Old Mac trojan returns

12. February 2015 Security 1
For the past few days I’ve been keeping an eye on reports stating an old Mac trojan, OpinionSpy, is back. Intego has indeed confirmed the old trojan has found it’s way back to the Mac platform. This time through downloads from download.cnet.com. The application “Free Video Cutter Joiner” will install additional contents if you allow ...

New Flash Player version available

05. February 2015 Security 0
An updated Flash Player, version 16.0.0.305, is now available for download on the Adobe website. This version patches the zero-day exploit I mentioned a few days ago. All users that have Flash Player installed should update asap. If you had previously disabled Flash Player just reverse the instruction I gave in the previously mentioned article. ...

Apple releases updated FlashBack Malware removal tools

03. February 2015 Security 1
It appears Apple has quietly released an updated tool in the fight against fake Flash Player installers. Two updates showed up today: Flashback Removal Security Update 1.0, released 02/02/2015 5:09 PM – “This update removes the most common variants of the Flashback malware.” This update also disables the Java plug-in in Safari. Flashback malware removal ...

New Flash zero-day also targets Mac users

02. February 2015 Security 1
Adobe released a security advisory today. Flash Player versions 16.0.0.296 (current version) and earlier are vulnerable to an exploit that can cause a crash which allows an attacker to take control of the affected system. This vulnerability is already being exploited in the wild and no patch is available at this time. We recommend disabling ...

Apple updates Yosemite and Safari

27. January 2015 Security 4
Today Apple released the second update to the latest OS X, 10.10.2. While the detailed list of security fixes in this update has not yet been released we know from other sources that Apple fixed the Thunderstrike exploit, briefly mentioned in my last post, and three of the vulnerabilities reported by Google last week. Also ...

Just an update (and a bit of a rant ;)

08. January 2015 Just an update, Security 2
Happy new year everyone and thank you for your support, tips, samples and more over the past year. I haven’t forgotten about this blog and I still keep my eye on any potential threats that require awareness. The past few months have just been very uneventful when it comes to Mac security. One issue I ...

Knock Knock, who’s there?

28. October 2014 Security 4
I saw an interesting video today which talks about the kinds of OS X malware and the ways they can persist. Now when it comes to ways that OS X malware can keep itself alive even after a reboot there is nothing new in this video, however the tool that was created by the author ...

Antivirus Detection Rate results updated – October 5, 2014

05. October 2014 Security 2
With quite a few AV products improving their detection rates steadily and (mostly) consistently, it’s time to raise the bar a little. Previously, the results PDF showed 4 categories: Category 1 – The best AV products with a detection rate of 90% or higher. Category 2 – AV Products with a detection rate of 60-90%. ...

Apple patches Bash vulnerability

29. September 2014 Security 3
Since late last week the internet has been buzzing about something named Shellshock. The Bash shell is something most users will never know or hear about, it runs under the hood of OS X and other major operating systems and is critical for a lot of tasks. The flaw that was discovered last week allows ...

Apple updates

21. September 2014 Security 0
Last week was a busy one and not just because of the new iPhone 6 and 6 plus. OS X 10.9.5 was released and is loaded with security fixes. A few of the noteworthy ones are: – CoreGraphics, a maliciously crafted PDF could lead to an information disclosure or code execution. – Intel Graphics Driver, ...