Apple, Mac, iOS4,...
Follow
Find tag "Java-Exploit-attacks-Mac"
7.0K views | +2 today
Apple, Mac, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Apple plugs Java hole, shifts away from plug-in

Apple plugs Java hole, shifts away from plug-in | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
By turning off Java by default, Apple is making customers choose whether to take the risk in using the troubled browser software...

 

Apple's patches automatically deactivated the Java plug-ins in browsers, leaving it up to Mac users to turn them back on. Until a few months ago, Apple had handled the release of all Java updates. Now, customers can download and install fixes directly from Oracle.

 

Read more:

http://www.csoonline.com/article/715630/apple-plugs-java-hole-shifts-away-from-plug-in?source=rss_news&utm_source=dlvr.it&utm_medium=twitter

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Flashback malware exposes big gaps in Apple security response

Flashback malware exposes big gaps in Apple security response | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
A pair of high-profile malware attacks have given Apple a crash course in security response.

 

===> A MUST READ for Apple users!!! <===

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac users may think they're safe from malware, but they're not

Mac users may think they're safe from malware, but they're not | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Kate Bevan: For too long Mac users have been complacent about malware – it's time they woke up to the threat from trojans like Flashback...

 

===> Mac users should 'become responsible members of the wider computing community.' <===

 

Read more...

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Java update is no protection against new SabPub Mac Trojan

Java update is no protection against new SabPub Mac Trojan | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Java update is no protection against new SabPub Mac Trojan!

 

SabPub Mac Trojan is spreading via Word documents, using an ancient vulnerability...

 

Read more...

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

SabPub : un nouveau cheval de Troie identifié sur Mac OS X

SabPub : un nouveau cheval de Troie identifié sur Mac OS X | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Repéré par des chercheurs de chez Kasperky, le malware SabPub exploite une fois encore une faille de sécurité Java dans Mac OS X via des documents Word piégés.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

SabPub : un nouveau trojan agressif sur Mac

SabPub : un nouveau trojan agressif sur Mac | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Alors qu'Apple et plusieurs éditeurs en sécurité viennent de publier des correctifs pour venir à bout du cheval de Troie Flashback, un nouveau malware s'invite actuellement sur Mac OS X. Son nom : Backdoor.OSX.SabPub.a.

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Macs under attack, who is safe?

Macs under attack, who is safe? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

April 17, 2012 — Network World — It was always thought that as Apple products increased in popularity, so would the target on its back placed by cybercriminals. Always looking to take down the king of the hill, cybercriminals finally got to Apple's Macs last week with a botnet that attacked more than 600,000 machines.

 

With such an accomplishment, the question is who is really safe from these attacks? The quick answer is no one. Anonymous has proven that.

 

One expert said recently, "it's the malware lurking in the background from these attacks that is truly scary. "Right now advanced persistent malware is very expensive to do right and is not being produced by very many organizations, but it is getting cheaper, it's going to get modularized and mass produced."

 

Read more...

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Schon wieder: neuer Mac-Trojaner entdeckt

Schon wieder: neuer Mac-Trojaner entdeckt | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Die Sicherheitsexperten von Kaspersky Lab haben einen neuen Mac-Trojaner entdeckt. Die Schadsoftware heisst SabPub und verbreitet sich über Word-Dokumente.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Checking for the new PubSab malware in OS X

Checking for the new PubSab malware in OS X | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

This new minimum-threat malware development for OS X copies Flashback and suggests criminals jump on opportunistic bubbles. 

 

Recently the Flashback malware attacks on OS X gained headlines, not because of the presence of the Trojan, which had been around for some months prior to the increase in attention, but rather because it gained the possibility of installation in a drive-by-download attack that did not require any interaction from the user in order to install.


This development was made possible because of a vulnerability in Java that allowed for a maliciously crafted applet to break the Java sandbox and write files to the disk. Apple has since patched this issue and it, along with other companies, have released Flashback Trojan removal tools to combat the malware; however, in its prime, the malware did reach more than 600,000 Mac users.

 

Read more...

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Two Mac Trojans: Apple Patching Fast Enough?

Two Mac Trojans: Apple Patching Fast Enough? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Attackers behind the Flashback and SabPub malware likely reverse-engineered a Java vulnerability patched for Windows almost two
months ago by Oracle.

 

Apple, which normally refuses to comment on any vulnerabilities in its products until after it's released a fix, broke with tradition by last week confirming that it was coding an OS X upgrade to nuke Flashback.

 

===> According to various security firms, approximately 600,000 Macs had been infected by Flashback, which makes it the largest malware infection to ever hit OS X users. <===

 

In addition, Kaspersky managed to tie the botnet to six malicious Microsoft Word documents that it's seen in the wild, two of which drop the SabPub vulnerability, and four of which drop the MaControl bot, which appears to be an earlier effort by the same virus writers. One key difference, however, is that MaControl didn't target the Java vulnerability exploited by Flashback and SabPub.

 

===> Another is that SabPub managed to remain active for about six weeks before anyone detected it. <===

 

Read more...

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New targeted Mac OS X Trojan requires no user interaction

New targeted Mac OS X Trojan requires no user interaction | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Another Mac OS X Trojan has been spotted in the wild, which exploits Java vulnerabilities, just like the Flashback Trojan.

 

Another Mac OS X Trojan has been spotted in the wild, which exploits Java vulnerabilities, just like the Flashback Trojan.

 

===> Also just like Flashback, this new Trojan doesn’t require any user interaction to infect your Apple Mac. <===

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Java mis à jour pour éradiquer Flashback

Java mis à jour pour éradiquer Flashback | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple propose une mise à jour de Java qui permet de supprimer les diverses variantes de Flashback et modifie le comportement du plugin.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Many Mac Users Running Vulnerable Java Versions

Many Mac Users Running Vulnerable Java Versions | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
There are millions of Mac users who are running vulnerable old versions of Java, which are being exploited by the Flashback malware.

 

===> "50% of all visitors of our Online #FlashbackChecker http://flashbackcheck.com are running a vulnerable version of Java," Aleks Gostev, chief security expert at Kaspersky said on Twitter Wednesday. <===

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Oracle to manage updates for Java for Mac: A good thing?

Oracle to manage updates for Java for Mac: A good thing? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple may have appeared to have pulled off a coup in persuading Oracle to maintain Java for Mac but can Oracle be trusted to get it right?

 

The emergence of the Flashback Trojan - which exploited a vulnerability in Mac OS X's version of Java - earlier this year led to a lot of flak for both Oracle and Apple. The vulnerability was known about and fixed in the Windows and Linux versions of Java, but remained exposed in OS X for several more weeks.

 

===> The fact that Apple is ultimately responsible for maintaining Java on OS X saw Apple's ability to protect its users questioned. <===

 

Read more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Flashback malware infections drop to 30,000 Macs

Flashback malware infections drop to 30,000 Macs | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
The Flashback malware threat for OS X is on a steep decline, but still underscores that Mac systems are not immune to threats. Read this blog post by Topher Kessler on MacFixIt.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Mac Trojan: Sabpab

New Mac Trojan: Sabpab | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

A new Trojan known as “Sabpab” could hurt Mac users who run Java and Microsoft Word. Security researchers are warning users to make sure their computers

 

===> have the latest software updates from both Apple and Microsoft, <=== and to use anti-virus software.

 

In some cases, manual removal of Sabpab may be needed.

 

Word about Sabpab comes on the heels of another nasty piece of malware, Flashback, that infected up to as many as 600,000 Macs, security experts said, by exploiting a vulnerability in Java software.

 

Apple last week issued a software-base removal tool for that malware, which can be used by criminals to steal personal information, including passwords.

 

Read more...

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

D'autres chevaux de Troie, moins graves que Flashback, ont visé Mac OS X

D'autres chevaux de Troie, moins graves que Flashback, ont visé Mac OS X | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
D'autres chevaux de Troie, moins graves que Flashback, ont visé Mac OS X - Malware - Après avoir découvert le Cheval de Troie Flashback sur Mac, les...
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X : après Flashback, voici le cheval de Troie SabPub

Mac OS X : après Flashback, voici le cheval de Troie SabPub | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Découvert par Kaspersky, ce nouveau malware qui cible les Mac exploite une faille de sécurité Java.

 

Le répit aura été de courte durée. À peine Apple avait-il publié une mise à jour de Java contenant un logiciel de suppression du malware Flashback qu’un nouveau fléau était découvert. Baptisé SabPub, il a été découvert par l’éditeur Kaspersky qui en a repéré deux variantes.

 

Comme Flashback, SabPub passe par une faille de sécurité de Java au moyen d’un document Word piégé. Le Mac infecté va ensuite se connecter à un site web depuis lequel sont envoyées des commandes. Un pirate peut notamment obtenir des captures d’écran du Mac de la victime.

 

Cependant, le mode de diffusion de ce malware via des documents Word piégés rend sa propagation moins puissante que celle de Flashback qui a touché 600 000 machines de par le monde.

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac Trojan 'SabPub' Proves Cybercriminals Actively Target OS X

Mac Trojan 'SabPub' Proves Cybercriminals Actively Target OS X | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

"SabPub" proves Macs are now targets of Advanced Persistant Threats (APTs), a persistent type of cyber attack operated by cyber criminals, Kaspersky Lab confirmed.

 

In an update to the ongoing SabPub saga, Kaspersky's researchers reported some unusual activity once the SabPub payload was dropped in its machine bait over the weekend.

 

===> The attackers were actively analyzing the computer's contents, clearly searching for something: <===

 

Read more...

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

'Flashback' virus shows Macs more vulnerable

'Flashback' virus shows Macs more vulnerable | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Because Mac laptops' market share has grown so much, it appears Macs are being targeted more.

 

I hope the very legitimate sense of security Mac users have long had isn’t turning into a false sense of security.

 

“For years, Mac users have been able to believe that they are safer than the average computer user and turned their noses up at antivirus software. But as Apple’s market share has grown, so has the threat to Mac users’ security,” the Washington Post reports. Specifically, the Post was referring to a virus called “Flashback” that may have infected “up to 600,000 Macs … mostly in the United States and Canada” which seem now to be part of growing bonnet.” A botnet is a network of “bots” (also called “zombie networks”) that are basically compromised computers – infected computers that are obviously no longer controlled entirely by their owners.

 

Flashback “should be a wake-up call to those who still think that their Mac is invulnerable to attacks like this,” the Posts added.

 

The security advice offered in the article sounds a whole lot like what PC owners have been told for very a long time:

 

Read more...

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Technology News: Malware: Flashback Mac Trojan Sputters and Stalls

Technology News: Malware: Flashback Mac Trojan Sputters and Stalls | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
A week after the Flashback Trojan began running rampant on Macintosh computers, the malware appears to be in remission.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New version of Mac OS X Trojan exploits Word, not Java

New version of Mac OS X Trojan exploits Word, not Java | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
A second variant of the Mac OS X Trojan referred to as Backdoor.OSX.SabPub.a or SX/Sabpab-A is exploiting a Microsoft Word security hole, not the usua...
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Mac OS X Trojan unearthed. Call it SabPub

New Mac OS X Trojan unearthed. Call it SabPub | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
The folks at Kaspersky Lab report that there's new Mac malware in the wild, called Backdoor.OSX.SabPub.a.

 

There are at least two variants being spread through Java exploits. Read this blog post by Don Reisinger on Security & Privacy.

 

Read more...

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

SabPub Mac OS X Backdoor: Java Exploits, Targeted Attacks and Possible APT link

SabPub Mac OS X Backdoor: Java Exploits, Targeted Attacks and Possible APT link | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
we can confirm yet another Mac malware in the wild - Backdoor.OSX.SabPub.a being spread through Java exploits. This new threat is a custom OS X backdoor, which appears to have been designed for use in targeted attacks.
more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

New Mac Threat, OSX.Sabpab exploiting the same Java vulnerability as #Flashback

New Mac Threat, OSX.Sabpab exploiting the same Java vulnerability as #Flashback | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

New Mac Threat, OSX.Sabpab exploiting the same Java vulnerability as #Flashback

 

Read more...

 

more...
No comment yet.