Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
10.4K views | +0 today
Follow
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Holy Mokes! OS X users warned of sophisticated backdoor malware | #Awareness #CyberSecurity #Apple 

Holy Mokes! OS X users warned of sophisticated backdoor malware | #Awareness #CyberSecurity #Apple  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Mac users are at risk of a version of the sophisticated Moke backdoor malware, already discovered for Windows and Linux, that can spy upon you.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform

 

http://www.scoop.it/t/securite-pc-et-internet

 

 

Gust MEES's insight:

Mac users are at risk of a version of the sophisticated Moke backdoor malware, already discovered for Windows and Linux, that can spy upon you.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform

 

http://www.scoop.it/t/securite-pc-et-internet

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

BitTorrent app Transmission once again source of macOS malware | #Apple #CyberSecurity 

BitTorrent app Transmission once again source of macOS malware | #Apple #CyberSecurity  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Once again, BitTorrent client Transmission has distributed malware to some users through an altered installer, with downloaders of the software on Aug. 28 and 29 probably infected by the "Keydnap" package.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Once again, BitTorrent client Transmission has distributed malware to some users through an altered installer, with downloaders of the software on Aug. 28 and 29 probably infected by the "Keydnap" package.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Les pirates s'invitent au royaume du Mac | #Apple #CyberSecurity #Mac #Malware #Keydnap 

Les pirates s'invitent au royaume du Mac | #Apple #CyberSecurity #Mac #Malware #Keydnap  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Des logiciels malveillants spécialement pensés pour infecter les ordinateurs d'Apple se multiplient.

 

Piqûre de rappel : les Mac ne sont pas infaillibles. Deux logiciels malveillants, autrement appelés «malwares», destinés au système d’exploitation Apple OS X, ont été repérés cette semaine. La réputation de la marque à la pomme, considérée comme étant bien plus sûre que ses concurrents, risque d’en prendre un coup.

 

Le logiciel malveillant OSX/Keydnap a été découvert le 6 juillet par ESET, une société spécialisée dans la sécurité des systèmes informatiques. Il serait présent en pièce jointe dans certains mails indésirables ou téléchargé par mégarde à partir de sites non sécurisés. Une fois installé sur l’ordinateur, il se présente sous la forme d’un fichier ZIP. Il demande le mot de passe de la session active et le tour est joué. Le pirate aux manettes peut récupérer les identifiants et mots de passe des logiciels installés sur l’ordinateur et peut aussi accéder à ceux des services en ligne des internautes.

 

Cependant, les appareils équipés de la protection Gatekeeper seraient en mesure de bloquer l’attaque.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Keydnap+Malware+Steals+Keychain+Passwords

 

Gust MEES's insight:
Des logiciels malveillants spécialement pensés pour infecter les ordinateurs d'Apple se multiplient.

 

Piqûre de rappel : les Mac ne sont pas infaillibles. Deux logiciels malveillants, autrement appelés «malwares», destinés au système d’exploitation Apple OS X, ont été repérés cette semaine. La réputation de la marque à la pomme, considérée comme étant bien plus sûre que ses concurrents, risque d’en prendre un coup.

 

Le logiciel malveillant OSX/Keydnap a été découvert le 6 juillet par ESET, une société spécialisée dans la sécurité des systèmes informatiques. Il serait présent en pièce jointe dans certains mails indésirables ou téléchargé par mégarde à partir de sites non sécurisés. Une fois installé sur l’ordinateur, il se présente sous la forme d’un fichier ZIP. Il demande le mot de passe de la session active et le tour est joué. Le pirate aux manettes peut récupérer les identifiants et mots de passe des logiciels installés sur l’ordinateur et peut aussi accéder à ceux des services en ligne des internautes.

 

Cependant, les appareils équipés de la protection Gatekeeper seraient en mesure de bloquer l’attaque.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Keydnap+Malware+Steals+Keychain+Passwords

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Mac malware tries to hook your webcam up to the Dark Web | #Apple #CyberSecurity #CyberCrime

New Mac malware tries to hook your webcam up to the Dark Web | #Apple #CyberSecurity #CyberCrime | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

More proof-of-concept malware than serious threat, "OSX/Eleanor-A" nevertheless tells an intriguing tale.

 

Mac malware is sufficiently rare, at least compared to Windows and Android, that new OS X malware strains often get a lot of attention. That’s both good and bad.

 

It’s good, because it reminds us all that Macs aren’t magically immune to cybercriminality, and that basing your digital lifestyle on that assumption would be a risky strategy.

And it’s bad, because it tends to bring out extreme views, with one side saying that the fuss about Mac malware is no better than unwarranted exaggeration, and the other side accusing Mac users of being credulous fanboys (and gurlz).

 

Nevertheless, Mac malware is often technically interesting, and offers an intriguing insight into online cybercriminality.

So, we thought you’d enjoy an article about the recently-discovered OSX/Eleanor-A malware.

 

This malware shows how crooks who don’t know a lot about programming can nevertheless easily and cheaply construct devious attack tools from everyday components.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

More proof-of-concept malware than serious threat, "OSX/Eleanor-A" nevertheless tells an intriguing tale.

 

Mac malware is sufficiently rare, at least compared to Windows and Android, that new OS X malware strains often get a lot of attention. That’s both good and bad.

 

It’s good, because it reminds us all that Macs aren’t magically immune to cybercriminality, and that basing your digital lifestyle on that assumption would be a risky strategy.

And it’s bad, because it tends to bring out extreme views, with one side saying that the fuss about Mac malware is no better than unwarranted exaggeration, and the other side accusing Mac users of being credulous fanboys (and gurlz).

 

Nevertheless, Mac malware is often technically interesting, and offers an intriguing insight into online cybercriminality.

So, we thought you’d enjoy an article about the recently-discovered OSX/Eleanor-A malware.

 

This malware shows how crooks who don’t know a lot about programming can nevertheless easily and cheaply construct devious attack tools from everyday components.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

New Backdoor Allows Full Access to Mac Systems, Bitdefender Warns | #CyberSecurity #Apple #Awareness

New Backdoor Allows Full Access to Mac Systems, Bitdefender Warns | #CyberSecurity #Apple #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

A new piece of malware, dubbed Backdoor.MAC.Eleanor by Bitdefender researchers, exposes Apple systems to cyber-espionage and full, clandestine control from malicious third-parties.

 

Check for the full report here:

 

https://labs.bitdefender.com/wp-content/uploads/2016/07/Backdoor-MAC-Eleanor_final.pdf

 

Gust MEES's insight:

A new piece of malware, dubbed Backdoor.MAC.Eleanor by Bitdefender researchers, exposes Apple systems to cyber-espionage and full, clandestine control from malicious third-parties.

 

Check for the full report here:

 

https://labs.bitdefender.com/wp-content/uploads/2016/07/Backdoor-MAC-Eleanor_final.pdf

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Un nouveau malware découvert sur iOS | #AceDeceiver #Apple #CyberSecurity #CyberCrime #iPad #iPhone 

Un nouveau malware découvert sur iOS | #AceDeceiver #Apple #CyberSecurity #CyberCrime #iPad #iPhone  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Décidément les chercheurs du Palo Alto Networks ont fort à faire ces dernières semaines. Après le ransomware KeRanger détecté sur MacOSX, c'est au tour d'iOS d'être touché par un nouveau malware. Toutefois, AceDeceiver fait dans la nouveauté. Au lieu d'essayer de leurrer les systèmes d'Apple, ce dernier a trouvé un moyen de pénétrer iOS sans même avoir besoin d'un quelconque certificat.

Habituellement lorsqu'un utilisateur achète et télécharge des applications depuis iTunes/App Store, la boutique demande obligatoirement un code d'autorisation afin d'approuver et de sécuriser l'installation. 
Dans le cas de cette attaque, les hackers ont exploité une faille pour récupérer le code généré par iTunes. De cette manière, ils peuvent installer n'importe quelle application souhaitée sur appareil. Ils ont par la suite développé un logiciel qui simule le comportement d'un client iTunes cela permet de leurrer le système qui pense que l'application a bien été achetée et qu'elle est sécurisée. L'installation de l'application corrompue ce fait alors sans aucun problème sur votre appareil.

Ce type d'attaque "man in the middle" est très problématique car quand bien même les applications corrompues sont supprimées de l'App Store, la faille reste accessible. 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=AceDeceiver

 

Gust MEES's insight:
Décidément les chercheurs du Palo Alto Networks ont fort à faire ces dernières semaines. Après le ransomware KeRanger détecté sur MacOSX, c'est au tour d'iOS d'être touché par un nouveau malware. Toutefois, AceDeceiver fait dans la nouveauté. Au lieu d'essayer de leurrer les systèmes d'Apple, ce dernier a trouvé un moyen de pénétrer iOS sans même avoir besoin d'un quelconque certificat.

Habituellement lorsqu'un utilisateur achète et télécharge des applications depuis iTunes/App Store, la boutique demande obligatoirement un code d'autorisation afin d'approuver et de sécuriser l'installation. 
Dans le cas de cette attaque, les hackers ont exploité une faille pour récupérer le code généré par iTunes. De cette manière, ils peuvent installer n'importe quelle application souhaitée sur appareil. Ils ont par la suite développé un logiciel qui simule le comportement d'un client iTunes cela permet de leurrer le système qui pense que l'application a bien été achetée et qu'elle est sécurisée. L'installation de l'application corrompue ce fait alors sans aucun problème sur votre appareil.

Ce type d'attaque "man in the middle" est très problématique car quand bien même les applications corrompues sont supprimées de l'App Store, la faille reste accessible. 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=AceDeceiver

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iOS malware AceDeceiver can infect non-jailbroken Apple devices | #iPad #iPhone

iOS malware AceDeceiver can infect non-jailbroken Apple devices | #iPad #iPhone | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
This new strain of malware designed for the iPhone and iPad poses a major risk to hundreds of millions of devices, because it can infect non-jailbroken devices without the user's knowledge.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=AceDeceiver

 

 

Gust MEES's insight:
This new strain of malware designed for the iPhone and iPad poses a major risk to hundreds of millions of devices, because it can infect non-jailbroken devices without the user's knowledge.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=AceDeceiver

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X malware is heating up | Apple | Nobody Is Perfect | CyberSecurity

Mac OS X malware is heating up | Apple | Nobody Is Perfect | CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
A new threat research report conducted by Bit9+ Carbon Black’s research team found that in 2015, there was 948 malware instances. The number of  OS X malware samples this year is five times greater than in 2010-2014 combined — where there was only 180 malware instances over a four-year period. Based on observations in a 10-week analysis: the research team anticipates MAC OS X malware to surge in the coming months.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
A new threat research report conducted by Bit9+ Carbon Black’s research team found that in 2015, there was 948 malware instances. The number of  OS X malware samples this year is five times greater than in 2010-2014 combined — where there was only 180 malware instances over a four-year period. Based on observations in a 10-week analysis: the research team anticipates MAC OS X malware to surge in the coming months.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Researcher demonstrates how malware can bypass OS X's "completely broken" Gatekeeper | Nobody Is Perfect | Apple

Researcher demonstrates how malware can bypass OS X's "completely broken" Gatekeeper | Nobody Is Perfect | Apple | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Virus Bulletin 2015, Prague - Researcher Patrick Wardle says he "loves his Mac, but it's so easy to hack".

At the VB2015 conference in Prague earlier today, Wardle explained to members of the security community how he had uncovered a way to easily waltz past one of the key safeguards that Apple built into its OS X operating system to block unauthorised code, downloaded from the internet, from running.

Generally, Gatekeeper does a reasonable job.

If an app is developed by an unknown developer, or has been tampered with en route to your computer via a man-in-the-middle attack over an unencrypted HTTP connection, then Gatekeeper is supposed to spot it and block it.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Virus Bulletin 2015, Prague - Researcher Patrick Wardle says he "loves his Mac, but it's so easy to hack".

At the VB2015 conference in Prague earlier today, Wardle explained to members of the security community how he had uncovered a way to easily waltz past one of the key safeguards that Apple built into its OS X operating system to block unauthorised code, downloaded from the internet, from running.

Generally, Gatekeeper does a reasonable job.

If an app is developed by an unknown developer, or has been tampered with en route to your computer via a man-in-the-middle attack over an unencrypted HTTP connection, then Gatekeeper is supposed to spot it and block it.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Security hole in MacKeeper used to shove malware onto Macs

Security hole in MacKeeper used to shove malware onto Macs | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

Researchers at BAE just reported on a Mac bot known as OSX/Agent-ANTU that was allegedly distributed in a novel way.

The crooks used a security hole in a controversial Mac security and cleanup utility called MacKeeper.

MacKeeper quickly patched the hole after it became known, but until you received the update you were at risk of a Remote Code Execution (RCE) hole.

As long as you were unpatched, a crook could simply entice or redirect you to a poisoned website, and use a single line of JavaScript to send a command script to MacKeeper, which would then run it.

Unfortunately, according to BAE, some crooks struck while the iron was hot.

The crooks sent unpatched MacKeeper users to a web page that tricked their Macs into downloading the OSX/Agent-ANTU malware.


Here are some examples we've seen over the years where the Windows malware "playbook" has been followed, in some cases extremely effectively, on OS X:


2012: Java-based exploit. The Flashback malware was injected onto your Mac via an unpatched Java bug. Flashback was a bot, or zombie, meaning that crooks could remotely send it instructions to help them commit further cybercrime. Estimates suggest that more than 600,000 Macs ended up infected, supposedly including "274 from Cupertino."


2013: Word-based exploit. SophosLabs reported on attackers using an exploitable bug in Microsoft Word for Mac to target Chinese minority groups. If you opened a booby-trapped document, disguised as some sort of political commentary, the crooks got control of your Mac via zombie malware called OSX/Agent-AADL.


2014: Fake "undelivered item" documents. If you opened the bogus PDF file, really an application in disguise, you could end up infected with a data-stealing Trojan called OSX/LaoShu-A. Amongst other things, this one would find files such as documents, spreadsheets, presentations and archives...and send them to the crooks.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security




Gust MEES's insight:

Researchers at BAE just reported on a Mac bot known as OSX/Agent-ANTU that was allegedly distributed in a novel way.

The crooks used a security hole in a controversial Mac security and cleanup utility called MacKeeper.

MacKeeper quickly patched the hole after it became known, but until you received the update you were at risk of a Remote Code Execution (RCE) hole.

As long as you were unpatched, a crook could simply entice or redirect you to a poisoned website, and use a single line of JavaScript to send a command script to MacKeeper, which would then run it.

Unfortunately, according to BAE, some crooks struck while the iron was hot.

The crooks sent unpatched MacKeeper users to a web page that tricked their Macs into downloading the OSX/Agent-ANTU malware.


Here are some examples we've seen over the years where the Windows malware "playbook" has been followed, in some cases extremely effectively, on OS X:


2012: Java-based exploit. The Flashback malware was injected onto your Mac via an unpatched Java bug. Flashback was a bot, or zombie, meaning that crooks could remotely send it instructions to help them commit further cybercrime. Estimates suggest that more than 600,000 Macs ended up infected, supposedly including "274 from Cupertino."


2013: Word-based exploit. SophosLabs reported on attackers using an exploitable bug in Microsoft Word for Mac to target Chinese minority groups. If you opened a booby-trapped document, disguised as some sort of political commentary, the crooks got control of your Mac via zombie malware called OSX/Agent-AADL.


2014: Fake "undelivered item" documents. If you opened the bogus PDF file, really an application in disguise, you could end up infected with a data-stealing Trojan called OSX/LaoShu-A. Amongst other things, this one would find files such as documents, spreadsheets, presentations and archives...and send them to the crooks.


So, if you haven't yet crossed the bridge and become a Mac anti-virus user, now would be a good time to give it a go.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Where Did VirusBarrier iOS Go? | MobileSecurity | CyberSecurity

Where Did VirusBarrier iOS Go? | MobileSecurity | CyberSecurity | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has elected to eliminate the category of anti-virus and anti-malware products from their iOS App Store.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Most+vulnerable+operating+systems+and+ap


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


https://gustmees.wordpress.com/2015/03/07/facts-to-convince-someone-for-the-must-of-learning-basics-of-cybersecurity-digital-citizenship/


Gust MEES's insight:
Apple has elected to eliminate the category of anti-virus and anti-malware products from their iOS App Store.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Most+vulnerable+operating+systems+and+ap


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


https://gustmees.wordpress.com/2015/03/07/facts-to-convince-someone-for-the-must-of-learning-basics-of-cybersecurity-digital-citizenship/


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

OS X malware infecting connected iPhones, iPads | Cyber Security

OS X malware infecting connected iPhones, iPads | Cyber Security | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

According to Palo Alto Networks, WireLurker, running on an OS X system, can install either downloaded third-party applications or automatically generate malicious applications onto a USB-connected iOS device, regardless of whether it is jailbroken.

The malware is able to install malicious and infected programs on non-jailbroken iOS devices, according to the report, by using enterprise provisioning techniques, thus appearing to be an in-house application. The user is presented with a confirmation dialog box such as the one shown below, but otherwise the application will behave the same as an uninfected one.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:

According to Palo Alto Networks, WireLurker, running on an OS X system, can install either downloaded third-party applications or automatically generate malicious applications onto a USB-connected iOS device, regardless of whether it is jailbroken.

The malware is able to install malicious and infected programs on non-jailbroken iOS devices, according to the report, by using enterprise provisioning techniques, thus appearing to be an in-house application. The user is presented with a confirmation dialog box such as the one shown below, but otherwise the application will behave the same as an uninfected one.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

WireLurker: A new breed of iOS and OS X malware that has infected thousands | Cyber Security

WireLurker: A new breed of iOS and OS X malware that has infected thousands | Cyber Security | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
In short, the initial WireLurker infection comes from a third-party Mac OS X app store (in this case, the Chinese Maiyadi app store). Once you download and install an infected app onto your OS X machine, that’s where the fun begins. If you then plug an iOS device into an infected OS X machine, WireLurker installs itself on the iOS device. By using iOS’s enterprise provisioning system — a method usually reserved for companies to side-load apps directly onto corporate iOS devices — WireLurker can even infect non-jailbroken devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:
In short, the initial WireLurker infection comes from a third-party Mac OS X app store (in this case, the Chinese Maiyadi app store). Once you download and install an infected app onto your OS X machine, that’s where the fun begins. If you then plug an iOS device into an infected OS X machine, WireLurker installs itself on the iOS device. By using iOS’s enterprise provisioning system — a method usually reserved for companies to side-load apps directly onto corporate iOS devices — WireLurker can even infect non-jailbroken devices.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

OS X malware spread via signed Transmission app... again | #Apple #CyberSecurity #Keydnap #Awareness

OS X malware spread via signed Transmission app... again | #Apple #CyberSecurity #Keydnap #Awareness | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Researchers caught malware spreading itself around to OS X users through a signed version of the BitTorrent client Transmission.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=BitTorrent

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=keydnap

 

Gust MEES's insight:
Researchers caught malware spreading itself around to OS X users through a signed version of the BitTorrent client Transmission.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=BitTorrent

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=keydnap

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac-Trojaner: Diese Malware will Sie zuhause beobachten | #Apple #CyberSecurity 

Mac-Trojaner: Diese Malware will Sie zuhause beobachten | #Apple #CyberSecurity  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Viren, Trojaner und andere Schadsoftware galten lange als Windows-Problem. Apples Mac-Rechner schienen dagegen immun gegen Malware-Attacken zu sein. Diese Zeiten sind längst vorbei. Auch Macbook Pro und Co. befinden sich längst im Fokus der Hacker. Nun ist ein neuer Trojaner aufgetaucht, der die betroffenen Nutzer zuhause ausspionieren will.
Die Entdecker vom Antiviren-Hersteller "Bitdefender" beschreiben den Trojaner mit dem Namen "Backdoor.MAC.Eleanor" in einem Blog-Eintrag. Weil Hacker auf dem Mac immer noch Schwierigkeiten haben, Schadsoftware ohne Mitwirken des Nutzers einzuschmuggeln, tarnt sich die Malware als vermeintlich harmloses Programm. Bekannt ist die Tarnung als "EasyDoc Converter", ob auch andere Programme als Deckmantel herhalten müssen, ist noch unklar.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Viren, Trojaner und andere Schadsoftware galten lange als Windows-Problem. Apples Mac-Rechner schienen dagegen immun gegen Malware-Attacken zu sein. Diese Zeiten sind längst vorbei. Auch Macbook Pro und Co. befinden sich längst im Fokus der Hacker. Nun ist ein neuer Trojaner aufgetaucht, der die betroffenen Nutzer zuhause ausspionieren will.
Die Entdecker vom Antiviren-Hersteller "Bitdefender" beschreiben den Trojaner mit dem Namen "Backdoor.MAC.Eleanor" in einem Blog-Eintrag. Weil Hacker auf dem Mac immer noch Schwierigkeiten haben, Schadsoftware ohne Mitwirken des Nutzers einzuschmuggeln, tarnt sich die Malware als vermeintlich harmloses Programm. Bekannt ist die Tarnung als "EasyDoc Converter", ob auch andere Programme als Deckmantel herhalten müssen, ist noch unklar.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X : un nouveau cheval de Troie peut siphonner tous vos mots de passe | #Apple #CyberSecurity #Malware

Mac OS X : un nouveau cheval de Troie peut siphonner tous vos mots de passe | #Apple #CyberSecurity #Malware | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Le malware Keydnap se fait passer pour une simple image, alors qu’il est un dangereux exécutable qui installera une porte dérobée sur l’ordinateur pour dévaliser le gestionnaire de mots de passe Keychain.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
Le malware Keydnap se fait passer pour une simple image, alors qu’il est un dangereux exécutable qui installera une porte dérobée sur l’ordinateur pour dévaliser le gestionnaire de mots de passe Keychain.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Keydnap Malware Steals Keychain Passwords, Opens Backdoor on Infected Macs | #Apple #Mac #CyberCrime

Keydnap Malware Steals Keychain Passwords, Opens Backdoor on Infected Macs | #Apple #Mac #CyberCrime | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
After yesterday security researchers from Bitdefender discovered the Eleanor trojan targeting Macs and opening a backdoor using Tor, today it's ESET's turn to reveal the existence of a similar backdoor trojan that also uses a Tor2Web service to steal Keychain passwords.

Named Keydnap and detected as OSX/Keydnap, this trojan is a new arrival on the Mac malware scene, first seen this past May (internal version 1.3.1), and later in June (version 1.3.5).

The malware's mode of operation is very simple, even if the infection chain is drawn out in several steps.

Keydnap dropper disguised as image or text files
Everything starts when users receive an email that contains an archive. Unzipping this file drops at first glance either an image or a text file. In reality, there's a space after the file's extension, meaning the file will run in the Mac terminal. This file is a Mach-O executable that uses a fake icon.

When executed, this file runs its malicious behavior and then shows an image if it's trying to pose as a picture, or a text pad, if it's trying to pose as a text file.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
After yesterday security researchers from Bitdefender discovered the Eleanor trojan targeting Macs and opening a backdoor using Tor, today it's ESET's turn to reveal the existence of a similar backdoor trojan that also uses a Tor2Web service to steal Keychain passwords.

Named Keydnap and detected as OSX/Keydnap, this trojan is a new arrival on the Mac malware scene, first seen this past May (internal version 1.3.1), and later in June (version 1.3.5).

The malware's mode of operation is very simple, even if the infection chain is drawn out in several steps.

Keydnap dropper disguised as image or text files
Everything starts when users receive an email that contains an archive. Unzipping this file drops at first glance either an image or a text file. In reality, there's a space after the file's extension, meaning the file will run in the Mac terminal. This file is a Mach-O executable that uses a fake icon.

When executed, this file runs its malicious behavior and then shows an image if it's trying to pose as a picture, or a text pad, if it's trying to pose as a text file.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

iOS 9.3 to fix serious iMessages encryption flaw | #Update asap!!!

iOS 9.3 to fix serious iMessages encryption flaw | #Update asap!!! | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

For some time, Apple has forcefully pushed a message to consumers that it takes privacy seriously.
Here, for instance, is what Apple’s website says about its approach to privacy when it comes to iMessages:
Your iMessages and FaceTime calls are your business, not ours. Your communications are protected by end-to-end encryption across all your devices when you use iMessage and FaceTime...

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:

For some time, Apple has forcefully pushed a message to consumers that it takes privacy seriously.
Here, for instance, is what Apple’s website says about its approach to privacy when it comes to iMessages:
Your iMessages and FaceTime calls are your business, not ours. Your communications are protected by end-to-end encryption across all your devices when you use iMessage and FaceTime...

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

AceDeceiver: Erster Trojaner für iOS entdeckt | #Apple #CyberSecurity #CyberCrime #NobodyIsPerfect 

AceDeceiver: Erster Trojaner für iOS entdeckt | #Apple #CyberSecurity #CyberCrime #NobodyIsPerfect  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Der womöglich erste Trojaner für iOS, die nicht von Jailbreaks geschwächte iPhones und iPads befallen können, lautet auf den Namen AceDeceiver. Die Sicherheitsspezialisten von Palo Alto Networks haben heute einen ausführlichen Blogbeitrag veröffentlicht, in dem sie die Funktionsweise erklären. Derzeit besteht zwar keine konkrete Gefahr, da Apple bereits vor drei Wochen von Palo Alto informiert wurde und die von AceDeceiver in den App Store geschmuggelten Apps aus dem Angebot entfernt hat.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=AceDeceiver

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

10 Years of Mac Malware: How OS X Threats Have Evolved [Infographic] | CyberSecurity | Apple 

10 Years of Mac Malware: How OS X Threats Have Evolved [Infographic] | CyberSecurity | Apple  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
This infographic timeline highlights the nastiest, most prevalent Mac OS X security threats to demonstrate just how Mac malware has evolved over the past 10 years.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

Gust MEES's insight:
This infographic timeline highlights the nastiest, most prevalent Mac OS X security threats to demonstrate just how Mac malware has evolved over the past 10 years.

 

Learn more:

 

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

 

more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Yispecter: Sicherheitsfirma warnt vor neuer iOS-Malware | CyberSecurity | MobileSecurity | Apple

Yispecter: Sicherheitsfirma warnt vor neuer iOS-Malware | CyberSecurity | MobileSecurity | Apple | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Die Malware läuft auch auf iPhones und iPads ohne Jailbreak und erhält durch Nutzung privater APIs weitreichenden Zugriff, erklärt eine Sicherheitsfirma. Die Infektion erfolge auf verschiedenen Wegen.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Die Malware läuft auch auf iPhones und iPads ohne Jailbreak und erhält durch Nutzung privater APIs weitreichenden Zugriff, erklärt eine Sicherheitsfirma. Die Infektion erfolge auf verschiedenen Wegen.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Macs can be remotely infected with firmware malware that remains after reformatting | Naivety | Nobody Is Perfect

Macs can be remotely infected with firmware malware that remains after reformatting | Naivety | Nobody Is Perfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
When companies claim their products are unhackable or invulnerable, it must be like waving a red flag in front of bulls as it practically dares security researchers to prove otherwise. Apple previously claimed that Macs were not vulnerable to the same firmware flaws that could backdoor PCs, so researchers proved they could remotely infect Macs with a firmware worm that is so tough to detect and to get rid of that they suggested it presents a toss your Mac in the trash situation.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike



Gust MEES's insight:
When companies claim their products are unhackable or invulnerable, it must be like waving a red flag in front of bulls as it practically dares security researchers to prove otherwise. Apple previously claimed that Macs were not vulnerable to the same firmware flaws that could backdoor PCs, so researchers proved they could remotely infect Macs with a firmware worm that is so tough to detect and to get rid of that they suggested it presents a toss your Mac in the trash situation.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike



more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Apple : les Macs sont de vraies passoires à malwares | CyberSecurity | Awareness | eSkills

Apple : les Macs sont de vraies passoires à malwares | CyberSecurity | Awareness | eSkills | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Le mythe vient de s'effondrer : un chercheur en sécurité vient de démontrer combien il était facile de contourner les mécanismes de sécurité mis en place par Apple dans OS X pour polluer le système avec des malwares.


Finalement, Apple ne fait pas mieux que les autres fabricants ni même éditeurs de solutions de protection, puisque la conférence a démontré que la plupart des outils de protection pouvaient être contournés.


Apple reste toutefois moins sujet aux attaques pour l'instant, mais les choses pourraient changer à l'avenir.


En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Immune+No+More%3A+An+Apple+Story


Gust MEES's insight:
Le mythe vient de s'effondrer : un chercheur en sécurité vient de démontrer combien il était facile de contourner les mécanismes de sécurité mis en place par Apple dans OS X pour polluer le système avec des malwares.


Finalement, Apple ne fait pas mieux que les autres fabricants ni même éditeurs de solutions de protection, puisque la conférence a démontré que la plupart des outils de protection pouvaient être contournés.


Apple reste toutefois moins sujet aux attaques pour l'instant, mais les choses pourraient changer à l'avenir.


En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Immune+No+More%3A+An+Apple+Story


more...
Gust MEES's curator insight, April 27, 2015 8:30 AM
Le mythe vient de s'effondrer : un chercheur en sécurité vient de démontrer combien il était facile de contourner les mécanismes de sécurité mis en place par Apple dans OS X pour polluer le système avec des malwares.


Finalement, Apple ne fait pas mieux que les autres fabricants ni même éditeurs de solutions de protection, puisque la conférence a démontré que la plupart des outils de protection pouvaient être contournés.


Apple reste toutefois moins sujet aux attaques pour l'instant, mais les choses pourraient changer à l'avenir.


En savoir plus / Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Immune+No+More%3A+An+Apple+Story


Scooped by Gust MEES
Scoop.it!

WireLurker, le malware qui menace l’iPhone | Cyber Security

WireLurker, le malware qui menace l’iPhone | Cyber Security | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Une nouvelle génération de malwares

WireLurker semble, pour l’heure, peu dangereux. Néanmoins, Claud Xiao, de Palo Alto Networks, signale que le programme malveillant est « capable de voler un grand nombre de données sur les mobiles qu’il infecte ». De plus, il serait toujours en développement actif et « le but de son créateur n’est toujours pas connu ». La société recommande donc de prendre les précautions adéquates et d’installer une solution de protection contre les menaces sur mobiles (notamment celle éditée par ladite société). 

Le malware est surtout le premier d’une nouvelle famille de logiciels malveillants s’attaquant aux appareils marqués d’une pomme. Outre sa propagation massive, WireLurker est aussi le premier malware à infecter des applications iOS de même manière qu’un virus traditionnel, et le premier à générer automatiquement des programmes malveillants et à installer des applications tierces sur des mobiles non-jailbreakés. 


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:
Une nouvelle génération de malwares

WireLurker semble, pour l’heure, peu dangereux. Néanmoins, Claud Xiao, de Palo Alto Networks, signale que le programme malveillant est « capable de voler un grand nombre de données sur les mobiles qu’il infecte ». De plus, il serait toujours en développement actif et « le but de son créateur n’est toujours pas connu ». La société recommande donc de prendre les précautions adéquates et d’installer une solution de protection contre les menaces sur mobiles (notamment celle éditée par ladite société). 

Le malware est surtout le premier d’une nouvelle famille de logiciels malveillants s’attaquant aux appareils marqués d’une pomme. Outre sa propagation massive, WireLurker est aussi le premier malware à infecter des applications iOS de même manière qu’un virus traditionnel, et le premier à générer automatiquement des programmes malveillants et à installer des applications tierces sur des mobiles non-jailbreakés. 


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Wirelurker:Trojaner infiziert iPhones und iPads über USB-Verbindung

Wirelurker:Trojaner infiziert iPhones und iPads über USB-Verbindung | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Originalmeldung: Der Trojaner Wirelurker hat wohl bereits viele iPhones und iPads angegriffen: Sicherheitsforscher der Firma Palo Alto Networks haben eine iOS-Malware namens Wirelurker entdeckt, die sich über eine App verbreitet und schon hunderttausende User infiziert haben könnten.

Seinen Ursprung hat der Trojaner wohl in China, die Entdecker berichten, dass anfangs über 400 Apps im Maiyadi App Store, einem alternativen Appstore für OS X, infiziert wurden. Diese Anwendungen greifen dann die iPhones und iPads der Opfer an. Da die betroffenen Apps bislang über 350.000 Mal heruntergeladen wurden, ist die Zahl der theoretisch infizierten Apple-Geräte entsprechend groß.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker



Gust MEES's insight:

Originalmeldung: Der Trojaner Wirelurker hat wohl bereits viele iPhones und iPads angegriffen: Sicherheitsforscher der Firma Palo Alto Networks haben eine iOS-Malware namens Wirelurker entdeckt, die sich über eine App verbreitet und schon hunderttausende User infiziert haben könnten.

Seinen Ursprung hat der Trojaner wohl in China, die Entdecker berichten, dass anfangs über 400 Apps im Maiyadi App Store, einem alternativen Appstore für OS X, infiziert wurden. Diese Anwendungen greifen dann die iPhones und iPads der Opfer an. Da die betroffenen Apps bislang über 350.000 Mal heruntergeladen wurden, ist die Zahl der theoretisch infizierten Apple-Geräte entsprechend groß.

Learn more:

- http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


- http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker


more...
No comment yet.