Security researcher Jeremiah Grossman discovered a security vulnerability that could give any website the ability to steal user information from Safari's AutoFill feature that grabs user information from Address Book on the Mac. Apple countered Grossman by releasing Safari 5.0.1 that supposedly corrected the issue, but Grossman has found another potentially dangerous way to grab user information from Apple's flagship web browser.
Gross looking worm right? Well imagine if that gross looking "worm" got into your Mac OS X? Not good. Well, hopefully you won't have to worry about such a situation with the latest security update for the Mac OS X that Apple released today.
It could be nothing, but it certainly might be something: If you make your iTunes applications and media purchases with a credit card or a PayPal account, you'd do well to take a moment and read this story and take a few precautions to ensure your financial well-being.
A number of of users who utilize their credit card or Paypal to purchase goods from the iTunes Store have reported massive unauthorized purchases of software, music and videos using their iTunes Store account. Reports of the amounts taken from the various users differ, with some seeing purchases in the hundreds of dollars, to thousands. One unfortunate individual reported that his entire bank account was drained via PayPal in the name of someone else getting their entertainment and productivity on.
You wouldn’t give a stranger complete access to your important, personal information; yet so many people don’t secure their wireless access points on their home network. With an open network, you are setting yourself up for a potential attack; be it packet sniffing, or network sharing snooping, you’re not secure until you enable wireless encryption.
Anyone that's ever had their email, Facebook or World of Warcraft account hacked knows that maintaining robust computer security is serious business. There are tons of applications out there to protect your online information, like 1Password, but significantly fewer solutions available to ensure the security of mobile platforms on an as-needed basis.
The data-mining sorts over at Patently Apple have uncovered a patent that suggests Cupertino may have a typically elegant solution for mobile hardware and software security on the way. The patent details what Apple calls an "exciter," and the possibilities for the technology are worthy of the name.
Just yesterday Apple had acknowledged their awareness of the current security hole in the iOS browser. Now today, they are saying that they have a fix already prepared for the loophole, that will be a part of an upcoming update.
At the moment, there's a security bug that affects all iOS 4 devices and the iPad that allows hackers to gain total control over your device. It's a lot like the Mobile Safari one-click jailbreak we posted about yesterday, only a lot less friendly. The device owner just has to visit a web page and load a PDF.
The company announced today that their free U.S. mobile-banking app contains a security flaw and wanted customers to upgrade to a newer version that would contain a fix. So if you're a Citi customer and have their app, you might want to mosey over to the 'ol App Updater.
If customers aren't on fire after todays iPhone 4 pre-ordering fiasco this just might light them up. Gizmodo is reporting that todays "iPhonecalypse" is due to what an AT&T insider says was caused by "a major fraud update that went wrong. " The result: exposure of an unknown number of users' private AT&T information.