[ISN] Double trouble for Apple, as two software security flaws discovered

http://www.theguardian.com/technology/2014/nov/06/apple-mac-iphone-security-malware By Alex Hern The Guardian 6 November 2014 Users of Apple’s Mac OS X are being warned to watch out for not one, but two new weaknesses in the platform which can be used in attacks – one of which is already in the wild. The first, known as Rootpipe, affects multiple versions of Mac OS X, including the newest release, Yosemite. It lets an attacker gain “root” control of a computer, the highest level of access, without having to know a password. Rootpipe could theoretically allow a hacker to install any malicious software that could be used to steal credit cards details or other personal data, among other things. The other, called Wirelurker, is the first malware seen in the wild which targets iOS devices that haven’t been jailbroken. Wirelurker could be used to extract basic personal information from a phone. It tricks the user into installing it on their Mac, and then waits until an iPhone or iPad is plugged in over USB before using the trusted relationship between the two to install software on the mobile device. […]