Apple, Mac, iOS4,...
Follow
Find tag "Flashback"
8.0K views | +1 today
Apple, Mac, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Two Mac Trojans: Apple Patching Fast Enough?

Two Mac Trojans: Apple Patching Fast Enough? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Attackers behind the Flashback and SabPub malware likely reverse-engineered a Java vulnerability patched for Windows almost two
months ago by Oracle.

 

Apple, which normally refuses to comment on any vulnerabilities in its products until after it's released a fix, broke with tradition by last week confirming that it was coding an OS X upgrade to nuke Flashback.

 

===> According to various security firms, approximately 600,000 Macs had been infected by Flashback, which makes it the largest malware infection to ever hit OS X users. <===

 

In addition, Kaspersky managed to tie the botnet to six malicious Microsoft Word documents that it's seen in the wild, two of which drop the SabPub vulnerability, and four of which drop the MaControl bot, which appears to be an earlier effort by the same virus writers. One key difference, however, is that MaControl didn't target the Java vulnerability exploited by Flashback and SabPub.

 

===> Another is that SabPub managed to remain active for about six weeks before anyone detected it. <===

 

Read more...

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Did the Mac malware wake-up call fall on deaf ears?

Did the Mac malware wake-up call fall on deaf ears? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Many Mac users still refuse to understand what the successful Flashback attack really means.

 

No one, Apple included, ever said that OS X was immune


Maybe not "immune," but Apple has run ads over the last decade strongly implying that Macs lack the malware and security problems of Windows. In fact, some of the comments I received reiterated that very notion.

 

===> Mac users are still resisting the idea that their platform has become a popular attack target and that those attacks are succeeding. <===

 

Read more to have a realistic vue ;) and stop dreaming!

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple releases Flashback malware removal tool, for OS X Lion only

Apple releases Flashback malware removal tool, for OS X Lion only | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
In its ongoing battle against the widespread Flashback malware attack, Apple has released a standalone removal tool.

 

===> The downloadable utility is available exclusively for Mac owners running OS X Lion. It will not run on Mac OS X 10.6 (Snow Leopard) or earlier versions. <===

 

Apple has not officially acknowledged the discontinuation of support for users of pre-Snow Leopard versions of OS X. Under the “Additional information” heading in its bulletin describing the Flashback malware, the company says: “For Macs running Mac OS X v10.5 or earlier, you can better protect yourself from this malware by disabling Java in your web browser(s) preferences.”

 

Several security companies have reported the discovery of a different malware variant that appears to attack the same Java vulnerability.

 

===> Like Flashback, this new Trojan requires no user interaction to infect your Apple Mac. Kaspersky refers to it as “Backdoor.OSX.SabPub.a” while Sophos calls it at “SX/Sabpab-A.” <===

 

Read more...

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Flashback Malware Puts Apple in Security Spotlight: Apple's Image of Invulnerability--Gone

Flashback Malware Puts Apple in Security Spotlight: Apple's Image of Invulnerability--Gone | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Increased market share coupled with Apple's lack of transparency are largely to blame for an uptick in Mac security problems, say experts.

 

Ponemon and others say the Flashback Trojan horse is the final nail in the coffin for Apple's stellar security image.

 

He says that although Microsoft juggles a much larger number of threats, it does a better job of warning customers and delivering fixes.

 

                         Read more... ===> A MUST READ! <===

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple issues Trojan removal tool

Apple issues Trojan removal tool | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has released a fresh Java update, designed to remove the Flashback Trojan malware that exposed Macs to a botnet.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Java update from Apple removes Flashback malware | Macworld

New Java update from Apple removes Flashback malware | Macworld | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
As promised, Apple has released a tool to remove Flashback from infected Macs.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Many Mac Users Running Vulnerable Java Versions

Many Mac Users Running Vulnerable Java Versions | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
There are millions of Mac users who are running vulnerable old versions of Java, which are being exploited by the Flashback malware.

 

===> "50% of all visitors of our Online #FlashbackChecker http://flashbackcheck.com are running a vulnerable version of Java," Aleks Gostev, chief security expert at Kaspersky said on Twitter Wednesday. <===

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Dr.Web CureIt! — download free anti-virus!

Dr.Web CureIt! — download free anti-virus! | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Dr.Web Light Scanner for Mac OS X


Dr.Web Light for Mac OS X is a reliable way to protect your Mac from a variety of threats.

 

The scanner is based on the latest virus detection and removal technologies. You can use it to scan your system whenever you like.

 

The scanner virus databases are automatically updated with signatures of actual threats on a regular basis.

 

To make protection against unknown viruses even stronger, a heuristic analyzer is implemented.

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Malware Flashback : Apple prépare son patch et contacte les FAI

Malware Flashback : Apple prépare son patch et contacte les FAI | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
La firme de Cupertino a publié une page spéciale Flashback sur son site de support et indique préparer son propre patch. Apple aurait aussi contacté des FAI et des bureaux d'enregistrements pour tenter d'éradiquer le botnet.

 

Apple sort enfin de son silence. Quelques jours après avoir poussé, sans faire référence à Flashback, une mise à jour de sécurité pour Java sur Mac (voir notre article sur le botnet Flashback), Apple hausse un peu le ton. Et publie sur son site de support une page spécifique au fameux malware qui, d’après Dr.Web, infecterait désormais quelque 655 700 machines.

agrandir la photo


===> Une drôle de page tout de même qui n’explique pas comment faire pour savoir si l’on a été effectivement infecté par Flashback, ni comment supprimer le virus de sa machine ! <===

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Virus Bulletin : VB2012 - Flashback OS X malware

Virus Bulletin : VB2012 - Flashback OS X malware | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Windows has been the target of malware for decades. This has resulted in a more hardened system and a better user awareness.


On the other hand, OS X has not really needed to go through all the troubles of crime fighting until recently.

 

===> Now, with its growing market share and lower user awareness, it is clear that OS X is becoming more and more attractive to malware authors. <===

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

OSX.Flashback.K Infections Down to 270,000

OSX.Flashback.K Infections Down to 270,000 | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
OSX.Flashback initially arrived on the scene in late 2011. It has come a long way from its humble beginnings as a social-engineering scam trying to pass off as a fake Flash update using digital certificates purporting to come from Apple.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac Flashfake removal tool

Mac Flashfake removal tool | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

In response to the recent discovery of the Flashfake botnet, Kaspersky Lab has announced the availability of its free Flashfake Removal Tool.

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple taking technical, legal action against Flashback malware | Macworld

Apple taking technical, legal action against Flashback malware | Macworld | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple said Tuesday it's developing a solution to combat the Flashback malware that experts say has infected around 600,000 Mac computers around the world.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Mac malware uses Flashback Java exploit

New Mac malware uses Flashback Java exploit | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Apple's decision to push out a Flashback malware removal tool for OS X Lion bundled with a new Java security update has proven to be rather fortunate, as a new Mac OS X threat has been discovered taking advantage of the vulnerability (CVE-2012-0507) exploited by the latest Flashback variants.

 

The security update in question configures the Java web plug-in to disable the automatic execution of Java applets in browsers, a move that should prevent users from inadvertently falling victim to similar drive-by malware attacks in the future.

 

 

In the meantime, those who haven't installed the update are at risk of getting their machines compromised by a newly detected backdoor Trojan that Kaspersky Lab researchers dubbed SabPub.

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Five OS X security threats that fizzled

Five OS X security threats that fizzled | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
In the aftermath of Flashback—one of the highest profile malware attacks on the Mac—Ars takes a look back at other security threats that didn't quite make such a big blip on the radar.

 

===> As Apple continues to increase its share of the PC market, Macs are becoming a viable target for malware authors, sprouting a handful or two of trojans in the last decade. <===

 

Here are five in particular that were considered (by some) to be harbingers of a great malware infestation for OS X that instead proved to be more bark than bite.

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple publie son correctif anti-Flashback - LogicielMac.com

Apple publie son correctif anti-Flashback - LogicielMac.com | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Après Kapersky qui propose depuis quelques jours un outil permettant de vérifier si votre Mac est infecté par le malware Flashback, et si c'est le cas, de le supprimer, Apple publie aujourd'hui son propre correctif de sécurité destiné à...
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple Releases Mac Flashback Trojan Removal Tool

Apple Releases Mac Flashback Trojan Removal Tool | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has now released a tool that removes the Flashback Trojan from infected Mac computers, according to a security update posted to Apple.com on Thursday.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple pumps out yet another Java update

Apple pumps out yet another Java update | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has delivered - or so it says - on its promise to provide a Flashback malware removal tool, wrapped in another Java update.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

About Java for OS X Lion 2012-003

About Java for OS X Lion 2012-003 | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
This Java security update removes the most common variants of the Flashback malware. ...
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Flashback botnet shrinks, downloads of Mac AV software rise

Flashback botnet shrinks, downloads of Mac AV software rise | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

News that nearly two percent of all Mac users have had their computers infected by the Flashback malware which roped them into a 600K strong botnet has hit the Mac community with the realization that ===> their machines are not as secure as they believed and hoped they are. <===

 

Meanwhile, the Flashback botnet has shrunk in the last few days and as of yesterday, counts less than 270k infected machines.

 

According to Symantec, part of the reason for this dramatic decrease is the fact that a number of security firms have executed sinkholing operations against the botnet, but the biggest reason likely lies in the fact that many Mac users have heard the news and proceeded to scan and disinfect their machines.

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Flashback Removal Tool - F-Secure

Flashback Removal Tool - F-Secure | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
F-Secure Security Labs brings you the latest online security news from around the world. Ensure that you are up-to-date with the latest online threats to guarantee your online wellbeing.

 

We have created a free tool that automates the detection and removal of the widespread Flashback Mac OS X malware.

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

F-secure releases free Flashback removal script for OS X

F-secure releases free Flashback removal script for OS X | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
The new free tool adds to the growing community effort to help affected Mac users remove the malware from their systems. Read this blog post by Topher Kessler on MacFixIt.

 

This new tool by F-Secure is another advancement by the Mac community against this threat that accompanies not only manual instructions and help from community members, but also swiftly updated definitions for Sophos, ClamXav, VirusBarrier, and other malware scanners for detecting the malware.

 

On Apple's end, even though the extent of this infection stemmed largely from Apple's delay in issuing a patch for known Java vulnerabilities, the company finally released the patch and has further announced its own Flashback removal tool is in the works.


It's hope that these, and the continuing efforts by the Apple community, will reduce the prevalence of this infection to a minimum.

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Check Your Mac for Malware

Check Your Mac for Malware | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Nobody is safe, but you can stop the spread before it overtakes your precious.

 

Mac fans recently got a little taste of what it's like to be a Windows user. That's right, a virus targeting Mac OS X is making the rounds. The latest stats from security companies tracking the virus put the number of infected Macs at well over half a million. That's nowhere near the level of some Windows viruses, but it's widespread enough to be a concern for Mac users.


The virus is known as Flashback and it can hijack your Mac without so much as an administrative password. It manages to pull off its attack by exploiting a vulnerability in Java. Oracle, which makes Java, quickly issued a fix for the problem back in February. Unfortunately, because Apple ships its own version of Java (and therefore must provide its own patches), Mac users had to wait on Apple's fix, which didn't arrive until last week.


===> The slow fix from Apple gave Flashback time to propagate and led to well over half a million infected machines — one of which could be yours. <===

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

What's the Worst the Mac Flashback Trojan Could Do?

What's the Worst the Mac Flashback Trojan Could Do? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
A look at what the Mac Flashback Trojan could do to infected computers.

 

So what is the worst it could do?

 

Although the Trojan is now only conducting click fraud scam by hijacking people’s search engine results inside their web browsers, it has the potential to do greater damage, such as stealing banking or login credential.

 

If the botnet remains connected to computers, cybercriminals could send new malware to their systems that cause bigger problems.

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Flashback-Trojaner: Apple arbeitet an Entfernungs-Tool

Flashback-Trojaner: Apple arbeitet an Entfernungs-Tool | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Nach der Enttarnung des Flashback-Trojaners hat Apple nun die Sicherheitslücke geschlossen und arbeitet mit Hochdruck an einem Entfernungs-Tool.
more...
No comment yet.