Apple

(get it in RSS or Atom)

Apple's OS X and Safari get biggish security fixes

by Paul Ducklin on June 5, 2013 | 10 Comments
osx-saf-250

Apple has published updates for all supported versions of OS X and for Safari version 6.

A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic fixes.

Monday review - the hot 24 stories of the week

by Anna Brading on May 20, 2013 | Leave a comment
Monday review

In case you missed any recent stories, here's everything we wrote in the last seven days.

Apple fixes 41 iTunes security flaws, some more than a year old

by Chester Wisniewski on May 17, 2013 | 12 Comments
iTunes-11-250

Apple released the latest update to iTunes today, version 11.0.3, fixing 41 vulnerabilities in the Windows version and 1 in the OS X version. Many of these flaws are rated critical and we advise you update as soon as possible.

Apple ships jolly uninteresting iOS 6.1.4 update

by Paul Ducklin on May 3, 2013 | 4 Comments
ip5-250

Apple just released iOS 6.1.4 for the iPhone 5.

Apparently, it improves speakerphone calls, but it doesn't fix the lock-screen bug in iOS 6.1.3...

Apple iMessage "censors" mention of Obama: international conspiracy...or software bug?

by Paul Ducklin on April 29, 2013 | 12 Comments

Try sending the message "I could be the next Obama" via the iMessage service from your iPhone or your iPad!

Paul Ducklin takes a look at a humorous bug that teaches us some serious lessons...

Monday review - the hot 22 stories of the week

by Anna Brading on April 22, 2013 | Leave a comment
Monday review - the hot stories of the week

In case you missed any recent stories, here's everything we wrote in the last seven days.

Apple updates Safari, gives better control over Java applets

by Paul Ducklin on April 18, 2013 | 1 Comment
safari-250

Apple has pushed out a Safari update to go along with this week's "Java Tuesday" fix.

It's supposed to give you finer-grained control over Java in your browser.

Paul Ducklin puts it through its paces...

Oracle and Apple ship critical Java updates - get yours today!

by Paul Ducklin on April 17, 2013 | 12 Comments
java-now-250

The security-beleaguered Java ecosystem usually gets updates just once every four months, in February, June and October.

But this year, Oracle has adapted that schedule a number of times, and this is one of them...

Sophos Techknow - Two-factor Authentication [PODCAST]

by Paul Ducklin on April 15, 2013 | 4 Comments

To some of us, two-factor authentication (2FA) is a welcome aspect of online security; to others, token or SMS-based login codes are just extra online hassle we'd rather do without.

Duck and Chet help you evaluate the risks and rewards of 2FA in this enjoyable quarter-hour podcast.

SSCC 105 - HP printers, Google blocks ad blockers, Apple does the 2-step, and more...

by Paul Ducklin on March 27, 2013 | 1 Comment
sscc-105-250

Have you joined thousands of others, and become a loyal listener to the "Chet Chat" yet?

Here's the latest Naked Security podcast, Sophos Security Chet Chat 105, discussing a range of recent and newsworthy topics from the world of computer security.

Monday review - the hot 21 stories of the week

by Anna Brading on March 25, 2013 | Leave a comment
Monday review - the hot stories of the week

It's weekly roundup time. Here's all the great stuff we've written in the past seven days.

Apple password reset website - gaping hole found, fixed

by Paul Ducklin on March 23, 2013 | 6 Comments
apple-env-250

Apple has had a good-bad-good-bad week of it in the computer security environment.

Its announcement of two-step verification for some users was quickly followed by a report of a password recovery exploit for everyone else...

Apple introduces two-factor verification for Apple IDs

by Paul Ducklin on March 22, 2013 | 13 Comments
apple-id-icons-250

After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny.

Good news! Apple has finally bitten the bullet and started offering two-factor verification for Apple ID users...

iOS 6.1.3 security flaw allows passcode lock bypass... again [VIDEO]

by Graham Cluley on March 21, 2013 | 8 Comments
iOS 6.1.3 security flaw allows passcode lock bypass... again [VIDEO]

iOS 6.1.3 has only just been released by Apple, and already a security hole has been followed - allowing anyone to bypass the passcode lock on iPhones, and access private data on the device.

Anyone else getting a sense of Deja Vu?

Monday review - the hot 32 stories of the week

by Anna Brading on March 18, 2013 | Leave a comment
Monday review - the hot stories of the week

It's that time of the week again - here's your roundup of everything we wrote in the last seven days.

Apple ships OS X 10.8.3 - 11 remote code execution vulns patched, Snow Leopard and Lion get fixes too

by Paul Ducklin on March 15, 2013 | 7 Comments

Apple has shipped the latest point release of its flagship Mountain Lion (OS X 10.8) operating system.

There are plenty of security fixes in there, which Snow Leopard (10.6) and Lion (10.7) users get too, in standalone security updates.

iPhone thief posts picture of himself seemingly smoking pot on victim's Facebook page

by Graham Cluley on March 11, 2013 | 6 Comments
iPhone thief posts picture of himself smoking pot on victim's Facebook page

Do you recognise this man?

If so, the police would like to hear from you.

Monday review - the hot 26 stories of the week

by Anna Brading on March 11, 2013 | 2 Comments
dow-250

In case you missed it: Here's everything we wrote last week.

Apple finally adopts HTTPS for the App Store - here's why it matters

by Paul Ducklin on March 9, 2013 | 6 Comments

Last year, a Googler named Dr. Elie Bursztein noticed that Apple's App Store protocols were using HTTP where HTTPS would have been much better.

Some time later, Apple has changed its ways.

Paul Ducklin explains why it matters...