Security

Apple has issued the latest update to its Mac OS X operating system, bringing Snow Leopard users up to Mac OS X 10.6.5. Enhancements include improved Microsoft Exchange reliability, and a variety of performance and stability improvements. But what’s probably most interesting to you is that the update also includes important security fixes. Well over 100 different vulnerabilities are reportedly patched by Mac OS X 10.6.5 – if you want to see the gory details (or at least, those details which Apple is prepared to make public) view their knowledgebase article. ...

Oh look, Microsoft is late to the party again? They are finally launching full-session SSL encryption to Hotmail a mere 2 years after Google did the same thing for Gmail. It looks like the release of FireSheep really has had an impact on web-application vendors due to the amount of mainstream media coverage it got and the sheer number of downloads. At least they are doing something and I hope more vendors follow and give users an option to force full-session HTTPS connections for all web properties. ...

With the expanding amounts of storage available on cell phones, mp3 players, digital cameras, and gaming devices it’s no surprise that malware is increasingly being transmitted over USB. avast! Software is reporting that out of 700,000 attacks reported by its Community IQ system in October, one in eight were exchanged over USB connections. “Cyber-criminals are taking advantage of people’s natural inclination to share with their friends and the growing memory capacity of USB devices,” says avast! virus analyst Jan Sirmer. ...

Ed Bott’s Microsoft Report posted something interesting in ZDNet: You want a good, solid, free antivirus program? Microsoft Security Essentials fills the bill nicely. Unfortunately, even though it was officially released more than a year ago, it’s still one of the best-kept secrets in personal computing. Its installed base of 30 million users worldwide might sound big in raw numbers, but it’s a drop in the bucket compared to the billion-plus Windows PCs in use. ...

Adobe have published details of a critical vulnerability the following applications. Adobe Flash Player 10.1.85.3 and earlier versions Adobe Reader 9.4 and earlier 9.x versions Adobe Acrobat 9.4 and earlier 9.x versions The vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting Flash Player. ...

**Mac: Hi PC, I’m not feeling so hot today… ** PC: Oh, I know ALL about that. I think you have a virus! Security experts by and large agree that security via obscurity is not a wise model for protecting customers over the long term. That’s exactly the model Apple has employed successfully for some time now. However, its luck finally appears to be running short. ...

Internet is great, and everyday millions of people spend their day surfing it, using Google, Gmail, Youtube, Twitter, Facebook, etc. Some people buy at ebay, or Amazon. Even some people use it to work, though these cases maybe not that common As a reader of this blog, you are concerned about security and therefore you already know that connecting through public WiFi is a risky sport. But it is also really convenient, how many of you have done it in McDonalds,Starbucks, etc.? Yeah, me too ...

An Arizona computer specialist has admitted taking part in a conspiracy that used large networks of compromised computers to inflate the value of stocks so they could later be sold at a profit. James Bragg, 41, of Chandler, Arizona, pleaded guilty on Wednesday to conspiracy to commit securities fraud and fraud, prosecutors said. He faces a maximum sentence of five years in prison and a $250,000 fine. It wasn’t immediately clear when sentencing is to take place. ...

A German source is signaling that those who haven’t downloaded FaceTime for Mac just yet may want to hold back on the desire to video chat with their iPhone-wielding friends, as there may be some serious security risks involved. During yesterday’s Back to the Mac special event held in Cupertino, California, Apple’s CEO confirmed the availability of FaceTime for Mac. The application effectively enables anyone with a mac running Snow Leopard to use their computer’s iSight camera and mic to talk to their iPhone, iPod touch-equipped friends. ...

Panda Security has announced the launch of Panda Antivirus for Mac. This new solution delivers comprehensive protection against malware affecting Mac OS and Mac OS X; it also prevents Mac users from transmitting malware to other users of Windows and Linux operating systems. Panda Antivirus for Mac scans files and email, detecting and eliminating or blocking many types of threats, including viruses, Trojans, spyware, keyloggers, adware, hacking tools, botnets, dialers, scareware and other threats that have traditionally targeted Windows users. ...