Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
11.0K views | +0 today
Follow
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Kaspersky: Neue Malware installiert Hintertüren auf Macs | #CrossPlatform #CyberSecurity #Awareness 

Kaspersky: Neue Malware installiert Hintertüren auf Macs | #CrossPlatform #CyberSecurity #Awareness  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Neue Malware installiert Hintertüren auf Macs
Malware gibt es auch für Mac-Nutzer. Kaspersky hat die OS-X-Variante einer Backdoor-Software entdeckt, die auch für Windows und Linux existiert. Angreifer können damit Tastaturanschläge protokollieren und gezielt nach Dateien suchen.


Eine neue Malware für OS X installiert eine Hintertür auf dem Rechner der Nutzer, wie Kaspersky schreibt. Die Software mit dem Namen OSX.Mokes wurde im Januar dieses Jahres bereits in Versionen für Linux und Windows entdeckt.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform

 

http://www.scoop.it/t/securite-pc-et-internet

 

Gust MEES's insight:
Neue Malware installiert Hintertüren auf Macs
Malware gibt es auch für Mac-Nutzer. Kaspersky hat die OS-X-Variante einer Backdoor-Software entdeckt, die auch für Windows und Linux existiert. Angreifer können damit Tastaturanschläge protokollieren und gezielt nach Dateien suchen.


Eine neue Malware für OS X installiert eine Hintertür auf dem Rechner der Nutzer, wie Kaspersky schreibt. Die Software mit dem Namen OSX.Mokes wurde im Januar dieses Jahres bereits in Versionen für Linux und Windows entdeckt.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform

 

http://www.scoop.it/t/securite-pc-et-internet

 

more...
Gust MEES's curator insight, September 9, 2016 11:59 AM
Neue Malware installiert Hintertüren auf Macs
Malware gibt es auch für Mac-Nutzer. Kaspersky hat die OS-X-Variante einer Backdoor-Software entdeckt, die auch für Windows und Linux existiert. Angreifer können damit Tastaturanschläge protokollieren und gezielt nach Dateien suchen.


Eine neue Malware für OS X installiert eine Hintertür auf dem Rechner der Nutzer, wie Kaspersky schreibt. Die Software mit dem Namen OSX.Mokes wurde im Januar dieses Jahres bereits in Versionen für Linux und Windows entdeckt.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform

 

http://www.scoop.it/t/securite-pc-et-internet

 

 

Scooped by Gust MEES
Scoop.it!

Keydnap Malware Steals Keychain Passwords, Opens Backdoor on Infected Macs | #Apple #Mac #CyberCrime

Keydnap Malware Steals Keychain Passwords, Opens Backdoor on Infected Macs | #Apple #Mac #CyberCrime | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
After yesterday security researchers from Bitdefender discovered the Eleanor trojan targeting Macs and opening a backdoor using Tor, today it's ESET's turn to reveal the existence of a similar backdoor trojan that also uses a Tor2Web service to steal Keychain passwords.

Named Keydnap and detected as OSX/Keydnap, this trojan is a new arrival on the Mac malware scene, first seen this past May (internal version 1.3.1), and later in June (version 1.3.5).

The malware's mode of operation is very simple, even if the infection chain is drawn out in several steps.

Keydnap dropper disguised as image or text files
Everything starts when users receive an email that contains an archive. Unzipping this file drops at first glance either an image or a text file. In reality, there's a space after the file's extension, meaning the file will run in the Mac terminal. This file is a Mach-O executable that uses a fake icon.

When executed, this file runs its malicious behavior and then shows an image if it's trying to pose as a picture, or a text pad, if it's trying to pose as a text file.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
After yesterday security researchers from Bitdefender discovered the Eleanor trojan targeting Macs and opening a backdoor using Tor, today it's ESET's turn to reveal the existence of a similar backdoor trojan that also uses a Tor2Web service to steal Keychain passwords.

Named Keydnap and detected as OSX/Keydnap, this trojan is a new arrival on the Mac malware scene, first seen this past May (internal version 1.3.1), and later in June (version 1.3.5).

The malware's mode of operation is very simple, even if the infection chain is drawn out in several steps.

Keydnap dropper disguised as image or text files
Everything starts when users receive an email that contains an archive. Unzipping this file drops at first glance either an image or a text file. In reality, there's a space after the file's extension, meaning the file will run in the Mac terminal. This file is a Mach-O executable that uses a fake icon.

When executed, this file runs its malicious behavior and then shows an image if it's trying to pose as a picture, or a text pad, if it's trying to pose as a text file.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Forensic scientist identifies suspicious 'back doors' running on every iOS device | Privacy | Cyberespionage

Forensic scientist identifies suspicious 'back doors' running on every iOS device | Privacy | Cyberespionage | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
During his talk at HOPE/X Jonathan Zdziarski detailed several undocumented services (with names like 'lockdownd,' 'pcapd,' 'mobile.file_relay,' and 'house_arrest') that run in the background on over 600 million iOS devices.


Zdziarski's questions for Apple include:

  • Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?
  • Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone?
  • Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?
  • Why is there still no mechanism to review the devices my iPhone is paired with, so I can delete ones that don’t belong?

... and his last slide (page 57 of the PDF) sums it up nicely: 


  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Learn more:



Gust MEES's insight:
During his talk at HOPE/X Jonathan Zdziarski detailed several undocumented services (with names like 'lockdownd,' 'pcapd,' 'mobile.file_relay,' and 'house_arrest') that run in the background on over 600 million iOS devices.


Zdziarski's questions for Apple include:

  • Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?
  • Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone?
  • Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?
  • Why is there still no mechanism to review the devices my iPhone is paired with, so I can delete ones that don’t belong?

... and his last slide (page 57 of the PDF) sums it up nicely: 


  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Learn more:


more...
Gust MEES's curator insight, July 21, 2014 9:26 AM
  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Cross-platform Mokes backdoor OS X exists and is spreading in the wild

Cross-platform Mokes backdoor OS X exists and is spreading in the wild | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Malware researchers from Kaspersky Lab confirmed the existence of an OS X variant of the Mokes backdoor discovered in January by Kaspersky.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform

 

http://www.scoop.it/t/securite-pc-et-internet

 

Gust MEES's insight:
Malware researchers from Kaspersky Lab confirmed the existence of an OS X variant of the Mokes backdoor discovered in January by Kaspersky.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform

 

http://www.scoop.it/t/securite-pc-et-internet

 

more...
Gust MEES's curator insight, September 8, 2016 9:55 AM
Malware researchers from Kaspersky Lab confirmed the existence of an OS X variant of the Mokes backdoor discovered in January by Kaspersky.

  

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform

 

http://www.scoop.it/t/securite-pc-et-internet

 

 

Scooped by Gust MEES
Scoop.it!

New Backdoor Allows Full Access to Mac Systems, Bitdefender Warns | #CyberSecurity #Apple #Awareness

New Backdoor Allows Full Access to Mac Systems, Bitdefender Warns | #CyberSecurity #Apple #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

A new piece of malware, dubbed Backdoor.MAC.Eleanor by Bitdefender researchers, exposes Apple systems to cyber-espionage and full, clandestine control from malicious third-parties.

 

Check for the full report here:

 

https://labs.bitdefender.com/wp-content/uploads/2016/07/Backdoor-MAC-Eleanor_final.pdf

 

Gust MEES's insight:

A new piece of malware, dubbed Backdoor.MAC.Eleanor by Bitdefender researchers, exposes Apple systems to cyber-espionage and full, clandestine control from malicious third-parties.

 

Check for the full report here:

 

https://labs.bitdefender.com/wp-content/uploads/2016/07/Backdoor-MAC-Eleanor_final.pdf

 

 

more...
No comment yet.