AAPL Stock: 118.3 ( + 0.49 )

Subscribe to this page now.

Adobe updates Flash Player to fix 'actively exploited' flaw

06/24, 1:55pm

Exploit targets professional-industry users through phishing emails

Adobe on Wednesday has released an emergency patch for its Flash Player browser plug-in due to a critical flaw that is being actively exploited in the wild. Flash Player and earlier for Windows and Macintosh systems are affected by the issue, as is version for Linux 11.x versions. The attack, called APT3 for the China-based organization from which it originates, uses spam "phishing" emails targeted at industry professionals to gain credentials used to steal intellectual property data.


New Mail bug could post phishing messages as iCloud pop-ups

06/10, 2:28pm

Proof-of-concept code posted to Github after Apple fails to close hole

As part of a slew of recent security flaws found in Apple's two operating systems (most of which, it should be noted, are either not serious or are remarkably unlikely to become common), a security researcher has turned up an issue in the iOS Mail app that has the potential to become a widespread problem. As a result, users should be wary of any ">pop-up dialogue boxes in iOS Mail that ask for the user to re-login to a given email service.


ICANN servers accessed following 'spear phishing' attack

12/18, 7:09am

Personal data, files of ICANN CZDS users accessed by hackers

The Internet Corporation for Assigned Names and Numbers (ICANN), the organization which allocates IP addresses and oversees the use of domain names, has been the latest high-profile victim of hacking. The non-profit confirmed its systems were accessed by unauthorized individuals earlier this month, following a "spear phishing" attack in late November.


States launching independent investigation of JP Morgan Chase hack

10/04, 7:59am

Scope of theft makes consumer protection agencies wary of uptick in phishing

Despite JP Morgan Chase claiming that it isn't seeing enhanced fraud activity, two states have launched an investigation of the event that caused the reveal of 76 million household's information, with the promise of more to come. A recent regulatory filing showed the leak, with customers' names, addresses, phone numbers, and email addresses stolen -- the bank, however, claims no financial information was stolen.


Follow-up: EA compromised site used in Apple ID scam shut down

03/19, 11:28pm

Vulnerability shut down, but fooled visitors into providing info

Late Wednesday afternoon, Electronic Arts reported that it had finally closed a serious vulnerability on its web servers that allowed hackers to host a fake "Apple ID" page -- part of a phishing scam that attempted to trick users into visiting the fake page and supplying personal information and credit card details that Electronista reported on earlier today. Netcraft, which originally spotted the compromised pages, reported the problem to EA on Tuesday night.


EA server used in Apple ID phishing scam, claims security firm

03/19, 2:40pm

Compromised EA server used to collect Apple IDs, personal information

A web server owned by game publisher Electronic Arts has been compromised and used in a phishing attack against users of Apple services, a security firm has claimed. The server, apparently used to host a calendar under the domain, is said to be used to try and acquire the Apple ID credentials of potential victims by posing as an account verification site.


Webroot updates SecureAnywhere antivirus with phishing protection

10/07, 10:09am

More uniform cross-platform interface, offers iOS, Android security

Webroot has launched the latest versions of its SecureAnywhere range of home computer security suites. The new Webroot SecureAnywhere Antivirus, Internet Security Plus, and Internet Security Complete adds new detection technology for protecting against new malware and phishing attacks, along with a redesigned interface for easier monitoring.


New phishing scam plays on Apple Dev Center downtime

07/25, 7:00pm

Tries to trick users into changing passwords on false site

A new flood of phishing emails have been spotted by readers and Twitter users that ask Apple owners to log in and change their password so they can "get back into your Apple account," possibly a reference to the recent Developer Center downtime that has locked most developers out of their accounts while Apple overhauls security for the services. The emails thus far contain the usual poor spelling, grammar, phrasing and other flaws that immediately mark them out as scams, but may still trick some unwary users or impatient developers trying to gain Dev Center access.


Dozens of carriers vulnerable to smartphone security exploit

05/21, 3:46pm

Carrier security feature opens door to phishing

Smartphone users on at least 48 cellular carriers may be vulnerable to traffic hijacking and phishing attacks, according to researchers from the University of Michigan. A paper to be presented this week at the IEEE Symposium on Security and Privacy alleges that researchers were able exploit a carrier security feature to hijack connections to Facebook, Twitter, Windows Live Messenger, and the AdMob advertising network, and to spoof traffic for banks and financial institutions.


Phishing scam targets MobileMe users

12/19, 11:00pm

Latest variation making the rounds

Though most Mac users already know never to send their login information for any site in response to an e-mail (often posing as the user's bank, brokerage firm, Apple or other name-brand internet companies), variations on the phishing e-mail continue to pop up, particularly just before and after Christmas. The Mac Observer's Bryan Chaffin reports getting a new one specifically aimed at MobileMe users.


Camino 2 adds tab overview, phishing and malware protection

11/18, 6:55pm

Flash blocking improved with new features

The Camino Project has released an update to its self-titled browser for Mac OS X. Version 2.0 adds a tab overview feature that allows users to quickly browse all open tabs in a layout preview. Tabbed browsing has also been improved with drag-and-drop rearranging, a scrollable bar, and a dedicated menu listing all of the open tabs.


MobileMe users targeted in spreading phishing scam

02/27, 3:35pm

New MobileMe scam

MobileMe subscribers are again being targeted in an updated phishing scam, investigation reveals. Similarly to earlier attempts, the scam beings with an e-mail, prompting people to update their credit card information in advance of an upcoming renewal date. A link is provided to log into MobileMe, but in reality it guides users to a different domain -- "" -- which spoofs the design of the Apple online store, and tricks unwitting visitors into sharing credit card data.


Another MobileMe credit card phishing scam surfaces

09/23, 5:25pm

MobileMe phishing scam

Malicious users are again targeting MobileMe customers with a phishing ploy geared towards obtaining credit card information. According to UGN InfoManager, the scam comes in the form of a billing verification email from Apple, which leads users to an official-looking website. The site is hosted on a fraudulent web server, the domain name being, despite the visual resemblances to Apple's MobileMe account page.


iPhone has phishing, spamming flaws

07/23, 5:55pm

iPhone open to Phishing?

Security researcher Aviv Raff says the iPhone versions of Mail and Safari are vulnerable to URL spoofing, an exploit that could open the door to phishing attacks. Raff says hackers can e-mail specially-designed URL that links to a site that appears to be legitimate. A user might think it is a trusted site like Pay Pal -- but instead the bogus site steals passwords and other information when the user tries to log on. The maliciously crafted URL is (erroneously) recognized by Safari as a "trusted site."


New phishing scam targets Apple's iTunes users

05/20, 10:40pm

Apple iTunes targetted

Apple's widely recognized iTunes is being used to lure users to a phishing scam that could allow hackers to obtain private credit card and personal information. The world's most popular music store is being used as part of a series of sophisticated identity theft attacks for the first time, a security company noted on Tuesday. The Computerworld report says that users began receiving spam email messages on Monday telling them that they must correct a problem with their iTunes account; however, the link leads to a third-party site masquerading as an iTunes billing update page: "that phony page asks for information including credit card number and security code, Social Security number and mother's maiden name," the report noted.


Safari not secure against phishing, says PayPal

02/28, 1:50pm

Safari vulnerable to phish

PayPal warns its members to avoid using Safari when making transactions, since it has a distinct lack of protection against phishing the act of coaxing a user to click on a false link on a false web page for malicious purposes. PayPal users are typical targets for phishing attempts, where the page asks users for their personal login information. Once this information is collected, malicious users have free reign over a compromised PayPal account.



Connect with Us

FREE Apple, iPhone and Mac Newsletter

  • We will not share your email address with anyone.

    Follow us on Facebook


    Most Popular


    Recent Reviews

    Ultimate Ears Megaboom Bluetooth Speaker

    Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

    Kinivo URBN Premium Bluetooth Headphones

    We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

    Jamstik+ MIDI Controller

    For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


    Most Commented