toggle

AAPL Stock: 106.98 ( -0.36 )

Subscribe to this page now.

Report: Eight high-profile sites hit by browser exploits last week

08/27, 11:45pm

Security firms says malvertising hit sites such as Java, DeviantArt and Photobucket

A "malvertising" campaign made the rounds last week hitting at least eight high-profile websites according to security firm Fox-IT. The firma noticed that the sites were redirecting their visits to other places, allowing it to discover that sites were using vulnerabilities in software like Java and Flash to inject malicious programs. The purpose of the "malvertising" was to infect machines with botnet malware involved in boosting advertisement clicks.

more

Sony removes another PSN title over PS Vita exploit

04/23, 3:25pm

Sony pulls PSP game to stop more PS Vita hacks

Sony has removed Super Collapse 3 from the Playstation Store after the title was found to be vulnerable to a PS Vita exploit. The company removed the game from the store 24 hours after the exploit was noted on the Wololo.net blog, weeks after the same vulnerability was discovered in Motorstorm and Everybody's Tennis.

more

Skype for Android exploit allows grabbing of personal info

04/15, 6:20am

Skype for Android contains serious vulnerability

Users of Skype for Android have been left vulnerable to a code exploit that allows a hacker to access a user's personal information. The proof of concept exploit uncovered by Android Police would allow a hacker to deploy a rogue app in the Android Market that, once downloaded, would allow access to a Skype userís full name, date of birth, city/state/country, home phone, office phone, cell phone, email addresses, bio and other details. The vulnerability appears to be the result of left over files that contain improper permissions, which allows anyone or any app to read them.

more

iPad 2 already jailbroken

03/14, 5:40am

@Comex strikes again with new exploit

Renowned iOS hacker @Comex has posted photographic proof that he has already jailbroken the just-launched Apple iPad 2. According to @Comexís Twitter feed, previously used iOS exploits were locked down and he had to use a new exploit to get around the new measures. The details of the hack have not yet been made public, although he is already working towards releasing the hack for the public.

more

New Mac OS X Trojan horse identified

06/20, 8:40am

Mac OS X Trojan found

Multiple variants of a new 'Trojan Horse', designed to allow a malicious user complete remote access to a Mac OS X system have been discovered in the wild earlier this week according to makers of Mac anti-spyware and anti-virus solutions SecureMac. Dubbed 'Applescript.THT Trojan' and disguised as an application bundle called 'AStht_v06' (3.1MB in size), the malware seemingly originated, and is distributed via a 'hacker' website, as well as Limewire and iChat. Post system infiltration, the malicious script can reportedly "log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing". A 'copy cat' program based on the OS X Remote Management exploit was discovered earlier this week.

more

Anti-hacker features added to QuickTime

04/08, 2:15pm

QuickTime security

Apple's recent QuickTime 7.4.5 release includes exploit prevention mechanisms designed to block attacks from hackers, according to a recent report from eWeek. QuickTime for Windows Vista now features ASLR (address space layout randomization), technology that randomly arranges key data addresses to prevent developers of malware from predicting targets. ASLR is already used by Mac OS X Leopard to reduce the effectiveness of exploit attempts.

more

Code crashes Safari in iPhone 1.1.4, fixed for Mac/PC

03/19, 12:30am

Code crashes iPhone 1.1.4

A new exploit has surfaced for the iPhone's Safari browser that, while drawing parallels to an earlier issue, requires no user input to function. According to iPhone World, the vulnerability is triggered by previously conceived code that has been refined in the above manner. The issue affects firmware version 1.1.4 iPhones, and presumably previous versions. Safari on the Mac and PC were also affected by this vulnerability, but it was recently fixed in Safari 3.1, released today.

more

Hacker unlocks iPhone 1.1.2 via new exploit

02/08, 12:10pm

New iPhone 1.1.2 unlock

An iPhone hacker has discovered a new way to unlock Apple's iPhone firmware version 1.1.2 without the need to downgrade to a prior firmware revision and then re-upgrade after unlocking the device. The unlock technique relies on a bug that allows hackers to erase the contents of memory within a range of specific addresses, coupled with a second bug that allows users to copy data before validation occurs.

more

iPhone denial-of-service bug surfaces

02/07, 11:25am

iPhone DoS surfaces

An exploit for Apple's iPhone has surfaced that can crash the device when unsuspecting users visit a maliciously crafted Web page. SecurityFocus notes that successful attacks cause a kernel panic, crashing the iPhone which could ultimately lead to remote code execution. The firm states that iPhone firmware version 1.1.2 and 1.1.3 are both affected, and suggest that other versions may also be vulnerable.

more

QuickTime exploit circulates on Web

11/30, 1:20am

QuickTime 7.2 exploit

Symantec has notified DeepSight customers that a bug in QuickTime's Real Time Streaming protocol can lead towards the execution of malicious code on any computer running QuickTime 7.2 or later, and that a working proof-of-concept set of code being circulated on the internet. Computerworld reports that the bug was originally posted on milw0rm.com, and that the exploit code had worked when tested against Windows XP and later in Vista. Mac OS X 10.4 Tiger and 10.5 Leopard are said to be vulnerable as well, but took considerably more time for researches to craft a reliable, working exploit.

more

MacNN Sponsor

MacNN Newsletter

FREE Apple, iPhone and Mac Newsletter

  • We will not share your email address with anyone.

    toggle

    Most Popular

    MacNN Sponsor

    Recent Reviews

    Tablo DVR

    With over-the-top content options growing past Hulu and Netflix, consumers may be finding it harder to justify paying a monthly fee fo ...

    Sound Blaster Roar Bluetooth speaker

    There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bring ...

    Kenu Airframe Plus

    Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this ...

    toggle

    Most Commented