Apple Safari

(get it in RSS or Atom)

Apple pushes out critical security fixes for OS X, iOS and Apple TV

apple-upd-250

You still can't tell when you're going to get your next update from Apple, but serious security fixes do seem to be coming more frequently these days.

Like the latest round of patches, closing a raft of hackable holes in OS X, iOS and Apple TV...

Apple patch out, Fake support bust, Liquor store leak - 60 Sec Security [VIDEO]

2014-04-05-justice-250

How long did Apple leave holes in Safari? What punishment can a convicted support call scammer expect? And what happens when a liquor store springs a leak?

Find out in 60 Second Security. the security news video that only takes a minute...

Apple updates OS X Safari - patches a year's worth of holes, but not on Snow Leopard

safari-250

In all the excitement over the End of Windows XP and next Tuesday's Ultimate Update...

...we sort of forgot to write about Apple.

Here's the scoop on the lates OS X Safari browser update, patching 27 vulnerabilities.

SellHack browser plugin ceases squeezing LinkedIn for hidden email addresses

SellHack logo

The free extension promised to "hack" LinkedIn profiles to get at what should be users' tucked-away, private email addresses. Much to LinkedIn's chagrin, it was doing just that (albeit spottily) until it got LinkedIn's cease and desist order, took the plugin offline and pledged to shape it into something that passes terms of service muster.

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

Anatomy of a "goto fail" - Apple's SSL bug explained, plus an unofficial patch for OS X!

gotofail-250

Apple just patched an SSL/TLS bug in iOS - but the flaw is not yet fixed in OS X.

Paul Ducklin comes to the rescue with explanations, mitigations, and even an unofficial patch! (For educational purposes only, you understand.)

SSCC 133 - Prize unicorns, Android malware, 2FA, Attack reports and Vote For Us! [PODCAST]

sscc-133-thumb-250

Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...

PWN2OWN 2014 - Find the "exploit unicorn" and win $150,000

unicorn-250

It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.

But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...

82% of enterprise Mac users not getting security updates

Apple109-250

Apple users are updating to OS X Mavericks in large numbers, but not fast enough. Corporate users in particular have been slow to upgrade, which could have serious security implications.

Microsoft leads the way, setting new cryptographic defaults

ts-cracked-250

Microsoft is upping its game with regards to cryptographic standards. By discontinuing support for the older, weak RC4 cipher and putting Certificate Authorities on note to migrate to SHA-2, it seems to be leading the way to be ready for the future, rather than reacting.

Patch Tuesday November 2013 - Microsoft, Adobe and Google

Patch Tuesday

November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.

Apple's iCloud iConundrum - does convenience mean insecurity?

shutterstock_AppleArrow250

Researcher Vladimir Katalov explained how documents and backups stored in Apple's iCloud can be accessed bypassing Apple's two-factor authentication, even when enabled, last week at the Hack in the Box conference in Malaysia.

OS X Mavericks - optional OS upgrade or critical security fix?

mav-250

Apple's OS X 10.9, better known as Mavericks, is officially out.

The burning question for OS X fans everywhere, of course, is, "Should I or shouldn't I?"

Copying fingerprints, Firefox trusted, Facebook not, Yahoo recycles - 60 Sec Security [VIDEO]

2013-09-28-60ss-thumb-250

How do you copy fingerprints? Which is the most trustworthy browser? Who will use Facebook for payments? How long does an email address live?

Satisfy your curiosity with this week's 60 Second Security!

Firefox burns Chrome in our trustworthy browser poll

Chrome burns

About a month ago I asked Naked Security readers: Which web browser do you trust? Your answer was emphatic: it's Firefox, and it accrued almost twice the number of votes of its nearest rival, Google Chrome.

PWN2OWN for mobile devices - $300,000 in prizes for stealing data, eavesdropping or making covert calls

zdi-250

There's $300,000 up for grabs at HP's Mobile Pwn2Own contest to be held in Tokyo in November 2013.

Paul Ducklin runs through the options of how to get your hands on the cash...

Which web browser do you trust? [Poll]

which-browser-do-you-trust

We no longer choose our web browsers based on bells and whistles. These days its all about privacy and security and we'd like to know which browser (and which vendor) you trust to be your companion on the web.

Chrome, Firefox display plain-text passwords with a few clicks

Chrome, Firefox display plain-text passwords with a few clicks

An ongoing catfight has boiled up regarding whether these are features or security fright-fests, particularly given that the nontechnical masses aren't liable to know that they can, for example, tell Google not to store passwords or set up a master password in Firefox.

Apple's OS X and Safari get biggish security fixes

osx-saf-250

Apple has published updates for all supported versions of OS X and for Safari version 6.

A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic fixes.

Google's certificate announcement contains a hidden surprise for Windows XP users

Google's certificate announcement contains a hidden surprise for Windows XP users

Are you an IT administrator still caring for Windows XP computers that are running Internet Explorer?

Google's latest announcement brings another good reason to upgrade your systems or switch to an alternative browser.