In the last few days, I have been asked by a journalist (or four) what MacDefender means for the future of Apple security, and if I thought there was excess hype around it. I'll address the second question first. I think its safe to say the current malware would not be newsworthy if
Security companies in general and, unfortunately, anti-malware companies in particular, are often accused of ‘hyping’ threats because of a perceived self-interest. However, in the main, legitimate vendors and researchers like those at ESET typically try to resist overhyping or playing up threats where possible, in favor of more balanced discussion that can help customers take
George Santayana was a really smart philosopher. He is best known for his quote “Those who cannot remember the past are condemned to repeat it”. If you want to learn a little something from the past so as not to repeat other people’s mistakes then you can read Aryeh’s blog from when the first iPad
I like Macs. Not in an "OS X is God's own Operating System" sort of way, but I've owned/used many Macs, from SE/30s and IICX's to iMacs, eMacs and Macbooks. In fact, at least two of my books were written on the Powerbook which was my workhorse machine in my last couple of years at
...iPhones are, under limited circumstances, willing to share information with other devices when they shouldn't...
A spyware application Intego calls OSX/OpinionSpy is being spread as part of the installation process for a number of screensavers and other apps.
While I was at the EICAR conference earlier this week, I also co-presented (along with Pierre-Marc Bureau and Andrew Lee) a paper on "Security, Perception and Worms in the Apple"... so along with the new paper, I've made available again the paper on Macs and malware that I presented at Virus Bulletin in 1997.
iPad and iPhone development and security issues are across the blogosphere and traditional media today. Starting with some interesting antivirus industry news concerning the iPad… Apple iPad users are being offered a security program to scan their new device for vulnerabilities and rogue software should such things emerge as threats. Hailing it as the first
I see that Bill Ray of the Register has also picked up on the iPad jailbreaking issue I blogged on yesterday. (No, I don't suppose he read it there.) Interestingly, though, he talks much less about the security implications than about the slow take-up of newspaper subscriptions among early adopters. Andy Greenberg, on the other hand,
[Update: it appears that the information I had earlier was incorrect or out-of-date, and there has been loss of life. There's also a report from TechHerald suggesting early exploitation of the incident for SEO poisoning leading to fake AV. However, a quick scan currently (Monday evening) shows news items from such known malefactors as the
Unfortunately, I'm not able to attend the CanSecWest 2010 conference in Vancouver this week, though I think Pierre-Marc will be there. I would have been more than a little interested in Charlie Miller's presentation on fuzzing Mac applications: that is, “…a method for discovering faults in software by providing unexpected input and monitoring for exceptions.”
[Update: The Register's John Leyden has also commented on the issue at http://www.theregister.co.uk/2010/02/16/apple_bans_iphone_hackers/] There's been a burst of interest in the last day or so in the blocking of certain Apple IDs from the iTunes App Store. Some bloggers have suggested that this might be a precursor to a massive blocking of jailbroken phones from accessing
These are a few questions relating to ESET's antivirus scanner for OS X, which is currently in beta, that I was asked in response to a post at Mac Virus. (If you want to take the beta out for a spin, you can still download it at http://beta.eset.com/macosx.) As these questions are very ESET-specific, I
Apple has released its first patches of 2010 and if you are running Snow Leopard I recommend you apply the patches. Apple users have the distinct advantage of Windows users of predominantly being ignored. Despite the fact that playing a malformed audio file can cause arbitrary code execution (which means your Mac is vulnerable to
[Update, courtesy of Mikko: this worm targets at least one Dutch bank, and activates when users go to the online bank with an infected iPhone ] [Update 2, courtesy of Paul Ducklin: how to change the password of an infected phone. I could just tell you what the password is, but you might want to read
In my previous blog on this topic (http://www.eset.com/threat-center/blog/2009/11/11/hacker-tool-exploits-vulnerability-in-jailbroken-iphones), I said that I didn’t know if this hacking tool worked under Windows as well as OSX/Unix and Linux. I’ve subsequently exchanged email with Philippe Devallois at Intego, who tells me (thanks, Philippe!) that in principle, it will work fine with Windows. It’s written in Python (as
I don’t really want to keep banging on about jailbroken iPhones when there are threats out there that affect many more people (though according to Intego, 6-8% of iPhones are, in fact, jailbroken, so I don’t want to minimize the threat either). I’m quoting Intego because they’ve just blogged (http://blog.intego.com/2009/11/11/intego-security-memo-hacker-tool-copies-personal-info-from-iphones/) what I think is a
A report from SANS concludes that security professionals may not be paying attention to some of the biggest threats out there today. Not terribly long ago the Windows operating system was the attack target of the bad guys. There were tons of exploitable vulnerabilities and they were heavily exploited. Since that time Microsoft has put
Kelly Jackson Higgins with Dark Reading reported that the anti-phishing technology on the iPhone is currently not working. You can read the article at http://www.darkreading.com/security/client/showArticle.jhtml?articleID=219700594&cid=nl_DR_DAILY_T The truth is that no anti-phishing technology is reliable. The technologies can help, sometimes significantly, but the most effective protection is an educated user. All of the technologies have failure
You may have seen some news today about a new vulnerability that can potentially affect Windows Vista. Microsoft will have a patch for the flaw, hopefully before it is exploited. Of course, Microsoft had a patch for the flaw that Conficker exploited, but too many people are not patching anything. It’s a good idea to