Jeremy KirkAustralia Correspondent, IDG News Service

Jeremy reports on security and regional news for the IDG News Service.

poodle attack

Apple ending SSL 3.0 push notifications in wake of severe POODLE vulnerability

Apple is one of many companies moving to shut down SSL 3.0 for good.

shellshock

Apple releases patches for OS X's 'Shellshock' Bash shell vulnerability

The vulnerability posed little risk to most users.

shellshock

Two scenarios that can make OS X vulnerable to the Shellshock Bash bug

Intego has seen some proof-of-concept exploits for OS X using Bash

Tim Cook: iCloud security will be strengthened

Two-factor authentication will be enabled on iCloud, along with more warnings for certain account actions

Meet the Russian-made tool that grabs nude selfies from iCloud accounts

Elcomsoft said it is aware pirated copies of its Phone Password Breaker software are circulating in the underground

PayPal

Researcher says PayPal's two-factor authentication is easily beaten

Joshua Rogers decided to go public with the information after notifying PayPal of the problem on June 5

on pcworld.com

iphone side by

iPhone gets first free app for encrypting voice calls

Signal is compatible with RedPhone, its Android sibling, and scrambles voice calls placed via the iPhone.

instagram app

Using Instagram for iOS on public Wi-Fi poses risk of an account hijack, researcher says

Instagram is moving to full https encryption but isn't there just yet

pangu

New iOS jailbreak could open door to malware

The Pangu jailbreak has rankled a security researcher, who claims his work was improperly used.

Report: Neither iOS nor Android inherently more secure than the other

Apple has an edge in a couple of areas, but there are still ways into its walled garden, Marble Security said.

on pcworld.com

Adblock Plus works out kinks in Safari extension

The browser extension is mostly on par with ones for Chrome and Opera

heartbleed bug

Critical OpenSSL 'Heartbleed' bug puts encrypted communications at risk

Administrators are advised to patch and revoke old private keys

on pcworld.com

google drive 600w

Phishing campaign targets Google Docs, Drive users

A fake login page looks legitimate since it is served up by Google over SSL, Symantec said

on pcworld.com

Apple encryption mistake puts many desktop applications at risk

Apple's Mail, FaceTime, Calendar, Safari browser and Software Update could be vulnerable, a researcher said.

blockchain ios application

Apple removes Blockchain, last Bitcoin wallet app, from iOS App Store

The legal uncertainty around Bitcoin may be spooking Apple