 Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
|
Eine Sicherheitslücke im Tor-Browser ist geschlossen worden. (Bild: David Bates/Golem.de)
LINUX UND MAC:
Tor-Browser-Exploit verrät IP-Adresse einiger Nutzer
Unter bestimmten Voraussetzungen verrät der Tor-Browser die unverschleierte IP-Adresse der Nutzer. Betroffen sind nur Mac und Linux-Versionen des Firefox-Bundles, in der täglichen Nutzung dürfte der Fehler nur wenige Personen betreffen.
Das Tor-Projekt hat ein Notfallupdate für die Linux- und Mac-Versionen des Tor-Browser-Bundles veröffentlicht. Unter bestimmten Umständen verraten die beiden betroffenen Versionen die reale IP-Adresse der Nutzer und machen somit die angestrebte Anonymität kaputt. Die Windows-Version des Tor-Browsers, die Tails-Distribution und der im Alpha-Test befindliche Tor-Browser mit Sandboxing sollen nicht betroffen sein. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=TOR
|
|
Scooped by
Gust MEES
|
Mit einem einfachen Trick greift der MacDownloader Passwörter ab. Die Malware soll es auf Mitarbeiter von US-Rüstungsfirmen und Menschenrechtler abgesehen haben. Getarnt als Adobe-Flash-Installer und Entfernungs-Tool für Adware von Bitdefender versucht die Malware MacDownloader, Passwörter an seine Urheber weiterzuleiten. Das schreiben die beiden Sicherheitsforscher Claudio Guarnieri und Collin Anderson in einem Bericht. Tarnung: Die Malware gibt sich als Flashplayer aus. (Quelle: iranthreats.github.io) Nach der Installation versucht der MacDownloader, mithilfe eines gefälschten System-Dialogs, an die Passwörter der Opfer zu kommen, und leitet den Apple-Schlüsselbund schließlich an die Angreifer weiter. Diese sollen aus dem Iran stammen, so die Sicherheitsforscher. Learn more / En savoir plus / Mehr erfahren:
|
|
Scooped by
Gust MEES
|
Neue Malware installiert Hintertüren auf Macs
Malware gibt es auch für Mac-Nutzer. Kaspersky hat die OS-X-Variante einer Backdoor-Software entdeckt, die auch für Windows und Linux existiert. Angreifer können damit Tastaturanschläge protokollieren und gezielt nach Dateien suchen.
Eine neue Malware für OS X installiert eine Hintertür auf dem Rechner der Nutzer, wie Kaspersky schreibt. Die Software mit dem Namen OSX.Mokes wurde im Januar dieses Jahres bereits in Versionen für Linux und Windows entdeckt.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=cross-platform http://www.scoop.it/t/securite-pc-et-internet
|
|
Scooped by
Gust MEES
|
Researchers have pointed out an interesting aspect of the iOS malware. The threat contains binary code for 32-bit ARMv7, 32-bit ARMv7s, and 64-bit ARM64 architectures. This makes WireLurker the first iOS malware that targets the ARM64 architecture.
The Maiyadi App Store on which the initially discovered variants were hosted seems to be linked to the creators of the malware, Palo Alto said. One piece of evidence is the bundle identifier named "com.maiyadi.installer" in the OS X samples. The samples also include copyright information referencing Maiyadi.
The C&C servers user by WireLurker are currently inactive, and Apple has taken steps to ensure that its users are protected, including the revocation of the stolen code signing certificates used by the malware creators to run the malicious iOS apps on non-jailbroken devices.
Learn more:
- http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security?q=wirelurker
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
Et si je vous disais qu'il y a dans votre ordinateur un mouchard que vous ne pouvez pas enlever, qui a été mis en place par le constructeur, qui est sur les listes blanches de la plupart des antivirus et dont vous n'avez jamais entendu parler ? La société Kaspersky, spécialisée dans la détection et …
Via Frederic GOUTH, Gust MEES
About 860,000 members who post on the forums of popular Apple news website MacRumors are being asked to change their passwords after accounts were compromised in a hack.
Via Gust MEES
Mac backdoor Trojan takes advantage of Unicode's Right-to-Left marker to hide its true nature, steals screenshots and audio from infected computers.
Via Gust MEES
Patch Tuesday is coming on 11 June 2013.
Paul Ducklin gives you a quick preview of what we know so far, and who'll be affected by the updates...
(Mac users, that might include you.)
INFOGRAPHIE: Pourri jusqu'à l'os
Via Gust MEES
|
|
Scooped by
Gust MEES
|
Minority groups in China appear to have been targeted by a Mac malware attack, delivered via boobytrapped Word documents.
Who could possibly be interested in targeting their computers? It is true that there is much less malware for OS X than there is for Windows, but that's not going to make you feel any better if you end up targeted in an attack like this. Mac users, just like Windows users, need to ensure that they install the latest security patches and keep their software properly up-to-date. If you're not already doing so, run anti-virus software on your Macs. If you're a home user, there really is no excuse at all as we offer a free anti-virus for Mac consumers.
|
|
|
Scooped by
Gust MEES
|
Une note de sécurité du Kaspersky Lab, sur sa plateforme SecureList, met en garde contre un malware multiplateforme qui se répand via Facebook Messenger.
Pratiquement, le malware vous envoie un message sur Messenger, sous l'identité d'un ami... Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=Facebook
|
|
Scooped by
Gust MEES
|
A proof of concept from security researcher and software developer Samy Kamkar shows that macOS, Windows, and Linux computers can have any previously active Web logins hijacked merely by plugging in a tiny Unix device via USB or Thunderbolt, even if the computer is locked and password protected, and possibly even when it seems to be asleep. It can also hijack many router brands on the same network.
PoisonTap exploits several interlocked network and browser design features, rather than relying on an operating system, hardware, or browser flaw. This will make it harder to root out and resolve. Kamkar said in an interview, “The interesting attacks to me are by design: how do you exploit the protocol rather than a single buffer overflow that gets patched the next day.” Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Samy+KAMKAR http://www.scoop.it/t/securite-pc-et-internet/?tag=Raspberry+PI
|
|
Scooped by
Gust MEES
|
Security researchers have discovered a new type of "Man-in-the-Middle" (MitM) attack in the wild targeting smartphone and tablets users on devices running either iOS or Android around the world.
The MitM attack, dubbed DoubleDirect, enables an attacker to redirect a victim’s traffic of major websites such as Google, Facebook and Twitter to a device controlled by the attacker. Once done, cyber crooks can steal victims’ valuable personal data, such as email IDs, login credentials and banking information as well as can deliver malware to the targeted mobile device.
San Francisco-based mobile security firm Zimperium detailed the threat in a Thursday blog post, revealing that the DoubleDirect technique is being used by attackers in the wild in attacks against the users of web giants including Google, Facebook, Hotmail, Live.com and Twitter, across 31 countries, including the U.S., the U.K. and Canada.
|
|
Scooped by
Gust MEES
|
A critical vulnerability in the Bourne again shell, simply known as Bash and which is present in most Linux and UNIX distributions and Apple’s Mac OS X, has been discovered and administrators are being urged to patch immediately.
The flaw allows an attacker to remotely attach a malicious executable to a variable that is executed when Bash is invoked.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Bash+Command+Flaw
|
|
Scooped by
Gust MEES
|
Security researchers have found the first malware using the new Bash bug.
Security researchers have found proof of concept code that attempts to exploit the serious bug discovered this week in Bourne-Again Shell, also known as Bash, which according to US CERT affects both Linux and Mac OS X.
The good news yesterday that some Linux distributions shipped patches for the bug yesterday has already been tempered by the discovery that those patches only partially dealt with potential attacks. In an update overnight, Red Hatsaid that it was developing a new patch, however, it is still advising users to apply the incomplete one for now. At the same time as security experts have been racing to develop fixes for the bug and patch systems, it appears hackers have been working on tools to attack vulnerable systems.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Bash+Command+Flaw
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
Utrecht, le 27 novembre 2013 - Selon une récente enquête de Kaspersky Lab, il existe de fortes probabilités qu’un nombre croissant d’utilisateurs Mac soient la proie de menaces d’Internet. La quantité des logiciels malveillants ciblant les Mac a augmenté de 50% au cours des douze derniers mois. Pourtant, plus d’un tiers (35%) de tous les utilisateurs Mac pensent à tort être protégés contre les menaces numériques.
Le nombre des propriétaires de Mac continue de progresser, et par conséquent l’intérêt des cybercriminels pour cette plate-forme s’amplifie lui aussi. Les virus informatiques, chevaux de Troie, astuces de phishing et autres menaces d’Internet visant cette plate-forme sont d’ores et déjà en circulation, en grands nombres qui plus est. Les utilisateurs sont ainsi tout aussi vulnérables que les utilisateurs de PC Windows.
Via Gust MEES
The FBI has become aware of the recent news regarding the ransomware that’s designed to target Mac OS X users. The agency’s Internet Crime...
Via Gust MEES
For years, Windows users have been plagued by ransomware demanding several hundred dollars to unlock their computers. Now there's a growing market to target Macs.
Via Gust MEES
The Oslo Freedom Forum is an annual event "exploring how best to challenge authoritarianism and promote free and open societies." This year's conference (which took place May 13-15) had a workshop for freedom of speech activists on how to secure their devices against government monitoring. During the workshop, Jacob Appelbaum actually discovered a new and previously unknown backdoor on an African activist's Mac.
Our Mac analyst (Brod) is currently investigating the sample.
It's signed with an Apple Developer ID.
Via Gust MEES
Macworld Australia is the premier Australian source for news, reviews, help, how-tos, and expert opinion for the Australian Apple market, including the Mac, iPhone, iPad, and iPod.
Via Gust MEES
|
![Pourri jusqu'à l'os [Infographic] | ICT Security-Sécurité PC et Internet | Scoop.it](https://img.scoop.it/yrxY_sDewqzAEcP19KRYeTl72eJkfbmt4t8yenImKBVvK0kTmF0xjctABnaLJIm9)
Eine Sicherheitslücke im Tor-Browser ist geschlossen worden. (Bild: David Bates/Golem.de)
LINUX UND MAC:
Tor-Browser-Exploit verrät IP-Adresse einiger Nutzer
Unter bestimmten Voraussetzungen verrät der Tor-Browser die unverschleierte IP-Adresse der Nutzer. Betroffen sind nur Mac und Linux-Versionen des Firefox-Bundles, in der täglichen Nutzung dürfte der Fehler nur wenige Personen betreffen.
Das Tor-Projekt hat ein Notfallupdate für die Linux- und Mac-Versionen des Tor-Browser-Bundles veröffentlicht. Unter bestimmten Umständen verraten die beiden betroffenen Versionen die reale IP-Adresse der Nutzer und machen somit die angestrebte Anonymität kaputt. Die Windows-Version des Tor-Browsers, die Tails-Distribution und der im Alpha-Test befindliche Tor-Browser mit Sandboxing sollen nicht betroffen sein.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=TOR