The week in security:Mac OS X Keychain hacked; SecDevOps gets a reality check
Think your software developers can build secure code just because you want them to? Not necessarily
David Braue | 02 Oct | Read more
Think your software developers can build secure code just because you want them to? Not necessarily
David Braue | 02 Oct | Read more
Hackers once again use legit Apple Developer ID to sign malware for Mac computers.
Tenable Network Security has extended OS support for their Nessus Agents to Mac OS X and Red Hat/CentOS Linux.
Anthony Caruana | 15 Jun | Read more
A new piece of malware for Mac OS X systems may be a danger to anyone who’s installed the Mac security product MacKeeper.
Small businesses are proving to be a locus for cybersecurity attacks, with security experts advising that better communication is necessary to keep SMBs protected and some warning that the relatively small IT organisations of SMBs make them particularly vulnerable to the proliferation of 'shadow IT'.
David Braue | 10 Nov | Read more
As usual Adobe’s patches for October will fall in line with Microsoft’s this Tuesday, but this month Oracle’s quarterly and enormous list of 155 fixes falls on the same day.
Australia earned the dubious honour of being the country most targeted by phishers – and that's saying something given that it happened in a climate where the overall level of data breaches is continuing to rise. Even malvertising authors were upping their game, digitally signing new samples in an effort to bypass detection by antivirus scanners.
David Braue | 07 Oct | Read more
The role of government in cybersecurity defences continues to morph, but there were interesting revelations that GCHQ employs 120 dyslexic and dyspraxic analysts to help in its fight against terrorism, while British PM David Cameron appointed a special envoy in charge of intelligence and law-enforcement data sharing. Interestingly, however, even as scrutiny of data sharing increases, Yahoo! reported that government requests for data had dropped overall, while one Australian cybersecurity expert said businesses and governments were increasingly seeking a collaborative approach to bolster overall cybersecurity profiles.
David Braue | 02 Oct | Read more
Less than a week after it was revealed by UK-based Akamai security researcher Stephane Chazelas, the threat posed by the newly discovered Shellshock vulnerability – said by some to be bigger than Heartbleed” – is still being reassessed as security experts around the world zero in on the recently discovered Bash shell flaw and the extent of the world's exposure to the bug becomes clear.
David Braue | 01 Oct | Read more
Apple today issued a security-only update for OS X, patching 25 vulnerabilities in Mavericks, its newest operating system, and 7 bugs in older editions.
Gregg Keizer | 23 Apr | Read more
Apple on Tuesday patched the security vulnerability in Safari that was successfully exploited at last month's Pwn2Own hacking contest, where a team cracked the browser to win $65,000.
Gregg Keizer | 02 Apr | Read more
Apple on Tuesday made it clear that it will no longer patch OS X 10.6, aka Snow Leopard, when it again declined to offer a security update for the four-and-a-half-year-old operating system.
Gregg Keizer | 26 Feb | Read more
A security flaw, introduced to Mac OS X some months ago leaves users vulnerable to attack. The security hole, created by a programming error, allows Apple's SSL/TLS library to skip verification checks of a server's authenticity when establishing a connection. The flaw affects Macs running OS X 10.9.1.
Anthony Caruana | 26 Feb | Read more
Connecting to unsecured networks not advisable for Apple users until patch is released for vulnerability
Antone Gonsalves | 25 Feb | Read more
A German security company has released an unauthorized patch for Apple's OS X Mavericks that it claimed closes the hole the Cupertino, Calif. giant left wide open in the operating system's implementation of basic Internet encryption.
Gregg Keizer | 24 Feb | Read more