a new interface, featuring real-time traffic summaries. The tool watches activity passing through all applications on a Mac, and keeps tabs on network connections, host availability, remote host names, timestamps and the amount of traffic. It presents views of total and app-specific traffic, and can send out user-tailored notifications.
more
09/02, 10:55am
S. Lep. security too weak?
Apple has still left considerable gaps in Mac security, despite advances in Mac OS X Snow Leopard, say some security experts. The OS is said to have several protection advances over Leopard, most notably a built-in anti-virus scanner, perhaps the first concrete admission from Apple that Macs are now vulnerable to malware. The tool scans content received through apps like Safari, Mail and iChat, and can also check signatures to determine whether a file has been altered since its creation.
more
09/01, 11:35pm
Opera 10 update
Opera Software has introduced the latest version of its web browser, Opera 10. Three main features in the update include an enhanced browser interface, a new compression technology for dealing with slow network speeds, and improvements to the browser tabs. With the added network support the browser is capable of compressing pages to lower the amount of data transferred, and increase the users browsing speed. For the browser tabs users can now view full thumbnails of all their open tabs, as well as customize the size of the tab bar by pulling down or double clicking on the handle.
more
09/01, 5:15pm
SignalScope, R10cipher
KavaMovies 1.4 ($35) is a movie database application that allows users to organize the movies they have seen, the ones they want to see and those that are a part of their collection. The application also connects to the internet to obtain extra information about each movie such as actors, directors, genres and more. The latest update adds a new favorites browser and has been optimized to run under Snow Leopards 64-bit architecture. The move to 64-bit should also result in improved interface performance and database access speeds. [Download - 4.6MB]
more
08/28, 6:20pm
Controversial web bill
A proposed bill has Internet companies and civil liberty groups in a huff, as it would grant the US President the power to cut off private-sector users from the Internet during cyber security emergencies. The 55-page S. 773 bill (pdf), months in the making behind closed doors, is vague in its wording, but does suggest private Internet networks could be taken over by specially licensed individuals in the government.
more
08/28, 10:25am
New notebook border rules
US lawmakers have introduced new measures regarding searches of notebook computers entering the US, according to a Friday report. The revised rules attempt to address concerns regarding violations of privacy and Constitutional rights. The Department of Homeland Security (DHS) maintains such searches are necessary to fight potential terrorism plots, child pornography and copyright infringement. Air travelers with notebooks are often asked to power up their devices to ensure they are what they appear to be, with some incidents going on to more in-depth searches of hard drive content.
more
08/25, 10:50pm
User's MobileMe hacked
Philp Hayes, a self-declared IT expert, claims his MobileMe account was hacked. The user asserts that hackers accessed his account, changed the password and made a €55 PayPal purchase from RapidShare. The blog entry lends insight to the way Apple reps communicate with each other, suggesting those that assisted Hayes used iChat and prompted him to also chat online via an Apple Support page.
more
08/25, 9:15pm
Snow Leopard antivirus
The upcoming Snow Leopard update reportedly contains new anti-malware functionality, according to the Mac security company Intego. A number of beta testers have noticed a new warning screen that alerts users to malicious code. A leaked screenshot shows an alert dialog for an RSPlug Trojan contained in a disk image downloaded through Safari.
more
08/25, 9:40am
New 'Get a Mac' TV ads
Apple has produced two more TV ads as part of its long-running "Get a Mac" campaign, touting the advantages of Macs over Windows PCs. The new commercials are primarily negative, accusing PCs of being subject to many more virus attacks than Macs. The first spot, "Surprise," has PC (John Hodgman) disguise himself as Mac (Justin Long), and insist to a computer buyer that PCs are very reliable.
more
08/24, 10:45pm
ContactCrypt iPhone app
SMobile Systems has released ContactCrypt 1.6, an iPhone app that provides an extra layer of security for sensitive information such as contacts. Unlike apps that simply store passwords, ContactCrypt specifically encrypts contact names, addresses, account numbers, phone numbers, e-mail addresses and more. The app is claimed to prevent unauthorized bypass of the iPhone's breakable encryption methods.
more
08/20, 3:25pm
Voila, Skeiron
Wallet 3.1 ($20) is a storage application that allows users to keep track of contacts, passwords, serial numbers and credit cards. Wallet stores and organizes the information and encrypts data using 256-bit AES encryption to make sure the data is safe. The v3.1 update includes WebDAV sync support along with an improved password generator and a new keyboard shortcut for the menubar application. Snow Leopard support has also been added and syncing is said to now be more reliable. [Download - 3.4MB]
more
08/18, 3:15pm
SecuritySpy 2.0 released
Ben Software has released v2.0 of its surveillance utility, SecuritySpy. The application is used to manage surveillance cameras, and catalog recorded security footage. The latest version includes support for audio recording from Axis and Panasonic network cameras, along with Axis video servers. The update also uses OpenGL graphics acceleration, and can play audio back in real-time.
more
08/18, 11:55am
Apple and iPhone Mail bug
Apple is already fully aware of a critical security flaw in the iPhone Mail client, according to an inside source. The source claims to have proof of the fact, and suggests that Apple will probably fix it with the release of the iPhone 3.1 firmware. Temporary remedies may including rebooting a phone, loading messages several times, or simply waiting long enough.
more
08/17, 4:40pm
iPhones more vulnerable?
iPhones may be more susceptible to Internet-related threats, a recent Trend Micro survey suggests. The study is based on 1,000 smartphone users 18 years or older, and seeks to shed light on public beliefs about smartphone security. According to the survey, when compared with other smartphone users, iPhone owners generally use their phone's web browser more, and spend more time shopping online, visiting media-sharing websites, and sending and receiving larger quantities of e-mail, which can often involve URLs they click on. Malicious hackers and scammers may be drawn to the iPhone due to this fact, says Trend Micro.
more
08/17, 2:35pm
iPhone 3.0 mail security
A potential security issue in the iPhone 3.0 firmware has surfaced via a YouTube video. The bug allows users to view previously-deleted e-mails, by searching for the title of a deleted message. The results screen displays two copies of the message; when either is selected for the first time, Mail crashes. When the messages are selected a second time however, an iPhone will either display the original text, or a warning saying "This message cannot be displayed because of the way it is formatted."
more
08/14, 1:55pm
China holds on web filters
The Chinese government has relented in its plans to impose web filtering software on computers, a statement from the country's industry and technology minister suggests. Li Yizhong claims that the Communist Party will "absolutely not" force installation of Green Dam-Youth Escort on every computer sold in the country, despite the fears of both corporations and political dissenters. Nominally meant to block pornography, critics have claimed that the software could easily be used to extend censorship beyond current network filtering techniques.
more
08/12, 4:50pm
Mac OS X security udpate
Apple has released Security Update 2009-004 for systems running Mac OS X 10.5.8 and v10.4.11, including Server editions. The fix comes just a week after the company's last update which contained a longer list of corrected vulnerabilities. The current update addresses an issue relating to the Domain Naming System server. A remote attacker could potentially create a malicious update message to interrupt the BIND service.
more
08/11, 4:25pm
Apple's Safari 4.03 update
Apple on Tuesday released Safari 4.03, an update to its cross-platform browser. The company says the "update is recommended for all Safari users and includes improvements to stability, compatibility and security including, (1) stability improvements for webpages that use the HTML 5 video tag; (2) fixes an issue that prevented some users from logging into iWork.com; and (3) fixes an issue that could cause web content to be displayed in greyscale instead of color."
more
08/11, 3:25pm
Mac Trojan spotted
TrendMicro has spotted another Domain Naming System (DNS) Trojan targeting Mac systems. The malware, known as OSX/Jahlav-D, masquerades as a MacCinema Installer. Users are prompted to update QuickTime Player by downloading a QuickTimeUpdate.dmg file.
more
