Apple, Mac, iOS4, iPad, iPhone and (in)security...
10.0K views | +1 today
Follow
Apple, Mac, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Mac Users Now Also Susceptible to Targeted Attacks

Mac Users Now Also Susceptible to Targeted Attacks | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Mac users are now prime targets as an APT attempts to execute on a Mac OS.

 

This development in targeted attacks just shows that the groups behind campaigns such as this one are taking into consideration changes in the computing landscape, such as the increase in the number of Mac users.

 

===> This adjustment to affect Macs also shows that they are refining their scope, and are really customizing their tools to suit their targets. <===


In this light, and knowing that the MAC OSX arena has seen in its fair share of threats increasing, it is advisable to be aware that MAC OSX can also be targeted, and ===> seen as a new playing field for these groups behind targeted attacks and APTs to further their agenda. <===

 

More on this as we are continuously investigating this. Stay tuned.

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

OSX/Lamadai.A: The Mac Payload on Malware Targeting Tibetan NGOs

OSX/Lamadai.A: The Mac Payload on Malware Targeting Tibetan NGOs | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
This analysis is focused on the OS X payload of a reported attack against Tibetan NGOs and the network protocol used to communicate with the C&C server.
more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Detecting and removing the Flashback malware in OS X

Detecting and removing the Flashback malware in OS X | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
The Flashback Trojan's latest iterations have evolved to infect Macs in different ways, but there are methods to detect and remove them. Read this blog post by Topher Kessler on MacFixIt.
more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Cracks appear in face of Apple's iOS security

Cracks appear in face of Apple's iOS security | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple’s iOS mobile platform, like its desktop-and-notebook sibling Mac OS X, has garnered a reputation for strong security.

 

===> But as new holes in iOS's security crop up, this reputation may be exposed to less-than-friendly fire. <===

 

GM: NOBODY is perfect!

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

OS X Malware: A Steady Trickle

OS X Malware: A Steady Trickle | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

I’m guessing that the myth of OS X invulnerability to malware is pretty much busted by now: at any rate, there has been wave after wave of OS X-related malware reports in the past week or two.

 

Sophos were the latest big name to weigh in on the OSX/Imuler malware that DrWeb, Intego, ESET and your humble scribe have already commented on, though Sophos calls it Imuler-B and both Intego and ESET call it Imuler.C.

 

The Java attack has also been linked to bot-generated Twitter spam targeting Tibetan activist conversations by including hashtags like “#Tibet” and “#freetibet”, presumably in order to drown out political dissent.

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Safari bug could lure iOS 5 users to malicious Web sites

Safari bug could lure iOS 5 users to malicious Web sites | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

A hole in Apple's mobile Safari can be exploited to display a different URL in the address field than the Web site being viewed in the browser. 

 

Users of iOS 5 users, beware a security flaw in Safari that can be used to trick you into visiting potentially malicious Web sites.


Discovered earlier this month by Germany security firm MajorSecurity, the vulnerability could allow cybercriminals to spoof the URL displayed in the browser, trapping users at the wrong sites.

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

New Mac OS X malware variant spotted in the wild

New Mac OS X malware variant spotted in the wild | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Security researchers from Intego, have intercepted a new variant of the Imuler trojan horse targeting Mac OS X users.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

The Ten Most Dangerous Mac Viruses

The Ten Most Dangerous Mac Viruses | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Trend Micro helped us pull together the ten most dangerous Mac viruses in OS X's history based on impact and prominence...

 

===> Most of the threats come from plug-ins and add-ons, like for browsers, which are usually distributed outside official app stores, says Jamz Yaneza, a threat research manager at Trend Micro.

"If its not in the Mac App or App stores, just don't download it." <===

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Flashback Mac Malware Uses Twitter as Command and Control Center - The Mac Security Blog

Flashback Mac Malware Uses Twitter as Command and Control Center - The Mac Security Blog | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

The Flashback malware, which Intego pointed out was infecting an increasing number of Macs, turns out to be using a novel technique to operate. Many types of malware use command and control servers that they connect to, in order to get instructions from the creators of the malware.

 

The problem with using these servers is that their IP addresses are specified in the malware code, and the servers can generally be taken down.

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Flashback Mac OS X malware exploiting (old) Java security holes | ZDNet

Flashback Mac OS X malware exploiting (old) Java security holes | ZDNet | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
If a Mac OS X user visits a web page, and their Java is not up to date, the malware infection will occur without their intervention.

 

===> UPDATE asap! <===

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Des malwares tentent d’exploiter une ancienne vulnérabilité d’Office sur Mac OS X

Des malwares tentent d’exploiter une ancienne vulnérabilité d’Office sur Mac OS X | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Bien qu’une faille dans Office Mac ait été identifiée et corrigée par Microsoft depuis 2009, des logiciels malveillants cherchent à s’attaquer par son intermédiaire aux systèmes Mac OS X qui n’ont pas été mis à jour.
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

More Mac Malware (Word Exploit) Targeting NGOs

More Mac Malware (Word Exploit) Targeting NGOs | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
F-Secure Security Labs brings you the latest online security news from around the world. Ensure that you are up-to-date with the latest online threats to guarantee your online wellbeing.
more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Sécurité IT : mon Safari pour du phishing

Sécurité IT : mon Safari pour du phishing | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

Une faille de sécurité grouille dans les arcanes de Safari. Elle permet à un site Internet d’afficher dans la barre d’adresse une fausse URL. Major Security en appelle à la vigilance face au phishing.

 

Or, un tel mutisme n’a d’égal que le risque grandissant que courent les utilisateurs de Safari, plus exposés encore au phishing.

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Are you having a (Mac) Flashback?

Are you having a (Mac) Flashback? | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

On Monday, I provided steps on how to avoid your Mac being compromised by the Flashback trojan. Today I will provide information on how to locate a Flashback infection.

 

To better understand the steps below, it is better to also know a bit about Flashback. It's an OS X malware family that modifies the content displayed by web browsers. To achieve this, it interposes functions used by the Mac's browsers.

 

The hijacked functions vary between variants but generally include CFReadStreamRead and CFWriteStreamWrite: read more...

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

MacPlus : Une faille dans Safari iOS

MacPlus : Une faille dans Safari iOS | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
La version de Safari proposée dans iOS 5.1 souffre d'un mal étrange et plutôt embêtant : il est possible de lui faire prendre des vessies pour des lanternes !

 

En attendant un éventuel correctif, la méfiance est donc de mise.

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Topless supermodel photos used to spread Mac malware

Topless supermodel photos used to spread Mac malware | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
The Mac Imuler Trojan uses images of FHM supermodel Irina Shayk to do its dirty work.

 

Somehow I doubt that Mac users are any smarter than their Windows cousins when it comes to resisting temptation.

 

We're all human, after all. And there is a (probably significant) proportion of the population which isn't adverse to searching the web for nude pictures of supermodels.

 

Of course, the bad guys who spread malware know about human weakness all too well - and exploit it regularly to trick computer users into clicking on files and installing malicious code that exposes them to risks.

 

===> By default, Mac OS X doesn't display file extensions. Which means, that Mac users might be duped into believing that the file they are about to click on is a JPG image, rather than an application. <===

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Secunia Slams Apple Over Vulnerability Handling, Publicizes Safari Flaws

Secunia Slams Apple Over Vulnerability Handling, Publicizes Safari Flaws | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Secunia’s Chief Security Specialist hopes Apple will work better with researchers in the future and provide more informative status updates and estimated fix dates.

 

”It's regretful to experience that there are still some major software vendors that do not understand how to properly work with researchers,” Eiram added.

 

“Hopefully, Apple will in the future strive to work better with researchers to ultimately protect their customers by providing more informative status updates and estimated fix dates instead of prioritizing antiquated internal policies higher.”

more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

Apple pushes security update for iPhone, iPad

Apple pushes security update for iPhone, iPad | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple on Wednesday updated its iOS mobile operating system to rectify more than 80 vulnerabilities.
more...
No comment yet.
Rescooped by Gust MEES from ICT Security-Sécurité PC et Internet
Scoop.it!

New OS X malware variant attacks unpatched Macs | ZDNet

New OS X malware variant attacks unpatched Macs | ZDNet | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it

A new malware variant sets out to punish those who haven’t been keeping up to date with updates.

 

Patching OS X is so simple, but yet there are people who still put it off. A new malware variant sets out to punish those who haven’t been keeping up to date with updates.

 

The new variant is a Trojan horse called ‘Flashback.G’ and is makes use of two exploits found on older versions of the Java runtime. Users with macs running OS X 10.6 ‘Snow Leopard’ are particularly at risk since this version came with Java preinstalled while 10.7 ‘Lion’ did not.

 

According to security firm Intego, this malware uses three tricks to try to get itself installed onto a system: read more...

more...
No comment yet.