Apple Security Advisory 2012-05-14-1 – This update runs a malware removal tool that will remove the most common variants of the Flashback malware.
>> CATEGORY: Apple
Apple Security Advisory 2012-05-14-1 – This update runs a malware removal tool that will remove the most common variants of the Flashback malware.
Apple Security Advisory 2012-05-14-1 – This update runs a malware removal tool that will remove the most common variants of the Flashback malware. If the Flashback malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found.
Debian Linux Security Advisory 2471-1 – Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code.
Apple Security Advisory 2012-05-09-2 – Safari 5.1.7 is now available and addresses multiple WebKit related vulnerabilities.
Apple Security Advisory 2012-05-09-1 – OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it.
Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user’s system.
Apple Security Advisory 2012-05-07-1 – A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. Multiple cross site scripting issues existed in WebKit along with a memory corruption issue.
Secunia Security Advisory – A security issue has been reported in Apple Mac OS X, which can be exploited by malicious people with physical access to bypass certain security restrictions.
This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.