Security blog Defense in Depth has found a glaring security flaw in OS X Lion that enables hackers to change the password of any user on a machine running Lion. “[While] non-root users are unable to access the shadow files directly, Lion actually provides non-root users the ability to still view password hash data,” Patrick Dunstan from Defense in Depth explained in a recent blog post. The result is that anyone could use a simple Python script, created by Dunstan himself, to discover a user’...

Apple has promised to patch a security hole found in the iPhone and iPad following a report published by Germany’s Federal Office for Information Security. Reportedly, a PDF security hole could allow hackers to gain unauthorized access to personal data — such as messages and passwords — stored on an iPhone or iPad and could “infect the mobile device with malware without the user’s knowledge.” Apple’s PR team was quick to respond to the allegations. “[Apple is] aware of ...

In a move that should surprise no one, Apple has banned the “Big Brother Camera Security” app that developer Daniel Amity used to swipe his customers’ passcodes. BGR reported on Tuesday about an application that attempted to trick users into setting a passcode identical to the pin used to lock their iPhones. The app then transmitted the PIN numbers in the background to the developer — albeit anonymously — who used them to publish a report covering the most commonly used iPhone passcodes. While t...

Daniel Amitay, the iPhone developer who created “Big Brother Camera Security” application, has released a list of the top 10 iPhone passcodes. Amity implemented code into his last software update that allowed the application to record passwords entered in by its users. Since his app’s lock and passcode screens look identical to the iPhone’s, he argues that his data reflects an iPhone user’s actual password. Of the 204,508 recorded passcodes collected, the most popular was, not su...

BGR has provided extensive coverage of an ongoing saga that has seen numerous digital properties belonging to Sony fall under attack. To date, personal information belonging to well over 100 million Sony customers has been compromised, and nearly 13 million credit card numbers have been stolen. For IT professionals or other tech enthusiasts with weak stomachs, we can understand if reading one story after another about Sony’s security woes might make you a bit queasy. As such, a new site launched recentl...

According to reports from numerous gaming sites, the password reset page for Sony’s PlayStation Network has been exploited. Sony built the page in an effort to allow users, whose accounts were already compromised during a major security breach last month, to reset their security credentials. However, hackers who stole the information from Sony can reset users’ passwords by knowing and account holder’s email address and birthday — information they’ve already stolen. Forum members on N...

Firefox 4 has been leaked for Mac and PC a day before the company said it would be officially available. Mozilla promises the user interface in Firefox 4 is sleeker and easier to use, and it enables users to keep open tabs, bookmarks, history, and passwords in sync with other devices running a Firefox browser. Firefox 4 also has a new feature that allow you to drag and drop open tabs into groups that can be arranged and named. The leaked downloads aren’t available direct from Mozilla, so we suppose ther...

A new report from Cult of Mac suggests that Apple may have some nifty new features in store for the upcoming iPhone 5. Rumors that the iPhone 5 will utilize NFC are nothing new at this point, but this morning’s claims cover a very unique feature for the underutilized technology. The report suggests that the iPhone 5 will include a new portable computing function, allowing users to store data and settings from Mac computers on their iPhones. When a handset is waved near any other compatible NFC-equipped ...

Google’s high profile war of words with China has garnered much public attention but the underlying cause of the dispute — the alleged hacking of Google by Chinese individuals, possibly with government sanction, has stayed quietly under the radar. A source with knowledge of Google’s internal investigation revealed to the NY Times that one of the targets of the attack was Google’s universal login system known as “Gaia”. Though you may not be familiar with the name, every And...

Wow. Just wow. Marko Karppinen, head of a Finnish software development firm specializing in Mac software, just found himself on the wrong end of a security breach. According to his blog post from this morning Karppinen was the victim of a complex, crafty and well-executed scheme clearly carried out by a team of unscrupulous professional hackers. The end result; Karppinen’s Apple ID account was compromised and access to personal data was established for an unknown period of time. So how did this guerrill...