Computer Security Articles

Panda Security believes that as Apple gains market share cybercriminals will find targeting Mac users to be financially viable. The tipping point is almost upon us; hence Panda Antivirus for Mac.

View full post on PCMag.com Security Coverage

PandaLabs has warned of a spam scam involving genuine looking Apple iTunes Store receipts.

View full post on Network World on Security

Motorola has filed two patent lawsuits and a patent complaint with the U.S. International Trade Commission (ITC) alleging that a wide range of Apple products infringe its patents.

View full post on Computerworld Security News

PC Magazine – PandaLabs said Monday that the company has discovered fake iTunes receipts that have begun to be sent to users in an attempt to steal personal details.

View full post on Yahoo! News: Security News

PC World – The jailbreaking of Apple TV, days after shipping, is no surprise. The real delight will come in the weeks and months ahead, as hackers and developers start figuring out what to do with Apple’s liberated set-top box.

View full post on Yahoo! News: Security News

Earlier in the month, we reported on rumors that since the Apple TV runs iOS just like as the iPhone, iPad, and iPod Touch, it should be possible to jailbreak it. But there was no indication if how and if it could seriously be done, due to the Apple TV’s limited storage capacity.

View full post on Network World on Security

In September 2010, Symantec observed a phishing Web site that spoofed the Apple brand by mimicking the “My Apple” Web site of the Apple Store. The legitimate Apple Store Web site provides customers with latest Apple news, software updates, and information on Apple products and services.

The phishing site prompted customers to update their profile information , purportedly so that they may continue to receive updates and news from Apple. The heading of the page stated “Complete the fields below, then click the Continue button to save”. The sensitive information requested was the Apple ID, password, customer’s name, credit card CVV number, and contact details. After the required information was entered and the “Continue” button was clicked, the phishing site returned an error message stating “Your session has timed out after a period of inactivity. Please return to the Store Menu to continue shopping”. The phishing site then redirected the victim to the legitimate Apple Store Web site which created the illusion that a common error had occurred. This way, the victim may not notice that the information had already been given to the phishing site; the fraudster would have successfully stolen their information for financial gain.

The phishing site was hosted on a free Web-hosting site located on servers based in Canada. Although the domain name was a free Web-hosting domain, the phishing URL may appear to be legitimate at first glance due to the use of certain keywords that make the phishing URL resemble the legitimate URL. Below is an example:

hxxp://store.apple.*****.com/5.0.16.9.5.7.1.5.1.htm?store.apple.com [Domain name removed]

Internet users are advised to follow best practices to avoid phishing attacks. Here are some basic tips for avoiding online scams:

•    Do not click on suspicious links in email messages.

•    Check the URL of the website and make sure that it belongs to the brand.

•    Type the domain name of your brand’s website directly into your browser’s address bar rather than following any link.

•    Frequently update your security software, such as Norton Internet Security 2011, which protects you from online phishing.

Thank you to the co-author of this blog, Ravish Bagul.

View full post on Symantec Connect – Security Response – Blog Entries

Adobe Systems and Apple released security updates Monday, including a critical Adobe Flash Player fix for a flaw that had been used in cyberattacks.

View full post on Network World on Security

Users of Mac OS X 10.6 Snow Leopard have a minor security fix waiting for them in Software Update.

View full post on Network World on Security

Pop singer Lily Allen is reportedly suing Apple over a hacked laptop.

View full post on Network World on Security

PC World – You can jailbreak your iPhone, your iPod Touch, and your iPad, but what about your brand new Apple TV? A product reference found in Apple’s iOS is, in reality, the new AppleTV according to The Unofficial Apple Weblog (TUAW), which confirms that Apple’s new media streaming gadget is, indeed, an iOS device.

View full post on Yahoo! News: Security News

Digital Trends – A previous peek at Apple’s iOS 4.2 beta hinted at a mysterious iProd2,1 product, which now appears to be the newest Apple TV according to The Unofficial Apple Weblog. For diligent hackers, jailbreaking the Apple TV just got a little easier, since iOS 4.2 was hacked only a few days ago.

View full post on Yahoo! News: Security News

Apple patched a critical vulnerability in QuickTime on Wednesday that was reported to the company by a bug bounty program months ago.

View full post on Computerworld Security News

Apple has released QuickTime 7.6.8 for Windows, fixing 2 vulnerabilities limited to the Windows version.

The first was the famous (in some circles) ‘_Marshaled_pUnk’ vulnerability. Apple had left this value in QuickTime for Windows as a valid parameter, but removed the code to handle it. This allowed an attacker to place their own code to run. See just below for a demo of the vulnerability in action.

The second is described as “Viewing an image in a maliciously prepared directory may lead to arbitrary code execution.” What it seems to be is the Windows malicious DLL loading problem as implemented in the QuickTime Picture Viewer. Apple removes the current working directory from the search path to fix the bug.

View full post on Security Watch

Apple on Thursday relaxed restrictions on the development tools developers can use to create iOS apps, and published its “App Store Review Guidelines,” which outlines how the company reviews apps.

View full post on PCMag.com Security Coverage

As expected, Apple today released the iOS 4.1 update for its iPhone and iPod Touch and patched two dozen security vulnerabilities in its mobile operating system.

View full post on Computerworld Security News

Apple has disclosed that iOS 4.1, recently released with a new generation of hardware and just now being pushed out to existing users, fixes 24 vulnerabilities in earlier versions of the operating system, including 20 in the WebKit browser engine.

17 of the WebKit vulnerabilities and 2 of the other 4 are critical remote code execution vulnerabilities, which typically allow the user to be exploited simply by visiting a malicious web site (or an iframe injected into a legitimate web site).

There is no word on how many of these vulnerabilities affect WebKit on other platforms. The two WebKit vulnerabilities fixed yesterday in Safari on Windows and OS X are not on today’s list for iOS.

View full post on Security Watch

Apple yesterday patched three vulnerabilities in Safari, including one in the Windows version that quashed a bug Microsoft said individual developers had to fix themselves.

View full post on Computerworld Security News

– John Bambenek bambenek at gmail /dot/ com

(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.

View full post on SANS Internet Storm Center, InfoCON: green

Hewlett-Packard swooped in with the better bid to overtake Dell and win 3Par, so now we can all sit back and wait for the next acquisition battle to roll around. Meanwhile, Apple debuted updated iPods and Apple TV to entertain us, among other IT news stories of the week.

View full post on Computerworld Security News

A critical bug in QuickTime was reported to Apple two months before a second researcher independently revealed the vulnerability this week, the director of a bug bounty program said Friday.

View full post on Computerworld Security News

One of the big stories in Apple’s recent announcements was a new social network based in iTunes called Ping.

It’s probably early to draw too many conclusions about Ping, but according to Chet Wisniewski at Sophos one thing is clear: they didn’t think too long about comment spam on the service: “……less than 24 hours after launch, Ping is drowning in scams and spams.“

So I signed up for Ping myself and followed a few of the people Ping recommended to me. Seconds later I found my first comment spam:

Wisniewski: “Coincidentally, the most common spam on Ping at the moment targets Apple itself. The attacks are nearly identical to survey spams we have blogged about on Facebook, Google and Twitter.” Obviously this agrees with my experience.

He also notes that it’s trivial to create fake accounts on Ping since there’s no hard authentication. Techcrunch also notes this phenomenon, pointing out that while Facebook and Apple are spatting about Ping, a fake Mark Zuckerberg is signed up for the new service.

View full post on Security Watch

A vulnerability/backdoor in Apple Quicktime has been announced, and we are keeping an eye on it.
Cheers,

Adrien de Beaupr

EWA-Canada.com

(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.

View full post on SANS Internet Storm Center, InfoCON: green

Yesterday we received reports about a flaw in Apple's QuickTime player. According to the reports, this flaw can potentially allow an attacker to exploit the user's machine through the browser by making it run arbitrary code without user interaction – a classic drive-by vulnerability.

Following a blog post by Ruben Santamata, the flaw apparently stems from the vulnerable file QTPlugin.ocx, which is part of the default QuickTime installation. According to the analysis, the flaw affects the latest version of QuickTime (7.67.75.0), as well as older versions of 7.x and 6.x.

The DLL file (QTPlugin.ocx) that holds the reported vulnerability is an ActiveX control used by Internet Explorer. Thus,  the vulnerability applies only to that browser, not to any other browser.
 

We are currently looking into this report and are doing more analysis. We have also started searching for any malicious code on the Web that might emerge and take advantage of this vulnerability. Our customers are protected from attacks that use this vulnerability by ACE, which includes our generic shellcode analytics.

It's certainly not the first time that QuickTime has suffered from such vulnerabilities. One of the latest was CVE-2010-1799, which Apple has already managed to patch near the start of August.

We'll keep you updated on any developments.

View full post on Security Labs