All posts by 007admin

Panda Security

Apple denies its services were hacked

apple

 

“Celebgate” -as the theft and publication of private photos of more than 100 actresses and models has come to be known – is not only affecting the direct victims of the theft but also the companies that have been implicated in the affair.

Initially, it was thought that the leaks could be due to a potential security hole in iCloud, Apple’s virtual storage platform, but the company has announced that, after a 40-hour investigation, they have discovered that the accounts of these celebrities “were compromised by a very targeted attack on user names, passwords and security questions.” Adding that these attacks have “become all too common on the Internet.”

Apple denies that the hacking of the accounts of actresses such as Jennifer Lawrence, Kirsten Dunst and Kate Upton was the consequence of a vulnerability in its iCloud or ‘Find my iPhone‘ services. Although some of the victims have already had their say on the issue.

kirsten dunst twitter

The company has also announced that it continues to work with the police to help identify the criminals involved and encourages all users to choose a strong password and double check their security systems.

More | How to create strong passwords

The post Apple denies its services were hacked appeared first on MediaCenter Panda Security.

Avast

Survey shows the person you trust the most may be spying on you

People expect that they are being watched online in cyberspace, but who would expect to be spied on by the people closest to them? You better watch out – your partner may be spying on you more than the NSA: One in five men and one in four women admitted to checking their partner’s smartphone in a survey with 13,132 respondents conducted by AVAST in the United States.

shutterstock_198273875

Playing detective

The survey found that while the majority of women check their partner’s device because they are nosey, a quarter of married women suspect their spouse is cheating on them and want to find evidence.

Married women are not the only ones who suspect their partner is cheating on them. The reason why most men pry on their partner is because they too are afraid their better half is being unfaithful and want to confirm their suspicions – especially if the relationship is fresh.

Caught red handed

One may think that people who snoop on their significant other to find evidence of cheating or lying are being paranoid. Unfortunately, the majority of them are not paranoid–their gut feeling is often correct. Seven out of ten women and more than half of men who turn to their partner’s device to find proof their partner is deceiving them, have found evidence. Which of the two sexes is more likely to confront their partner regarding their findings? Women. The survey revealed that women are 20% more likely than men to confront their partner with the facts.

“Picking” the mobile lock

Cracking their partner’s device passcode wasn’t necessary for the greater number of snoopers. A shockingly high percentage of respondents claimed they didn’t need a passcode to gain entry to their significant other’s device. Women did, however, have an easier time with 41% reporting their partner’s device did not have a passcode compared to the 33% of men. Coming in at a high second, both male and female respondents claimed to know their partner’s device passcode because their partner had shared it with them in the past, unknowingly setting themselves up to get caught.

An eye for an eye

More than half of men and women who check their significant other’s device think their partner checks their device as well. There seems to be a low level of trust between partners who feel the need to keep tabs on their significant other.

The survey results show that respondents who just started dating and check their new companion’s device are less likely to suspect their new love of doing the same, compared to snoopers in established relationships. People in long term relationships were the most likely to think their partner does the same behind their backs.

Tips to protect your privacy

Be it from your partner or somebody who finds your lost phone – you should always protect your mobile devices from prying eyes.

  • Protect your mobile devices with passcodes!

Everyone should protect their smartphones and tablets with passcodes, even if you aren’t worried about snoopers. Passcodes not only make it more difficult for nosey partners to access secrets and surprises, but can also protect your data should your device get lost or stolen.

  • Lock your precious apps

Apps that contain sensitive information deserve an extra layer of protection. With avast! Mobile Security’s app locking feature you can password protect your most precious apps.

  • Free your phone from old data – and back it up

Backing up your mobile data allows you to save your data to the cloud so you can delete old data from your phone. This not only prevents data loss, whether you lose your phone or accidentally delete data from your phone, but can prevent your partner from finding out about activity you want to keep to yourself. avast! Backup backs up your call log history, SMS, contacts and photos for free.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ andInstagram. Business owners – check out our business products.

Security

Firefox 32 Debuts With Public-Key Pinning, Several Security Fixes

Mozilla has released Firefox 32, the latest version of its browser, which now supports public-key pinning and also includes fixes for several critical security vulnerabilities. The move to support public-key pinning is an important one for Firefox, as it helps protect users against man-in-the-middle attacks that rely on forged certificates. The feature binds a set […]

Apache

[Announce] Apache HTTP Server 2.2.29 Released

                       Apache HTTP Server 2.2.29 Released

   The Apache Software Foundation and the Apache HTTP Server Project are
   pleased to announce the release of version 2.2.29 of the Apache HTTP
   Server ("Apache"). (Note that 2.2.28 was not released). This version
   of Apache is principally a security and bug fix maintenance release,
   and addresses these specific security defects as well as other fixes;

    CVE-2014-0118 (cve.mitre.org)
     mod_deflate: The DEFLATE input filter (inflates request bodies) now
     limits the length and compression ratio of inflated request bodies to
     avoid denial of sevice via highly compressed bodies. See directives
     DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
     and DeflateInflateRatioBurst.

    CVE-2014-0231 (cve.mitre.org)
     mod_cgid: Fix a denial of service against CGI scripts that do
     not consume stdin that could lead to lingering HTTPD child processes
     filling up the scoreboard and eventually hanging the server. By
     default, the client I/O timeout (Timeout directive) now applies to
     communication with scripts. The CGIDScriptTimeout directive can be
     used to set a different timeout for communication with scripts.

    CVE-2014-0226 (cve.mitre.org)
     Fix a race condition in scoreboard handling, which could lead to
     a heap buffer overflow.

    CVE-2013-5704 (cve.mitre.org)
     HTTP trailers could be used to replace HTTP headers late during
     request processing, potentially undoing or otherwise confusing
     modules that examined or modified request headers earlier.
     Adds "MergeTrailers" directive to restore this legacy behavior.

   We consider the Apache HTTP Server 2.4 release to be the best version
   of Apache available, and encourage users of 2.2 and all prior versions
   to upgrade. This 2.2 maintenance release is offered for those unable
   to upgrade at this time. For further details, see:

     http://www.apache.org/dist/httpd/Announcement2.4.txt

   Apache HTTP Server 2.4 and 2.2.29 are available for download from:

     http://httpd.apache.org/download.cgi

   Please see the CHANGES_2.2 file, linked from the download page, for a
   full list of changes. A condensed list, CHANGES_2.2.29 includes only
   those changes introduced since the prior 2.2 release. A summary of all
   of the security vulnerabilities addressed in this and earlier releases
   is available:

     http://httpd.apache.org/security/vulnerabilities_22.html

   This release includes the Apache Portable Runtime (APR) version 1.5.1
   and APR Utility Library (APR-util) version 1.5.3, bundled with the tar
   and zip distributions. The APR libraries libapr and libaprutil (and
   on Win32, libapriconv version 1.2.1) must all be updated to ensure
   binary compatibility and address many known security and platform bugs.
   APR version 1.5 and APR-util version 1.5 represent minor version upgrades
   from earlier httpd 2.2 source distributions.

   This release builds on and extends the Apache 2.0 API and is superceeded
   by the Apache 2.4 API. Modules written for Apache 2.0 or 2.4 will need
   to be recompiled in order to run with Apache 2.2, and most will require
   minimal or no source code changes.

   When upgrading or installing this version of Apache, please bear in mind
   that if you intend to use Apache with one of the threaded MPMs (other
   than the Prefork MPM), you must ensure that any modules you will be
   using (and the libraries they depend on) are thread-safe.