Think of Mac

The 21-year-old Australian guy who got chewed out by his parents for launching the first iPhone worm landed a job with an app company.

Ashley Towns wrote Ikee, calling it an “experiment that got out of hand,”  a worm that  switched iPhone wallpaper for an image of 80s pop singer Rick Astley. Astley, who sang the 1987 hit “Never Gonna Give You Up,” who morphed into the Internet prank known as “Rickrolling.” The bait-and-switch worm replaces an ordinary video with one of Astley.

The day after the worm infected jailbroken iPhones, Towns said he had received a death threat, media attention and job offers.  Read more... (159 words, estimated 38 secs reading time)

Reports of a potentially critical Snow Leopard bug that can erase a user’s account data have continued to surface since the operating system’s debut [Updated with Apple official comment].

Since Mac OS X 10.6 launched in late August, numerous reports online have detailed the issue, which is triggered by logging in and out of a guest account on a Snow Leopard machine. Upon logging back in to their regular account, users will find that it has been wiped of all data.  Read more... (186 words, estimated 45 secs reading time)

Computerworld -  A network of Russian malware writers and spammers paid hackers 43 cents for each Mac machine they infected with bogus video software, a sign that Macs have become attack targets, a security researcher said yesterday.

In a presentation Thursday at the Virus Bulletin 2009 security conference in Geneva, Switzerland, Sophos researcher Dmitry Samosseiko discussed his investigation of the Russian “Partnerka,” a tangled collection of Web affiliates who rake in hundreds of thousands of dollars from spam and malware, most of the former related to phony drug sites, and much of the latter targeting Windows users with fake security software, or “scareware.”  Read more... (202 words, estimated 48 secs reading time)

Adobe’s Flash is fixed in the Mac OS X 10.6.1 Snow Leopard update that’s in the hands of a limited number of developers.

The seed updates Adobe Flash to version 10.0.32.18. Snow Leopard shipped with version 10.0.23.1, which is known to be insecure and needs to be patched to close various security holes. (If you’re running Snow Leopard and haven’t updated Flash, follow this link to download the latest version).

Apple seeded the update less than a week after shipping Snow Leopard on August 28. The other fixes seem to be relatively minor. According to World of Apple, which has published the seed notes, the 71MB update includes:  Read more... (114 words, estimated 27 secs reading time)

Apple Engineers missed a key opportunity to implement an industry-standard technology in their latest operating system that would have made it more resistant to hacking attacks, three researchers have said.

Known as ASLR, or address space layout randomization, the measure picks a different memory location to load system components each time the OS is started. While Microsoft has had it implemented since the roll-out of Windows Vista, the analogous protection in Snow Leopard, which went on sale Friday, suffers from a crucial deficiency: It fails to randomize core parts of the OS, including the heap, stack and dynamic linker.  Read more... (104 words, estimated 25 secs reading time)

The days of Apple having invulnerable systems is long gone, with the Apple pop culture spreading worldwide and becoming ever more popular, it has in doing so, attracted the likes of hackers and exploiters too. Luckily the CEO of AVG (JR Smith) has come forward to calm the nerves of the Apple supporters whose faith in Apple’s security has been somewhat shattered over the last month due to articles like THIS one about the iPhone, and THIS one about the Mac keyboards.  Read more... (201 words, estimated 48 secs reading time)

A Mac security expert has uncovered a technique that hackers could use to take control of Apple Inc computers and steal data that is scrambled to protect it from identity thieves.

Prominent Mac researcher Dino Dai Zovi disclosed the software flaw at the Black Hat security conference in Las Vegas, one of the world’s top forums for exchanging information on Internet threats.

About 4,000 security professionals are in attendance, including some who are really hackers. While experts ferret out software flaws to fix them and protect users, hackers use the same information to devise pranks or commit crimes.  Read more... (131 words, estimated 31 secs reading time)

AVG’s free antivirus product temporarily blocked users from getting to iTunes late last week, detecting it as a Trojan, the company said on Monday.

For about five hours on Friday starting around 4 p.m. PDT, AVG users couldn’t access iTunes because of the false alarm.

“AVG discovered the false alarm in the virus signature engine relating to some localization components of iTunes (so not iTunes as a virus but rather some localization components of iTunes) and it was fixed within 5 hours,” AVG spokesperson Siobhan MacDermott said in a statement. “AVG would like to apologize for any inconvenience to our users/customers.”  Read more... (123 words, estimated 30 secs reading time)

The iPhone can now be used as an authenticator in accessing enterprise applications and resource.

RSA, The Security Division of EMC, announced the availability of the RSA SecurID Software Token for iPhone Devices that enables an iPhone to be used as an RSA SecurID authenticator, providing convenient and cost-effective two-factor authentication to enterprise applications and resources. The RSA SecurID Software Token App is now available on the App Store at no charge. The required RSA SecurID software token seed as well as RSA Authentication Manager — the software that powers the RSA SecurID system — are both available for purchase worldwide.  Read more... (194 words, estimated 47 secs reading time)

Tried to open iTunes just now and got an AVG Alert telling me that iTunes.dll and iTunesRegistry.dll are infected with “Trojan horse Small.BOG”.

I only just used it yesterday without issue.

Anyone had this before? Any ideas?