OS X

(get it in RSS or Atom)

Apple rushes out iTunes 11.2.1 - fixes giant permissions hole

itunes-250

Did you just download the quarter-gigabyte iTunes 11.2 update for your Mac?

If so, consider it a practice run: you need to do it all over again...

Apple releases OS X Mavericks 10.9.3, repeats last month's security updates

appst-250

Apple just issued a Security Advisory for OS X Mavericks 10.9.3. Don't get too excited - from a security point of view, it seems to be nothing more than last month's fixes all over again.

So, at betwen 0.5GB and 1GB to download, do you need it?

Monday review - the hot 26 stories of the week

dow-250

Make sure you're up to date with everything we wrote in the last seven days - it's weekly roundup time.

Apple pushes out critical security fixes for OS X, iOS and Apple TV

apple-upd-250

You still can't tell when you're going to get your next update from Apple, but serious security fixes do seem to be coming more frequently these days.

Like the latest round of patches, closing a raft of hackable holes in OS X, iOS and Apple TV...

SSCC 142 - Heartbleed explained, Patches assessed, Apple chastised [PODCAST]

sscc-142-250

Chet and Duck explain what you can do about the big ticket security news items of the past week.

The epic "Heartbleed" bug in OpenSSL, the last patches ever for XP and Office 2003, and Apple's attitude to updates and support all come under the microscope.

Apple patch out, Fake support bust, Liquor store leak - 60 Sec Security [VIDEO]

2014-04-05-justice-250

How long did Apple leave holes in Safari? What punishment can a convicted support call scammer expect? And what happens when a liquor store springs a leak?

Find out in 60 Second Security. the security news video that only takes a minute...

Apple updates OS X Safari - patches a year's worth of holes, but not on Snow Leopard

safari-250

In all the excitement over the End of Windows XP and next Tuesday's Ultimate Update...

...we sort of forgot to write about Apple.

Here's the scoop on the lates OS X Safari browser update, patching 27 vulnerabilities.

SSCC 141 - Adobe revisited, MS-DOS, Word, XP, Snapchat and backup [PODCAST]

sscc-141-thumb-250

Chet and Duck get together once again to look at the week's news with their usual blend of humor, insight and informed intensity....

Take a listen to the latest episode of our weekly quarter-hour podcast!

SSCC 140 - Does Windows have more holes than OS X? Whither messaging privacy? [PODCAST]

sscc-140-thumb-250

How bad is the latest Microsoft Word 0-day? Does OS X really need patching less often than Windows? What does Gmail's move to HTTPS-only really mean? And if WhatsApp has privacy coded into its DNA, is it coded into its app, too?

Chet and Duck get stuck in...

Phone spyware, Mac security, and WhatsApp privacy - 60 Sec Security [VIDEO]

2014-03-22-respect-250

How do you get spyware on your victim, er, target's phone? Have Mac users changed their attitude to security? And how deep does privacy run at WhatsApp?

Find out in 60 seconds!

Apple users: Try these five tips for better Mac security

mac-5tips-250

Security for Macs is often a hotly-debated topic, perhaps because Apple has a reputation for security that is based more on a brand promise than reality.

Don't panic. Here are five simple tips to help you get serious about security on OS X...

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

SSCC 138 - Patching, zero-days, XP, APTs and CryptoLocker [PODCAST]

sscc-138-thumb-250

Join the dynamic duo for another entertaining quarter-hour on security.

There's Patch Tuesday, the impending end of XP, Advanced Persistent Threatitis, and some astonishing statistics about CryptoLocker.

Microsoft Patch Tuesday - 5 bulletins, 2 critical, 1 for Mac users!

Microsoft's Patch Tuesday for March 2014, the second-to-last scheduled patch that Windows XP users are ever going to see, will fix critical holes in all versions of Windows.

OK, not quite all: Server Core installations will receive updates, but not critical ones.

Final countdown, CryptoLocker payout and Full Disk Encryption - 60 Sec Security [VIDEO]

2014-03-08-locked-250

XP is counting down - are you ready? Would you pay the CryptoLocker crooks? And should you use Full Disk Encryption?

Find out in just a minute...watch 60 Sec Security for 08 March 2014!

Anatomy of an Apple theft protection bypass - and how to avoid it

icloud-kdb-250

A tiny but intriguing open source project entitled iCloudHacker attracted interest over the weekend.

It claims to "bypass Apple's theft protection" - and although that's streching the truth a bit, it has some lessons to teach us about encryption...

Facebook survives, Apple patches, and Naked Security wins! 60 Sec Security [VIDEO]

2014-03-01-hoaxes-250

How harmless is that "Facebook shutting down on 29 February" hoax?

Is system reimaging really a security tool?

Find out this and more! 60 Sec Security - 01 Mar 2014

Anatomy of a "goto fail" - Apple's SSL bug explained, plus an unofficial patch for OS X!

gotofail-250

Apple just patched an SSL/TLS bug in iOS - but the flaw is not yet fixed in OS X.

Paul Ducklin comes to the rescue with explanations, mitigations, and even an unofficial patch! (For educational purposes only, you understand.)

PWN2OWN 2014 - Find the "exploit unicorn" and win $150,000

unicorn-250

It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.

But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...

Digitally signed data-stealing malware targets Mac users in "undelivered courier item" attack

forklift-250

Our colleagues at SophosLabs pointed us at a interesting item of malware the other day, namely a data-stealing Trojan aimed at Mac users.

Paul Ducklin looks at how the attack unfolds...