Apple
Snow Leopard has over 1000 new additions, one of which being reported is XProtect, Apple’s step in the direction towards security. When the user launches an installer the file is checked for malicious software currently only iServices Trojan horse and DNSChanger Trojan horse and the user is prompted with a warning. This is limited in scope and misses the vast majority of malware for Mac OS X. Read more the register.
August 25, 2009 • 1 min read
Mac OS X
MacScan anti-spyware and privacy for Mac OS X has released new spyware definitions to protect against the latest malware for Mac OS X. Definitions can be downloaded from within MacScan. Download 30 day demo of MacScan for free
August 23, 2009 • 1 min read
Key Logger
DNSChanger Trojan Horse (aka RSPlug Trojan) is running wild lately with multiple variants surfacing rapidly and being distributed through more mainstream sites including gamer and technical download sites as well as pornographic and search engine optimized pages resulting in high rankings in search results.
Learn more about the symptoms of DNSChanger Trojan Horse infected computers or scan your computer for spyware with MacScan or remove DNSChanger Trojan Horse (RSPlug) with DNSChanger Trojan Horse Removal Tool for free.
June 26, 2009 • 3 min read
Apple
Today Apple released Java for Mac OS X 10.5 Update 4, which is an update that appears to correct the Java vulnerability reported by SecureMac last month. The update requires OS X 10.5.7 or higher. More information can be found at: http://support.apple.com/kb/HT3581.
June 15, 2009 • 1 min read
Mac OS X
The trojan horse OSX/Jahlav-C recently reported in the news is in fact a variant of the already discovered DNSChanger Trojan Horse. Other variant and aliases include OSX.RSPlug, OSX/Puper and OSX/Jahlav.
This variant is already detected by SecureMac’s Anti-Spyware product MacScan as well as the free DNSChanger Trojan Horse Removal Tool. Learn more information on avoiding DNSChanger Trojan Horse and removal tips.
June 12, 2009 • 1 min read
Apple
Apple has finally acknowledged that spyware and viruses are a threat for Mac OS X, as well as the latest operating system in the works, Snow Leopard. Snow Leopard will be adding new technology to help prevent against attacks such as sandboxing and anti-phishing features in Safari. This, however, is not a 100% solution to protect against malware.
June 10, 2009 • 3 min read
Apple
Security Alert: Safari prior to version 4 (released June 8th, 2009) may permit malicious web pages to steal files from the local system simply by accessing a web page without further interaction. This vulnerability is present in both Mac OS X and Windows Safari. The attack is accomplished by mounting an XXE attack against the parsing of the XSL XML.
June 9, 2009 • 1 min read
Mac OS X
SecureMac Advisory
Posted: June 9th, 2009
Security Risk: Critical
Safari prior to version 4 (released June 8th, 2009) may permit malicious web pages to steal files from the local system simply by accessing a web page without further interaction. This vulnerability is present in both Mac OS X and Windows Safari. The attack is accomplished by mounting an XXE attack against the parsing of the XSL XML.
Chris Evans has documented this vulnerability in his advisory on his website http://scary.beasts.org/security/CESA-2009-006.html
Safari 4 is now available for download for both Windows and Macintosh systems. Suggested to …
June 7, 2009 • 1 min read
Apple
Today, Landon Fuller posted a proof-of-concept exploit for an unpatched vulnerability in the Java Runtime Environment currently in use by OS X. While this particular proof-of-concept is meant to be harmless, the vulnerability itself currently affects OS X, including OS X 10.5.7, the latest shipping version of OS X. This vulnerability could be exploited to perform “drive-by-downloads” commonly used as a means to infect computers with spyware, or any arbitrary command with the permissions of the executing user. All a user has to do is visit a web page hosting a malicious java applet to be exploited. Until Apple patches their implementation of Java, we recommend that users disable Java applets in their web browser.
May 19, 2009 • 2 min read
Mac OS X
Posted: April 17th, 2009
The iServices Trojan Horse botnet first reported by SecureMac back in January has been activated. Users who have been infected are encouraged to download the iServices Trojan Horse Removal Tool, available for free at http://www.securemac.com/files/iServicesTrojanRemovalTool.dmg
Read more about the botnet at MacNN.
April 17, 2009 • 1 min read
Apple
SecureMac Advisory
Posted: March 17th, 2009
Security Risk: Critical
Just after the DNSChanger 2.0d variant was identified, another new variant of the DNSChanger Trojan Horse, DNSChanger 2.0e, has been discovered in the wild. The trojan horse arrives in a disk image (some samples are called serial_Avid.Xpress.Pro.5.7.2.dmg), and is again disguised as an installer for “MacCinema,” just like the 2.0d variant. Once installed, the trojan horse behaves in a similar manner to past variants.
This variant is being distributed on websites offering “cracked” or pirated copies of software, and is initially disguised as a serial …
March 2, 2009 • 3 min read
Mac OS X
Pirated copies of Photoshop CS 4 has been reported by Intego to contain malware. On January 16th Photoshop CS 4 containing the malware was seeded to peer-2-peer servers. This trojan have been labeled as OSX.Trojan.iServices.B, the second variant of the trojan, the first discovered in iWork 09 pirated software. It is recommended not to download these files. Like its predecessor this variant obtains root privileges, and notifies the remote host of the infected computers location on the Internet.
January 26, 2009 • 1 min read