A new utility has been released by a Russian software developer who claims it can deliver the passwords stored on an iOS 4-based iPhone without any modification to the device itself. Based in Moscow, the company called “Elcomsoft Proactive Software” has previously specialized in password-cracking software that makes use of video graphics processors in consumer-level systems to conduct its high-volume number crunching and “password recovery.”
The iPhone Password Breaker is not the first attempt by developers to release software that compromises iPhone security; however it is the first that does so without any jailbreaking or other changes to the phone’s embedded OS or firmware.
According to The Register, Elcomsoft legitimately markets this tool as a utility for forensic investigators and positions itself as a partner to global law enforcement. There is likely some question as to whether Elcomsoft will sell its products exclusively to these parties, but a free trial version is currently available for public download at their web site.
Recently presented at the Security B-Sides and DEFCON conferences in Las Vegas, two critical vulnerabilities have been discovered in VxWorks, Wind River’s popular embedded OS that is used in tens of thousands of designs for “smart devices” from organizations including Cisco, Apple and even NASA.
While the transition to Smart Grid technology brings with it the promises of energy conservation, and hopes to empower consumers with a higher awareness of their power consumption, many are concerned that with these benefits will also come key vulnerabilities to the electrical grid — and for that matter, the safety of entire nations. In Britain, for example, researchers at Cambridge University have brought to light a vulnerability associated with plans to introduce “pre-paid” energy consumption for consumers with a history of defaulting on payment. The practice would require a standard remote shut-off scheme which, depending on encryption methods, might make it relatively easy for a malicious third party to disable meters remotely.
As we previously reported, the Black Hat Conference in Las Vegas is a gathering of individuals from the security research and hacking communities, eager to flaunt their most recent discoveries and hacks. The purpose of these proceedings is purportedly to show the rest of the world what a determined hacker can do as well as raise awareness of security issues and what can be done about them.
The “Internet of Things” is an evolving cross-industry collaboration, in which objects themselves become part of the internet–just as we interact with things, things will interact with us, and eventually each other as nodes of a growing network. As processing energy requirements decrease and processors themselves become smaller, it becomes possible for processing to take place in many places using items like sensors and RFID tags. This is the Internet of Things, and 
In the world of industrial control systems, safety and reliability are the prime concerns when malfunction could mean real-world disaster. A number of recent catastrophes have been linked to control system cyber incidents in the transit and utility industries, including the recent BP spill in the gulf.
While many consumers complain about being “robbed at the pump” due to the rising cost of fuel, the phrase has a whole new meaning when thieves hijack debit and credit card information from gas pump POS terminals using electronic “skimmers.” A New York Times 
As reported on 
An announcement on Monday from Citigroup Financial disclosed that Citi Mobile, the group’s iPhone-based online banking app, 
The number of software vulnerabilities found in the first half of 2010 has nearly eclipsed last year’s total figure, and topping the list are machines running Apple operating systems, according to a new report by security firm 
