Lucian ConstantinReporter, IDG News Service, IDG News Service

Lucian Constantin writes about information security, privacy and data protection.

icloud red bckgnd

Hackers launch Apple ID phishing campaign playing on iCloud security worries

Phishing emails masquerade as security alerts from Apple about rogue iTunes purchases, researchers from Symantec said

photosforosx

Cyberespionage group uses port of Windows backdoor to attack OS X

The new malware program is an OS X version of a Windows backdoor called XSLCmd, researchers from FireEye said.

Hackers behind iPhone ransom attacks arrested in Russia

A man and a teenaged boy are accused of using phishing and social engineering attacks to hijack Apple IDs and lock iOS devices

safari logo

Safari 6.1.4 and 7.0.4 address critical flaws, iOS patches missing

Apple patched 22 vulnerabilities in Safari, the majority of which could allow remote code execution.

Mozilla to strengthen SSL certificate verification in Firefox

The software maker will pay US$10,000 for any critical vulnerability found in its new certificate verification code

on pcworld.com

Mac OS X

Apple users put at risk by 3-week delay between OS X and iOS patches, researchers say

IOS users were kept vulnerable for three weeks to known security issues previously patched in Safari for OS X, a former Apple employee said.

Mysterious 'Unflod' malware steals Apple credentials from jailbroken iOS devices

Some iOS users found a malicious library of unknown origin on their jailbroken devices

Adobe patches a critical flaw in Flash Player and AIR shown at Pwn2Own contest

Adobe Systems addressed two remote code execution flaws, including one demonstrated at the Pwn2Own hacking competition last month.

on pcworld.com

Fake Tor app has been sitting in Apple's App Store for months, Tor Project says

Apple has not removed the fake app so far despite being notified in December, Tor developers say

on pcworld.com

New iOS flaw allows malicious apps to record touch screen presses

The captured touch screen data could be used to reconstruct what users typed

Snapchat vulnerability can be exploited to crash iPhones, researcher says

Snapchat request tokens can be resused to launch denial-of-service attacks against the app's users.

on pcworld.com

BYOD security

Researchers: Tech support scammers are targeting mobile users

Researchers from security firm Malwarebytes spotted a tech support scam targeting smartphone and tablet users, while the Federal Trade Commission is warning consumers about scams offering tech support refunds.

on pcworld.com

target

Target point-of-sale terminals were infected with malware

The company's CEO confirmed that attackers used malware to steal credit and debit card data from PoS systems

on pcworld.com

isight camera

Researchers: Older Mac webcams can spy without activating warning light

Researchers from Johns Hopkins University created an application that can disable the LED on first-generation iSight cameras while in use.

Google fixes Chrome vulnerabilities exploited at Pwn2Own contest

New versions of Chrome for Windows, Mac, Linux and Android patch a full sandbox escape vulnerability.

on pcworld.com