Tag: security
AgileBits has released a beta of 1Password 7 with a plethora of new features they have been working on for several years. Available now for Mac and Windows, this venerable password manager adds new features such as: a dark sidebar, drag and drop between vaults, nested tags, pop-out items, an integrated Safari extension, and running as a single process for the first time. Additional standout features include notes with rich formatting and hyperlinks, a new “Courier Prime Bits” font for…
According to a detailed article by Patrick Wardle, OS X with Gatekeeper is vulnerable to attack from applications loading dynamic link libraries (DLLs) that don’t specify a path name. “The operating system looks for the DLL file in a number of well-defined directories. An attacker could thus ‘hijack’ the DLL by placing a rogue DLL file into one of those directories, so that the operating system will find the rogue DLL first….Unfortunately, by abusing a dylib hijack, an attacker can…
Mac users wanting to save a PDF of their TurboTax return or print to file, are forced to upload their data to Intuit via a silent connection. The Mac TurboTax license says, “You may save your return as a PDF file and understand it may be processed on Intuit servers, not as part of the Software.” In a February 19 Wall Street Journal article, Intuit blames Apple: According to Julie Miller, an Intuit spokeswoman, TurboTax made the…
A critical Network Time Protocol issue has been patched by Apple, and is available for OS 10.8 through 10.10.1 via the Mac App Store. While most Apple updates are user option installable, this particular update is being pushed out by Apple automatically in order to prevent machines from being hi-jacked by hackers. If you have not seen a notification on your screen, you can install it from the App Store.
Apple released a patch for the bash UNIX shell to address two serious security vulnerabilities known as ‘shell shock.’ The updates don’t appear to be in Software Update and can be manually installed for OS 10.7, 10.8, and 10.9. Two additional vulnerabilities have been discovered. Those not wanting to wait for Apple, or needing to patch OS 10.6, can refer to articles on MacIssues or WonderHowTo.
Stockholm, Sweden – Coding Turtle today is pleased to announce Scrambler 1.2, a major update to their simple encryption app for the Mac. Scrambler makes it convenient to encrypt files before sending them along unsafe places, such as to other Macs over untrusted email, instant messaging or cloud-based services. Scrambler resides in the menu bar – providing a small icon in the upper-right area of the screen. To encrypt a file with Scrambler, users drag the file on Scrambler’s menu…
A security breach with Evernote’s servers has exposed more than 50 million users passwords, causing the Evernote Corporation to issue a complete password reset. The announcement by the Evernote Corporation states that there was no data exposure but to be safe, the company is forcing all users of the popular note taking service to reset their passwords. The full announcement is at: http://evernote.com/corp/news/password_reset.php
The infamous “top-secret” document-leaking web site WikiLeaks recovered just Monday from what appeared to be a massive, week-long DDoS attack from thousands of distinct IP addresses. The group took assistance from security and performance firm Cloudfare in order to handle the extra capacity needed to withstand the attack– over 10 gigabits per second. A posting on the site states: “The bandwidth used is so huge it is impossible to filter without specialized hardware, however… the DDoS is not simple bulk…
