Apple acknowledges iOS 10 security flaw that reduces security for iTunes-based backups

Posted by:
Date: Monday, September 26th, 2016, 05:50
Category: Hack, iOS, News, security, Software

ios10logo

Well, this is why they invented bug fixes and updates.

A new discovery by iOS and security forensics company Elcomsoft has revealed that encrypted iOS backups saved via iTunes are now much easier to crack in iOS 10 than in recent years. The change in security is apparently due to a new password verification method in iOS 10.

The discovery focuses on the backup method, which in iOS 10, apparently “skips certain security checks” that were present in past versions of iOS. This allows passwords to be attempted signficnatly faster than before. The new backup method works alongside the old back up method, meaning that for pre-iOS 10 backups, the old method is used.

(more…)

Apple releases Security Update 2016-001 for OS X Yosemite, El Capitan users

Posted by:
Date: Friday, September 2nd, 2016, 05:55
Category: News, security, Software

blog_basic-computer-security-tips_132796727-806x393

Because security updates are a good thing.

On Thursday, Apple released Security Update 2016-001 for users of OS X 10.10 Yosemite and OS X 10.11 El Capitan. The fix covers assorted zero-day exploits that could allow full access to a device and updates Safari to version 9.3.5 to patch security holes in the browser as well.

The exploits require the user to open a URL from an SMS message, which then executes remote binary files in the OS that dig into the kernel and allow unauthorized software to be installed—in iOS this effectively jailbreaks your device behind your back.

(more…)

Transmission BitTorrent client found to be spreading OS X/Keydnap malware

Posted by:
Date: Wednesday, August 31st, 2016, 05:27
Category: macOS, News, security, Software

transmissionicon

The malware beast raises its head once again.

Transmission, a popular BitTorrent client, has been discovered to once again be distributing Mac-based malware under version 2.92, months after it was used to spread a strand of ransomware.

Researchers at security firm ESET have been following a malware called OSX/Keydnap, which can steal passwords, and noticed that it was spreading through Transmission’s official site.

As of now, a version of Transmission containing the malware is in the wild according to ESET.

(more…)

Dropbox resets passwords for users who haven’t logged in since mid-2012

Posted by:
Date: Monday, August 29th, 2016, 05:56
Category: Archive, security, Software

dropboxlogo

It’s a bit of a strong measure, but Dropbox decided to take it.

On Friday, Dropbox required users who hadn’t logged in since mid-2012 to change their account passwords. The company stated that this was a preventative measure and that this wasn’t an indication that accounts had been improperly accessed.

They concluded by apologizing for the inconvenience.