Mac security news and reviews, including virus, security, phishing, and more

New Mac 'game' plays Russian roulette with your files

Tony Craine — Wed, 04 Nov 2009 11:42:00 -0800

An artist tries to get gamers to think about their actions by creating an arcade-style game for the Mac that purposely deletes files from your hard drive as you score points.

DoorStop X security suite ready for Snow Leopard

Dan Miller — Mon, 26 Oct 2009 12:04:00 -0700

In addition to adding Snow Leopard compatibility to the suite's firewall and the firewall advisor, DoorStop X 2.3 also includes a new read-only mode in the firewall for non-admin users while the Who's There? Firewall Advisor offers an improved geo-location service.

Botnets contributing more than ever to click fraud

Jeremy Kirk — Thu, 22 Oct 2009 12:00:00 -0700

A company that tracks click fraud says more traffic than ever is coming from botnets.

With botnets everywhere, DDoS attacks get cheaper

Robert McMillan — Thu, 15 Oct 2009 05:25:00 -0700

Security researchers say the cost of DDoS attacks and other criminal services is dropping.

To boost security, Mozilla launches plugin checker

Robert McMillan — Wed, 14 Oct 2009 16:04:00 -0700

Mozilla has gone live with a Web page that tests to see if 17 popular Firefox plugins are up-to-date.

Report: New iPhone 3GS may be jailbreak-proof

Ian Paul — Wed, 14 Oct 2009 08:56:00 -0700

The cat-and-mouse game between Apple and a cadre of hackers continues as Apple is reportedly now shipping iPhone 3GS units that are jailbreak-proof.

McAfee security offering targets networks with Macs

Dan Miller — Wed, 14 Oct 2009 05:12:00 -0700

Aimed at everything from small- and medium-sized businesses to enterprises, McAfee Endpoint Protection for Mac includes protection against malware and spyware, as well as a firewall.

Google to send detailed information about hacked Web sites

Jeremy Kirk — Tue, 13 Oct 2009 22:33:00 -0700

Google will send Webmasters snippets of malicious code its scanners find in the hopes the Web sites can be cleaned up faster.

Mac News Briefs: Acrobat, Reader updates tackle security vulnerability

Macworld Staff — Tue, 13 Oct 2009 15:58:00 -0700

The 9.2 updates for Acrobat and Adobe Reader address vulnerabilities that could cause the applications to crash and potentially allow an attack to take control of the affected system. Also, SuperDuper and Cocktail both saw maintenance updates released on Tuesday.

A look at stolen Hotmail data finds simple passwords

Robert McMillan — Wed, 07 Oct 2009 06:09:00 -0700

A security researcher has analyzed 10,000 stolen hotmail passwords and found that many of them are easy to guess.

Google confirms Gmail phishing attack

Gregg Keizer — Tue, 06 Oct 2009 16:09:00 -0700

Google confirmed that passwords for its free Gmail online e-mail service had been harvested by hackers, but downplayed the phishing attack as involving a "small" number of accounts.

After attacks, Adobe patches now come faster

Robert McMillan — Tue, 06 Oct 2009 10:16:00 -0700

Adobe has worked to decrease the time it takes to rush out security patches, its CTO said Monday.

Cartoon you: Illustrator’s Live Trace converts your photo into a drawing

Pariah S. Burke — Mon, 05 Oct 2009 06:00:00 -0700

Illustrator's Live Trace feature is the subject of our fourth article on how to create your own avatar portrait for social networking Web sites and instant messengers.

To fight online scammers, Bing shows warning ads

Robert McMillan — Tue, 29 Sep 2009 13:12:00 -0700

The FTC has teamed up with Microsoft to place public service announcements in search results when consumers search for scam-related terms.

Retrievable iPhone numbers mean potential privacy issues

Dan Moren — Tue, 29 Sep 2009 10:45:00 -0700

A loophole may allow app developers to retrieve your phone number; reports from Switzerland claim an app developer is using this information to upsell its customers.

Scareware sellers poison 'iPhone MMS' search results

Gregg Keizer — Tue, 29 Sep 2009 02:11:00 -0700

Criminals have poisoned major search engines for terms related to the new MMS capability of Apple's iPhone, and are using the results to steer users to fake Windows security downloads, according to the manager of security research at Websense.

Do phishers have more poles in the water?

Jeremy Kirk — Mon, 28 Sep 2009 12:15:00 -0700

Data on phishing attacks is often vastly different depending on the statistics collected by various vendors and other organizations.

Researcher: Hackers pay 43 cents per hijacked Mac

Gregg Keizer — Sat, 26 Sep 2009 10:46:00 -0700

Russian malware writers have put a price on the head of infected Macs -- 43 cents -- according to a security researcher.

Netflix Prize 2: What you need to know

Ian Paul — Thu, 24 Sep 2009 13:35:00 -0700

Is Netflix on the brink of a major data breach with its latest contest? Ian Paul of PC World tackles questions swirling around the Netflix Prize 2.

Study: Social networking sites leaking personal information to third parties

Jaikumar Vijayan — Thu, 24 Sep 2009 06:40:00 -0700

Many major social networking sites are leaking information that allows third party advertising and tracking companies to associate the Web browsing habits of users with a specific person, warns a study by AT&T Labs and the Worcester Polytechnic Institute.

Review: Private Pics for iPhone

Tim Mercer — Fri, 18 Sep 2009 09:26:00 -0700

If you've got photos on your iPhone or iPod touch that you want to keep out of the public view, both the free and paid versions of Private Pics can meet your needs.

New phishing attack chats up victims

Robert McMillan — Thu, 17 Sep 2009 09:23:00 -0700

RSA says phishers are now using Jabber to set up fraudulent online chat sessions on their fake Web sites.

Opinion: Apple betrays the iPhone's business hopes

Galen Gruman — Tue, 15 Sep 2009 12:00:00 -0700

Apple's fix of a security hole reveals a long-simmering flaw and makes many iPhones suddenly incompatible with Exchange

Xsan update fixes serious screen sharing security problem

Peter Cohen — Mon, 14 Sep 2009 13:26:00 -0700

Apple's latest update to Xsan Admin fixes a serious security flaw in its screen sharing tool.

Apple clarifies iPhone anti-phishing feature

Dan Moren — Mon, 14 Sep 2009 08:09:00 -0700

Over the weekend, Apple responded to questions about how the new anti-phishing feature of the iPhone 3.1 software works.

Apple releases Mac OS X 10.6.1

Dan Moren — Thu, 10 Sep 2009 14:14:00 -0700

Apple on Thursday released Mac OS X 10.6.1, which contains stability, compatibility, and security updates for all machines running Mac OS X Snow Leopard.

iPhone 3.1's anti-phishing: not better than nothing?

Dan Moren — Thu, 10 Sep 2009 10:43:00 -0700

The iPhone 3.1 update supposedly added anti-phishing protections, but it would seem that the system is buggy and inconsistent.

Mozilla releases Flash-checking security update

Robert McMillan — Thu, 10 Sep 2009 01:12:00 -0700

Mozilla has pushed out the Firefox 3.5.3 update, which checks for up-to-date Flash plugins.

Adobe unveils Flash Access 2.0

Jackie Dove — Wed, 09 Sep 2009 21:10:00 -0700

Adobe Systems has announced Adobe Flash Access 2.0, a key component of the Adobe Flash Platform, at the 2009 IBC (International Broadcasting Convention). Flash Access 2.0, formerly known as Adobe Flash Media Rights Management Server, is content protection software that lets content creators control how, when, and where audio and video content can be experienced by users.

Apple updates QuickTime for Leopard, Tiger users

Philip Michaels — Wed, 09 Sep 2009 13:27:00 -0700

According to Apple's notes, QuickTime 7.6.4 adds support for the newly released iTunes 9, improves audio device support for Windows Vista users, and fixes several security issues.

Firefox adds Flash plug-in update protection

Gregg Keizer — Sun, 06 Sep 2009 22:27:00 -0700

Mozilla says that future versions of Firefox will automatically check for updates to flash.

Thieves clear New Jersey Apple Store in seconds

Dan Moren — Fri, 04 Sep 2009 08:18:00 -0700

A band of thieves cleared out a new Jersey Apple Store's display MacBooks, iPhones, and iPod touches in a matter of seconds.

Patch scramble throws Adobe updates off schedule

Robert McMillan — Fri, 04 Sep 2009 00:20:00 -0700

After scrambling to patch security issues in July, Adobe will be a month late with its quarterly security updates, now due Oct. 13.

Researchers find a new way to attack the cloud

Robert McMillan — Thu, 03 Sep 2009 15:34:00 -0700

Researchers have developed new 'side-channel' attacks that can be used to steal data from cloud-computing programs.

Apple releases Java update for Leopard

Dan Moren — Thu, 03 Sep 2009 14:01:00 -0700

Apple has released a Java update for Mac OS X Leopard that patches a number of security vulnerabilities in the cross-platform technology.

Snow Leopard needs Flash patch, says Adobe

Jeremy Kirk — Thu, 03 Sep 2009 07:25:00 -0700

Mac users may be surprised that versions of Apple's latest operating system, Snow Leopard, potentially puts them at a higher security risk.

Inside Snow Leopard's hidden malware protection

Dan Moren — Wed, 26 Aug 2009 18:01:00 -0700

One of the hidden features of Snow Leopard is a built-in system to protect Mac users from malware. Dan Moren explains just what this feature entails.

The art of creating strong passwords

Michael Scalisi — Tue, 25 Aug 2009 04:00:00 -0700

IT pro Michael Scalisi gives you solid advice about picking a good password.

Review: iPhone Configuration Utility 2.0

John C. Welch — Fri, 21 Aug 2009 06:00:00 -0700

iPhone Configuration Utility 2.0 is a big step forward to help Apple gain a foothold in corporate environments, but it still has some glaring flaws.

Super-safe Web browsing

Rich Mogull — Thu, 20 Aug 2009 10:30:00 -0700

As a security consultant, Rich Mogull has to visit some less-than-safe quarters of the Internet. Here's how he does that without putting himself or his Mac at risk.

Review: Rise of Lost Empires for iPhone

Tim Mercer — Thu, 20 Aug 2009 04:37:00 -0700

Gameloft has managed to strike the right balance between real-time strategy gameplay and lots of action with Rise of Lost Empires. The game does away with some of the more tedious aspects of the genre so that you can focus on the fast-moving though still strategic action.

Padlock hard drive encrypts data via keypad

Peter Cohen — Wed, 19 Aug 2009 05:37:00 -0700

Apricorn's new Padlock Secure Hard Drive encrypts data using a built-in keypad.

Report: Fix on the way for iPhone 3.0 Mail bug

Philip Michaels — Tue, 18 Aug 2009 11:32:00 -0700

Last month, Ted Landau's Bugs & Fixes column noted an iPhone 3.0 flaw where deleted e-mails were turning up in Spotlight searches. According to the Internet rumor mill, a fix is on the way in the iPhone 3.1 update.

Twitter: Latest application platform problems solved

Juan Carlos Perez — Mon, 17 Aug 2009 21:58:00 -0700

Twitter says the most recent technical problems affecting its application platform have been resolved.

Eliminating a Word macro virus

Christopher Breen — Mon, 17 Aug 2009 11:18:00 -0700

Rare though they are these days, Word macro viruses are still around. Here are the steps for dealing with them.

Netgear offers 8-port Gigabit Firewall for small business

Peter Cohen — Mon, 17 Aug 2009 06:21:00 -0700

The new ProSafe 8-Port VPN Firewall is a Web-configurable firewall for small business with eight Gigabit Ethernet ports and a host of security features.

Hackers put social networks such as Twitter in crosshairs

Jeremy Kirk — Mon, 17 Aug 2009 04:37:00 -0700

Web sites such as Twitter are becoming increasingly favored by hackers as places to plant malicious software in order to infect computers.

Twitter used to manage botnet, says security expert

Mikael Ricknäs — Fri, 14 Aug 2009 10:17:00 -0700

A botnet that uses Twitter as its command and control structure has been found by a security researcher.

Palm Pre debacle highlights location privacy issues

Mikael Ricknäs — Thu, 13 Aug 2009 10:22:00 -0700

Reports about Palm keeping track of Pre users has shown how location services can backfire, and the importance of making users aware of how information is used.

Security Update 2009-004 fixes BIND vulnerability

Dan Moren — Wed, 12 Aug 2009 14:35:00 -0700

Apple released Security Update 2009-004 on Wednesday, fixing an issue in DNS software package BIND.