Safari

(get it in RSS or Atom)

Apple Safari for OS X gets "click-to-own" security holes patched

safari-250

The 6th Safari security update in 10 months is out.

With fixes for 7 potential remote code execution holes, get it while it's hot...

Monday review - the hot 26 stories of the week

dow-250

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

Apple Safari 7.0.4 closes 22 holes, including 21 listed under "arbitrary code execution"

saf-250

Apple just pushed out another Safari update, bumping OS X's native browser to version 7.0.4.

Paul Ducklin found himself thinking, "Is it just me, or has Cupertino bumped up the frequency of Safari patches lately?"

Apple pushes out critical security fixes for OS X, iOS and Apple TV

apple-upd-250

You still can't tell when you're going to get your next update from Apple, but serious security fixes do seem to be coming more frequently these days.

Like the latest round of patches, closing a raft of hackable holes in OS X, iOS and Apple TV...

SSCC 142 - Heartbleed explained, Patches assessed, Apple chastised [PODCAST]

sscc-142-250

Chet and Duck explain what you can do about the big ticket security news items of the past week.

The epic "Heartbleed" bug in OpenSSL, the last patches ever for XP and Office 2003, and Apple's attitude to updates and support all come under the microscope.

Apple patch out, Fake support bust, Liquor store leak - 60 Sec Security [VIDEO]

2014-04-05-justice-250

How long did Apple leave holes in Safari? What punishment can a convicted support call scammer expect? And what happens when a liquor store springs a leak?

Find out in 60 Second Security. the security news video that only takes a minute...

Apple updates OS X Safari - patches a year's worth of holes, but not on Snow Leopard

safari-250

In all the excitement over the End of Windows XP and next Tuesday's Ultimate Update...

...we sort of forgot to write about Apple.

Here's the scoop on the lates OS X Safari browser update, patching 27 vulnerabilities.

SSCC 139 - PWN2OWN, browser updates, Target alerts, PCI DSS and phishing [PODCAST]

sscc-139-thumb-250

Is a browser less secure if more people like to hack it? Is it OK to ignore alerts simply because you get too many? Do you back yourself to spot every single phish? And just how smart is the Google Play Store?

Chester and Duck dissect these issues with their usual style in this week's Chet Chat podcast...

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

PWN2OWN Day Two - Chrome and Safari join the losers

p2o-d2-250

Here are the PWN2OWN results from Day Two, and an overview of the final payouts.

Chrome and Safari didn't get picked for Day One, but both of them were pwned on Day Two - twice for Chrome and once for Safari....

PWN2OWN Day One - Reader, IE, Flash and Firefox felled, Java left standing

p2o-250

PWN2OWN Day One results are in!

The target that sounded easiest - Oracle Java, with prize money less than a third of the supposedly much tougher IE 11 - was the only one left standing at the end of the first half...

PWN2OWN 2014 - Find the "exploit unicorn" and win $150,000

unicorn-250

It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.

But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...

Apple updates Mavericks to 10.9.1, issues security fixes for Safari

mav-250

Apple just announced the first point update for its recently released OS X Mavericks.

Most of the fixes and enhancements are of the not-really-to-do-with-security sort, but the update includes a new version of Safari, with remote code execution patches.

OS X Mavericks - optional OS upgrade or critical security fix?

mav-250

Apple's OS X 10.9, better known as Mavericks, is officially out.

The burning question for OS X fans everywhere, of course, is, "Should I or shouldn't I?"

Firefox burns Chrome in our trustworthy browser poll

Chrome burns

About a month ago I asked Naked Security readers: Which web browser do you trust? Your answer was emphatic: it's Firefox, and it accrued almost twice the number of votes of its nearest rival, Google Chrome.

Apple ships OS X 10.8.5 security update - fixes "sudo" bug at last

osx-1085-250

Officially, it's a point release of OS X Mountain Lion.

But with twice as many security fixes listed as regular bug fixes and improvements, Paul Ducklin is happy calling it a "security update" instead...

Facebook transparency, Apple bugs, SEA DDoSes itself - 60 Sec Security [VIDEO]

2013-08-31-ddosing-yourself-250

Which country came top of Facebook's new "Government Requests" report aimed at outing the countries that fish for Facebook user data the most? (I bet you're thinking it's the USA - but it isn't.)

Watch this week's 60 Second Security and find out!

Which web browser do you trust? [Poll]

which-browser-do-you-trust

We no longer choose our web browsers based on bells and whistles. These days its all about privacy and security and we'd like to know which browser (and which vendor) you trust to be your companion on the web.

Apple's OS X and Safari get biggish security fixes

osx-saf-250

Apple has published updates for all supported versions of OS X and for Safari version 6.

A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic fixes.

Farewell Camino - pioneering Mac browser falls behind on security, reaches end of road

Camino, the first browser that was purposefully made for Apple's OS X, has officially reached the end of the road.

The developers cited the pain of security updates as a key reason to wind up the project.