Post Thumbnail

A critical security issue in the network time protocol (NTP) has prompted Apple to push an automatic OS X update to users for the first time. Google researchers discovered the flaw which could allow a remote attacker to \"send a carefully crafted packet that can overflow a stack buffer and allow ma

5 days ago 0 Comments
December 23, 2014 at 2:47AM
Post Thumbnail

Don't get too comfy just because companies are rolling out patches for the Shellshock security bug -- as it turns out, even updated websites and devices remain at risk. Developers are reporting that they can still run any code they like (and thus hijack systems) through the bash command shell sim

3 months ago 0 Comments
Post Thumbnail

Apparently, the internet has more deep-seated security bugs to worry about than Heartbleed. Researchers have discovered a longstanding flaw in a common Unix command shell (bash) for Linux and Macs that lets attackers run any code they want as soon as the shell starts running. They can effectively

3 months ago 0 Comments
Post Thumbnail

If you rushed to upgrade your Mac to OS X Mavericks, congratulations -- you've just taken a big step forward in web security. Adobe has confirmed that Flash Player is now sandboxed in Safari for Mavericks users, preventing Flash-based malware from accessing code and resources beyond Apple's browse

1 year ago 0 Comments
Post Thumbnail

Apple and its developer community have had a few rough weeks: hackers struck Apple's Dev Center in mid-July, and the company's efforts to both recover and rejuvenate the portal have been slow going. Things are looking up, however, as the company just sent word that it will restore most of the rema

1 year ago 0 Comments
Post Thumbnail

Apple has had to take security more seriously when a larger user base and the cloud have opened up greater risks. Thanks to a just-discovered hire, we now know 1 Infinite Loop isn't messing around. While many of us were fixated on new iPhones in September, the company was quietly recruiting Kristi

2 years ago 0 Comments
Post Thumbnail

Folks still rocking Apple's Leopard may have been feeling left out after Lion and Snow Leopard both got an update for addressing that Flashback malware. If you're one of them, you'll be glad to know that Apple has finally issued a Leopard fix that comes with a removal tool for the vulnerability af

2 years ago 0 Comments
Post Thumbnail

It promised earlier this week that a fix was coming, and Apple has now delivered a Java security update that is says removes \"the most common variants of the Flashback malware.\" That update also reconfigures the Java web plug-in to disable the automatic execution of Java applets by default (in Lion

2 years ago 0 Comments
Post Thumbnail

Dr. Charlie Miller -- a man who has been covered extensively here at Engadget -- snagged a doctorate in Mathematics from the University of Notre Dame. He spent five years working on cryptography for the National Security Agency. And, after heading into the wilds of security analysis, he was the f

3 years ago 0 Comments
Post Thumbnail

See that chart there? That's a lovely graphic conjured up by Sophos, a company that makes ends meet by offering anti-virus software. The company just so happens to also have a flavor for OS X, and based on data culled from 150,000 users, it looks as if 50,000 machines had at least one piece of malw

4 years ago 0 Comments