Apple

The H-Security: Business appears to be booming for those who trade in unpatched (zero-day) security holes: according to a report by Forbes magazine, a US company that works for the US government recently paid $250,000 for a vulnerability in Apple’s iOS operating system. The report says that the deal was arranged by a hacker who goes by the name of “the Grugq” and who has brokered agreements between those who discover vulnerabilities and government agencies over the last year....

SophosLabs: Only hours after the launch of Apple’s newest iPad we are beginning to see spammers trying to use the excitement over its release to ensnare innocent people into their scams. The scammers are sending out emails with the subject “Where do we send your Free iPad 3, just Test & Keep! See details”. The email contains an image with the text “TEST & KEEP an iPad 3 FREE – Click here”....

Apple has released version 5.1.4 of its Safari web browser for Windows and Mac OS X. According to the company, the maintenance and security update addresses more than 80 vulnerabilities. The update also includes includes various stability and performance improvements as well as fixes for other non-security related bugs. A majority of the security holes closed in 5.1.4 were found in the WebKit browser engine used by Safari. These include several cross-site scripting (XSS), cross-origin and HTTP authentication problems, as well as numerous memory corruption bugs that could be exploited by an attacker, for example, to cause unexpected application termination or arbitrary code execution....

It is widely anticipated that Apple will announce a new version of its iPad tablet computer in San Francisco on March 7th. An invitation sent to journalists, inviting them to an event organized by Apple, has fueled speculation even further as it appears to show a close-up of someone using an iPad. Could it be the new iPad with a much lusted for improved display and souped-up processor? Only time will tell....

The H-Online: Google and other advertising companies have been found to be deliberately evading the privacy controls of Apple’s Safari browser. The evasion was revealed in a report in the Wall Street Journal and was based on work by Stanford researcher Jonathan Mayer. He found that the “+1” button code added to DoubleClick advertisements also allowed a Google DoubleClick tracking code to be installed on desktop Safari on 22 of the top 100 web sites....

The H-Online: A developer preview of Mac OS X 10.8 is now available to registered Mac developers after Apple announced the new version, named Mountain Lion, and previewed a number of its features. Among those features is Gatekeeper which Apple says “helps prevent you from unknowingly downloading and installing malicious software”. The Gatekeeper feature has three levels of security for running applications downloaded from the Internet; “Mac App Store”, “Mac App Store and identified developers” and “Anywhere”....

The H-Security: Apple has released Mac OS X 10.7.3 and, for Mac OS X 10.6.8 Snow Leopard users who have yet to upgrade to Lion, Security Update 2012-001; these maintenance and security updates addresses a number of vulnerabilities in the company’s desktop and server operating systems. According to Apple, the updates close more than 50 holes, many of which could be exploited by an attacker to, for example, remotely execute arbitrary code on a victim’s system, gain access to private information or cause a denial-of-service (DoS)....

SophosLabs: A fascinating new example of Mac malware has been discovered, that appears to be adopting an old Windows-style disguise to fool users into running it. Despite the numerous times that cybercriminals have created boobytrapped PDF files that exploit vulnerabilities to infect unsuspecting users, many people still think that PDF files are somehow magically safer to open than conventional programs. The OSX/Revir-B Trojan plays on this by posing as a PDF file....

Business Insider: A new poll in France says 7 out of 10 people think Microsoft did more to change the world than Apple. We think we would have similar results in other countries, if only because a lot more people (still!) use Microsoft products than Apple products, at least for personal computing which is (still!) the most important part of computing. It’s hard to see a mention of Steve Jobs without the worlds “change the world” or “changing an industry....

SophosLabs: Steve Jobs has now done what many of us thought would happen sooner or later – stepped off the very prestigious CEO plinth, taking a less taxing role as chairman of the Apple board. The new CEO will be Jobs’ right-hand man Tim Cook. Despite Jobs having been on medical leave since January this year, the markets were all a tumble once the news of his resignation hit the markets, with Apple share prices dipping at one point by 5%....