The plague of rogue AV scareware apps has been a source of controversy and heated debate over the past few weeks. Mac users are trained to believe the OS is impervious, making them easier targets for social engineering attacks like MacDefender.
Apple initially stayed out of the fray, and directed support techs not to get involved with eradicating the malware from Mac systems, but eventually Apple acknowledged the threat and developed this update to address the problem.
Mac users should download and apply the update immediately.]]>
A Microsoft On The Issues blog posts describes some of the key findings of Microsoft SIR v10:
· Rogue Security Software – Rogue security software was detected and blocked on almost 19 million systems in 2010, and the top five families were responsible for approximately 13 million of these detections.
· Phishing – Phishing using social networking as the lure increased 1,200 percent – from a low of 8.3 percent of all phishing in January to a high of 84.5 percent in December 2010. Phishing that targeted online gaming sites reached a high of 16.7 percent of all phishing in June.
· Adware – Global detections of adware when surfing websites increased 70 percent from the second quarter to the fourth quarter of 2010. This increase was almost completely caused by the detection of a pair of new Adware families, JS/Pornpop and Win32/ClickPotato, which are the two most prevalent malware in many countries.
A rapidly increasing number of Mac users are learning just how pervasive the rogue AV threat is as well. Mac Defender has been plaguing Mac OS X to the extent that Apple finally had to admit it is an issue and commit to delivering a fix for Macs to detect and prevent the threat.]]>
Only a few weeks after the revelation that the Skype for Android app left sensitive personal data on Android devices exposed for potential compromise, Skype has a new security issue to deal with in the form of a flaw in the Mac OS X client software which could allow an attacker to take control of a vulnerable Mac OS X system.
In the blog post describing the flaw, PureHacking notes that, “an attacker needs only to send a victim a message and they can gain remote control of the victim’s Mac. It is extremely wormable and dangerous.”
While Skype does acknowledge the issue in a blog post of its own, the Skype blog post simply says that an exploit of the flaw could cause the Skype for Mac software to crash, and doesn’t mention anything about a worm. In fact, the Skype post seems to downplay the possibility of a worm by pointing out that an attack would have to come from a contact you know because the default security settings won’t display messages from contacts you haven’t authorized.
In the end, it doesn’t really matter for two reasons. First, although Mac OS X is creeping up in market share and may soon be a target worthy of the effort, the fact is that attackers are busy developing attacks for Windows PCs because the potential payoff is much larger from the platform that has 90 percent market share than it is from the platform that has less than ten percent.
The second reason is that Skype already has a hotfix available that addresses the problem, and as of next week it will push out an updated version of the Skype for Mac software that resolves the problem as well. So, whether you choose to rush out and get the patch, or wait a week and get the larger software update, odds are good the problem will be fixed before you need to worry about a Mac worm pwning your system.]]>
Apple has reportedly invited expert security researchers to analyze an early preview release of the OS and provide feedback. Dino Dai Zovi–co-author of The Mac Hacker’s Handbook, and Charlie Miller–Dai Zovi’s co-author and perennial winner of the Pwn2Own race to hack the Mac, are among those invited to scrutinize Lion.
According to a report from ComputerWorld’s Greg Keizer, the researchers must agree to an NDA which bars them from sharing anything they might find with the public. Keizer quotes Miller, stating, “They’ve never done this before. That they’re thinking of reaching out [to researchers] is a good positive step, but whether it makes a difference, I’ll believe it when I see it.”]]>
A post from AppleInsider.com provides a detailed look at how the patent application describes the potential data security measure. Basically, the “safe deposit box” would be a folder or partition specifically designated for secure storage. Files that dragged to the safe deposit box would have additional security measures in place and require user authentication to access–a’ la verifying one’s identity and providing the necessary key in order to access a bank safe deposit box.
But, imagine if your bank somehow duplicated your sensitive and priceless possessions from your safe deposit box, and stored the copies in another safe deposit box at another bank as an added precaution? Well, Apple plans to do that as well. Files stored in the safe deposit box will be automatically copied to secure storage in the cloud.
Conceptually, it sounds nice. But, like most approaches to data protection the Achilles heel is the user. The success or value of an approach like this relies on the user’s ability to determine what data is important or sensitive, and the user’s execution to make sure the data gets stored in the right folder.
Assuming a user with the ability and willingess to follow through, the safe deposit box seems like a reasonable method of data protection.]]>