Comments temporarily disabled – Updated

27. April 2015 Security 0
Due to a serious vulnerability discovered in the WordPress platform, comments have been disabled throughout the entire site. As soon as WordPress offers a patch comments will be re-enabled. Update: WordPress has not addressed this issue yet but thanks to a workaround limiting the comment size by Arnaud I was able to allow comments again. ...

Updates for OS X and iOS

08. April 2015 Security 0
Apple today released updates for OS X Yosemite and iOS 8. As usual it is recommended to install these updates as they include a slew of security patches but also bug fixes and enhancements. Some users may also see a separate security update available (Security Update 2015-004) and/or a Safari update (6.2.5 or 7.1.5). The ...

Apple releases security updates, iOS 8.2 and Apple TV 7.1

09. March 2015 Security 0
(Updates may not be available yet for download. They should be available to everyone before the end of the day) Apple today released a security update for it’s most recent three OS X systems, iOS 8.2 and Apple TV 7.1 which also includes security fixes. For OS X 10.8.5 Mountain Lion, 10.9.5 Mavericks and 10.10.2 ...

Java installs adware. If you allow it. Relax people.

06. March 2015 Security 6
Java is now bundled with an Ask.com toolbar. The web is blowing up about it. “Beware”, “Adware”, “shady”, “Sneaking” and other terms are used. Is this just a hype or is there something to these claims? Let’s find out. I set up a brand new Virtual Machine, installed all the latest updates, the latest browsers, ...

Old Mac trojan returns

12. February 2015 Security 1
For the past few days I’ve been keeping an eye on reports stating an old Mac trojan, OpinionSpy, is back. Intego has indeed confirmed the old trojan has found it’s way back to the Mac platform. This time through downloads from download.cnet.com. The application “Free Video Cutter Joiner” will install additional contents if you allow ...

New Flash Player version available

05. February 2015 Security 0
An updated Flash Player, version 16.0.0.305, is now available for download on the Adobe website. This version patches the zero-day exploit I mentioned a few days ago. All users that have Flash Player installed should update asap. If you had previously disabled Flash Player just reverse the instruction I gave in the previously mentioned article. ...

Apple releases updated FlashBack Malware removal tools

03. February 2015 Security 1
It appears Apple has quietly released an updated tool in the fight against fake Flash Player installers. Two updates showed up today: Flashback Removal Security Update 1.0, released 02/02/2015 5:09 PM – “This update removes the most common variants of the Flashback malware.” This update also disables the Java plug-in in Safari. Flashback malware removal ...

New Flash zero-day also targets Mac users

02. February 2015 Security 1
Adobe released a security advisory today. Flash Player versions 16.0.0.296 (current version) and earlier are vulnerable to an exploit that can cause a crash which allows an attacker to take control of the affected system. This vulnerability is already being exploited in the wild and no patch is available at this time. We recommend disabling ...

Apple updates Yosemite and Safari

27. January 2015 Security 4
Today Apple released the second update to the latest OS X, 10.10.2. While the detailed list of security fixes in this update has not yet been released we know from other sources that Apple fixed the Thunderstrike exploit, briefly mentioned in my last post, and three of the vulnerabilities reported by Google last week. Also ...

Just an update (and a bit of a rant ;)

08. January 2015 Just an update, Security 2
Happy new year everyone and thank you for your support, tips, samples and more over the past year. I haven’t forgotten about this blog and I still keep my eye on any potential threats that require awareness. The past few months have just been very uneventful when it comes to Mac security. One issue I ...