http://www.informationweek.com/news/global-cio/interviews/232901077
http://www.informationweek.com/news/global-cio/interviews/232901077
After Flashback, Apple Walled Gardens Won't Help
Apple and other vendors will use the Flashback botnet as reason to move forward with desktop walled garden restrictions. Here's why that approach won't cut malware.
http://www.informationweek.com/news/security/attacks/232900524
Mac Trojan Fallout: Apple Security Glory Days Gone?
Apple's reputation as an unattractive target for malware writers changed when the Flashback trojan hit more than 600,000 Macs. But Windows security still looks worse.
Antivirus vendors have been reminding consumers that Macs have never been inherently virus-free, and that Flashback--and its apparent spawn, SabPub--isn't the only badware in circulation. "According to SophosLabs, more than three-quarters of last week's malware reports from Sophos Anti-Virus for Mac were for other families of badware, including a lot of year-or-more-old stuff," said Paul Ducklin, head of technology for Sophos in the Asia Pacific region, in a blog post on Tuesday.
Antivirus vendors have been using the Flashback episode to urge people to use their Mac antivirus scanners, which are typically free. Accordingly, adopting anti-malware tools for Macs shouldn't be a hard sell.
How vulnerable are Mac users? Apple began targeting the Flashback-related botnet's command and control servers and issuing patches to block the malware, at least for users of the latest two versions of its operating system. Furthermore, attackers were able to exploit a vulnerability not in OS X itself, but a Java plug-in, which was then targeted by malware known as SabPub. While a second version of SabPub also appeared that didn't target the Java bug, it used an Office for Mac vulnerability that Microsoft patched back in 2009. Accordingly, anyone who's updated their Word software since then is already protected.
http://nakedsecurity.sophos.com/2012/04/17/flaming-retort-all-this-new-mac-malware-whose-fault-is-it/
Let's start with Windows users.
Last year, Sophos bought a job-lot of USB keys from a rail company's annual lost property auction. Two-thirds of them contained malware - all of it for Windows.
Not one file on any of the keys was encrypted, even though many of the files contained personal or business information.
This shouldn't be happening in the 2010s. Any decent anti-virus software would have made mincemeat of the malware infections on the keys we acquired.
And our free encryption tool [download link, Windows only, ungated] makes it easy to secure your files when you're taking them on the road.
Apple and other vendors will use the Flashback botnet as reason to move forward with desktop walled garden restrictions. Here's why that approach won't cut malware.
http://www.informationweek.com/news/security/attacks/232900524
Mac Trojan Fallout: Apple Security Glory Days Gone?
Apple's reputation as an unattractive target for malware writers changed when the Flashback trojan hit more than 600,000 Macs. But Windows security still looks worse.
Antivirus vendors have been reminding consumers that Macs have never been inherently virus-free, and that Flashback--and its apparent spawn, SabPub--isn't the only badware in circulation. "According to SophosLabs, more than three-quarters of last week's malware reports from Sophos Anti-Virus for Mac were for other families of badware, including a lot of year-or-more-old stuff," said Paul Ducklin, head of technology for Sophos in the Asia Pacific region, in a blog post on Tuesday.
Antivirus vendors have been using the Flashback episode to urge people to use their Mac antivirus scanners, which are typically free. Accordingly, adopting anti-malware tools for Macs shouldn't be a hard sell.
How vulnerable are Mac users? Apple began targeting the Flashback-related botnet's command and control servers and issuing patches to block the malware, at least for users of the latest two versions of its operating system. Furthermore, attackers were able to exploit a vulnerability not in OS X itself, but a Java plug-in, which was then targeted by malware known as SabPub. While a second version of SabPub also appeared that didn't target the Java bug, it used an Office for Mac vulnerability that Microsoft patched back in 2009. Accordingly, anyone who's updated their Word software since then is already protected.