Back to Mobile View

Skip to Content

TUAW Deals

Tag: exploit

Exploit (now offline) allowed bogus reset of Apple ID passwords (updated)

Apple's new two-step verification process has already been put to the test, thanks to a (now apparently offline) exploit that allows anyone with your email address and birthday to reset your Apple ID. The Verge confirmed the exploit after the site was made aware of a tutorial posted on a Chines...

Continue Reading

Trojan targets Mac-using activists in China

There's a new backdoor trojan exploit out there for Mac users that appears to originate in China, specifically targeted at political activists in the Uighur movement against that country. The trojan appears in email inboxes as a picture attachment which, when opened, secretly installs informati...

Continue Reading

F-Secure reports Mac trojan poses as PDF

Security firm F-Secure has unearthed a troubling trojan for Macs that hides itself as a PDF, only waiting until the file is opened up and displaying some Chinese characters before it dives into your Mac's hard drive and sets up a backdoor control. Currently, according to F-Secure, the backdoor ...

Continue Reading

Ten-Year-Old Hacker presents iOS game exploit at DefCon

A 10-year-old hacker who goes by the name CyFi uncovered a new exploit in iOS and Android games. The time-based exploit lets you advance in a game by adjusting the clock on your phone or tablet. The California girl discovered the flaw while playing an unnamed farming game. Tired of waiting te...

Continue Reading

iOS 4.3.4 (GSM) and 4.2.9 (Verizon) now available, fixes PDF exploit

Looks like Apple has plugged the PDF exploit in iOS with the now-available iOS 4.3.4 which you can download via iTunes. The PDF exploit was used by JailbreakMe, so if you're planning to use it to jailbreak your iPhone, you'll want to avoid this update. You can read more about the update here ...

Continue Reading

Apple to patch PDF vulnerability in iOS

Apple said it will issue a patch that will close a PDF hole in iOS. Though this security hole is well known by iOS owners, it made headlines recently when the German government issued a malware warning about this "critical weakness" in Apple's iOS operating system. As it has done in the past wi...

Continue Reading

Apple servers hacked by Anonymous

According to Anonymous' twitter account, the hacking group used a SQL injection exploit to pull down the usernames and passwords of several accounts from an Apple-run server ( The passwords appear encrypted so there is little threat that others can abuse this account information....

Continue Reading

Skype pushes update to Mac client for security flaw

As we mentioned Saturday, a critical vulnerability in the Skype 5 client for Mac could have exposed your machine to attack from malicious contacts (the vector for attack is an instant message, which you only can receive by default from people you already 'trust' in Skype). With no exploit activ...

Continue Reading

iPhone URL display poses potential security threat

Security research specialist Nitesh Dhanjani has demonstrated how mobile Safari's ability to hide a web page's URL can be used to trick users. Specifically, his proof-of-concept site shows a "fake" URL filed once the real one has been hidden, preventing users from realizing that they're not looking ...

Continue Reading

Jailbreakme site utilizes PDF exploit in iOS

We reported on the return of browser-based yesterday. Today IT security guru F-Secure revealed just how the site is able to work. The jailbreak method utilizes a PDF exploit found in the iOS software. Charlie Miller with Independent Security Evaluators, tweeted, " Starting to get ...

Continue Reading

Safari exploit gives your contact info to malicious websites

In a report on security in the first half of 2010 Apple has claimed the top spot in the number of security vulnerabilities in their OS and software. According to a report from the security company Secunia, Apple is followed by Oracle and then Microsoft in the number of security flaws reported. It's...

Continue Reading

iPhone push on unlocked phones sends AIM message to unintended recipients

Update 7/22: AOL has responded to the reports of misdirected push notifications, and has confirmed that the issue is due to the use of a workaround for push notifications on unlocked phones. -- If you want to have a hot and steamy exchange with your sweetheart via AIM on the iPhone, you might want ...

Continue Reading

Mac OS X Java security hole exposed

You know, it's fine to make the argument that "Macs are safer than Windows-based PCs," because in real-world usage, this is generally true. Nothing does more to undermine that argument, however, like a five-month old unpatched Java vulnerability. As Landon Fuller has pointed out, a potentially na...

Continue Reading

Safari RSS vulnerability might reveal your personal data

This vulnerability is patched in the 2009-001 security updates. When reports of security issues in Apple's Safari browser come over the transom, they get our attention. When they're exploitable in both the Mac and Windows versions of Safari, they get our full and undivided attention. When the person...

Continue Reading

iPhone bug a potential threat?

There's a lot of "could" and "might" in this story, folks, so keep that in mind. MacNN is reporting that a group of iPhone developers has identified a bug in the current iPhone firmware that could lead to an exploit of the Default.png file. Default.png is what's displayed when an application is la...

Continue Reading

© 2014 AOL Inc. All Rights Reserved.