SecureMac.com
About SecureMac Advertise Security Consulting Mac Security Store Send Feedback

Site Information
Site Background
Who runs the site
Advertising
Security Consulting
Employment/Jobs
Feedback Form

SecureMac Software
PrivacyScan

 

Mac OS X Security
sudo buffer overflow exploit + fix
Disable Single User Boot Mode
Malevolence - Dumping Passwords
nidump security
Startup Security - Open Firmware Password Protection

Mac OS X Network Security
SAINT
Secure FTP Wrapper
Ettercap - sniffer interceptor logger
Snort - Network Intrusion Detection System
SSH Admin
SSH Helper
xnu - enable MAC Address spoofing


Mac OS X Virus

Mac OS X Firewalls
Firewalk Firewall Utility
NetBarrier X

Mac OS X App Sec.

Mac OS X Encryption
LittleSecrets
GPGMail - PGP Functionality

Mac OS X DoS

SecureMac Library
Mac Cable Modem Security
Mac Security Auditing
Mac OS X Security Understanding
Mac OS X Security Second Lessons
Mac OS X Security Third Lesson
Mac OS X Single User Mode Root Access
Mac OS X Shareware Firewalls
Mac OS X Secure Installation
Cable & DSL Connections - Security Measures
Better Safe than Sorry
Apple.com Security Resources
Marketing Macintosh Security Programs

Welcome to SecureMac, a site devoted to Apple Macintosh security and Mac OS X Security! Use the Side Bar to navigate the site, check this page frequently for updates and new security products for the Mac OS!

Macs get malware, Get MacScan!

Submit your news, feedback, security tips quickly!

New Mac Security News

We just added the following news to our Site:

09.11.2014
SecureMac has released a new version of their privacy app, PrivacyScan 1.6. The latest version of the personal privacy application is designed specifically for Mac OS X, adding features to securely wipe digital footprints left after using the computer and accessing the Internet. In this latest release, PrivacyScan adds improved compatibility with future versions of Mac OS X and also adds additional Firefox web browser support and fixes. Download PrivacyScan 1.6 | Learn more.

02.25.2014
Apple has released Mac OS X Mavericks 10.9.2 and Security Update 2014-001 addressing multiple vulnerabilities including app sandbox bypass, SSL/TSL, Safari Session Cookies, QuickTIme and much more. It is recommended to update to Mac OS X 10.9.2 immediately.

02.13.2014
Wednesday evening, Apple updated XProtect to defend against the two known variants of OSX/CoinThief.

SecureMac has more information on how the CoinThief malware is initially installed on infected systems, with steps it takes to disguise its behavior. Read more information about CoinThief.

02.12.2014
SecureMac has discovered that OSX/CoinThief has been distributed under four different app names and from various download sites. Identification and removal instructions can be found here.

02.11.2014
SecureMac has discovered that variants of OSX/CoinThief are being actively distributed through popular download sites exposing users to this malware. Continue reading the developing advisory about OSX/CoinThief Bitcoin stealing trojan horse.

02.09.2014
Security Alert: SecureMac has discovered a new Trojan Horse called OSX/CoinThief.A, which targets Mac OS X and spies on web traffic to steal Bitcoins. This malware has been found in the wild, and there are multiple user reports of stolen Bitcoins. Read the developing story New Apple Mac Trojan Called OSX/CoinThief.

01.14.2014
SecureMac has released PrivacyScan 1.5 (http://privacyscan.securemac.com/ ), offering privacy protection for Mac users. In this latest release, PrivacyScan will notify Google Chrome and Chromium users when their browser is configured to sync with Google’s servers, which can restore erased data. PrivacyScan will also add the capability to clean open windows in many popular apps along with other updated features and enhancements. Download a 15-Day Free trial of PrivacyScan today or buy direct from Mac App Store or PrivacyScan website.

10.15.2013
SecureMac has announced the release of PrivacyScan 1.4. The latest version of its critically acclaimed personal privacy application is designed specifically for Mac OS X Mavericks, adding features to securely wipe digital footprints left behind after using the computer and accessing the Internet. Because this latest release is engineered for Apple’s latest operating system (Mac OS X 10.9), it can adapt to the new technology to ensure advanced security by seeking and destroying privacy threats attempting exploit the latest Mac OS version. - http://privacyscan.securemac.com

09.27.2013
SecureMac has prepared a guide to help users identify and remove the adware being distributed by CNET's download.com in place of popular Mac apps. The guide provides detailed information, including step-by-step instructions to determine if the adware is installed on your system, and the steps to remove it.
Read More

09.26.2013
SecureMac has discovered adware being delivered in place of popular Mac apps on CNET's Download.com. Get the details on how the adware is being delivered, and ways to identify if it is installed on your system.
Read More

07.26.2013
SecureMac has released an update to PrivacyScan that includes new support for Opera 15 and the Chromium web browser, bug fixes, an improved user interface, reduction in price and a 15-day free trial. PrivacyScan is available for a limited time for 7.99 from the Mac App Store and direct from the PrivacyScan site. This is a free update for existing PrivacyScan users -- please see upgrade instructions for Mac App Store purchases and SecureMac purchases.

06.27.2013
PrivacyScan now has a free trial available for users to seek and destroy privacy threats and is available for immediate download exclusively from http://privacyscan.securemac.com/download. PrivacyScan has also added an additional purchasing option, adding the ability to purchase directly from the PrivacyScan site.
Read more

06.18.2013
SecureMac announced today that PrivacyScan, the online and offline privacy application to seek and destroy privacy threats while clearing up valuable hard disk space, has been nominated for Macworld UK's 2013 award in the Best Consumer Software category. PrivacyScan made the shortlist for the 18th annual Macworld UK awards 'Best Consumer Software' category ranking with 10 of the industry's leading software titles. Winners will be announced at the award ceremony the evening of June 20, 2013, at The Royal Garden Hotel in London.
Read More

05.20.2013
SecureMac created an infograph to help show an assortment of statistics highlighting the changes in both mobile OS popularity and the malware that associated with each over the past three years.
Read More

03.26.2013
SecureMac announces the release of PrivacyScan 1.2, a specialized app to seek and destroy privacy threats for the Mac, now available in the Mac App Store. PrivacyScan is a utility designed for people who value privacy and want to keep their online and offline experiences to themselves. PrivacyScan has been met with critical acclaim, including being awarded Best of Show for Macworld | iWorld by Macworld UK, Editor’s Choice Award — Macworld UK, Mac Gem for Macworld GemFest 2012, a 5 Mouse Rating from Macworld UK, 5/5 Mice from Macworld AU, has top ranking in the utilities section of the Mac App Store, and continues to receive rave reviews from users.
Get PrivacyScan 1.2

01.08.2013
Security New Years Resolution - 5 Easy Tips to Keep Your Mac Secure in 2013 has been published and is now available for immediate implimentation to help keep you secure this New Year! Which methods are you already using and how do you rank?
Read More

11.28.2012
Security researcher Israel Torres for SecureMac has published his latest piece about OS X security entitled 10 Security Tips for Safe Computing for OS X Mountain Lion. The in-depth article covers many aspects of OS X's built-in security features and how to use them to your benefit.
Read More

08.10.2012
SecureMac releases MacScan 2.9.4 offering full Apple Mac OS X Mountain Lion (10.8) support as well as interface updates and enhanced support for both Firefox and SeaMonkey web browsers. The latest version also adds the latest definitions to protect against the malware affecting Mac OS X and has been featured in the August 2012 issue of Macworld as “Hot Stuff — What We’re Raving about This Month.”
Read More

04.11.2012
PrivacyScan 1.1, Privacy Protection for Your Mac, is now available in the Mac App Store with new and improved privacy cleaning features. PrivacyScan protects online and offline privacy by shredding files that can be used to track your web browsing and computer usage. PrivacyScan's shred functionality is able to overwrite sensitive data up to 35 passes!
Read More

04.04.2012
From Doctor Web, the Russian anti-virus vendor—"conducted a research to determine the scale of spreading of Trojan BackDoor.Flashback that infects computers running Mac OS X. Now BackDoor.Flashback botnet encompasses more than 550 000 infected machines, most of which are located in the United States and Canada. This once again refutes claims by some experts that there are no cyber-threats to Mac OS X."

Apple released Java update featuring security fixes that were exploited by Flashback Trojan. Install the latest update to patch these threats. Read more about the Java update here

03.20.2012
SecureMac has learned of a new piece of Mac malware that is currently in the wild and infecting computers running OS X. As first reported at http://labs.alienvault.com/labs/index.php/2012/alienvault-research-used-as-lure-in-targeted-attacks/ this piece of malware exploits a vulnerability in computers running older, unpatched versions of Java.
Read More

03.15.2012
SecureMac is honored and humbled that Macworld UK has awarded PrivacyScan as Best of Show winner for Macworld | iWorld this year. PrivacyScan gives peace of mind to the privacy-conscious user by ensuring that potential threats, both online and offline, are eradicated with multiple levels of secure delete file shredding.
Read More

02.08.2012
SecureMac has released PrivacyScan 1.0.1, Privacy Protection for Your Mac available for download immediately from the Mac App Store . PrivacyScan has seen top rankings on the Mac App Store, during first launch at Macworld 2012 the program took placement #7 in the Top Paid Apps and #1 in Utilities across the board. The latest version of PrivacyScan adds bug fixes and is available for free to existing users.

01.26.2012
PrivacyScan, Privacy Protection for Your Mac, is now available on the Mac App Store. PrivacyScan protects online and offline privacy by shredding files that can be used to track your web browsing and computer usage. Going above and beyond United States DoD (Department of Defense) government standards, PrivacyScan's shred feature can overwrite data with up to 35 passes! Check it out on the Mac App Store or visit the PrivacyScan homepage.

View press release

01.18.2012
SecureMac will be exhibiting at Macworld | iWorld 2012 (January 26th - 28th) in San Francisco, California. PrivacyScan, the latest in privacy software will be released at the show and demonstrated at booth #442. The team will also be demonstrating the latest version of MacScan, giving away goodies and talking security. Be sure to stop by the booth, and to learn more about PrivacyScan be sure to follow PrivacyScan on Facebook and Twitter.

12.20.2011
SecureMac is celebrating the release of MacScan 2.9.2 and offering users a free 30-day trial to audit their computer's security for malware and privacy threats. The latest version adds additional browser support, scheduler bug fixes, interface changes and the latest definitions to protect against the malware affecting Mac OS X. Download MacScan Now

12.15.2011
SecureMac will be exhibiting at MacWorld | iWorld in San Francisco, Ca. January 26th - 28th 2012 located at booth 442. If you haven't pre-registered for the event already you still have a chance to get free expo hall passes by following @SecureMac on Twitter and on Facebook. We will be announcing new products at the show so be sure to stay connected!

10.05.11
Steve Jobs, 1955 - 2011.

08.19.11
Mac OS X Lion (10.7) contains a security issue which can allow non-root users access to the password hashes as well as ability to change the password without authenticating the current password. Read more at "Defence in Depth" including full details, scenarios and temporary fixes.

09.30.11
SecureMac is celebrating the release of MacScan 2.9.1, the latest version of it's award-winning anti-malware privacy and security software for Mac OS X. The Download, Tweet and Win! Campaign allows Mac users the opportunity to download MacScan and audit their computer for security threats and privacy issues such as tracking cookies and tweet their results for a chance to win great prizes such as a MacBook Air, MacScan licenses and gift cards to favorite retailers.

The contest is now over. Thank you to everyone who participated!

Read full
Press Release

08.01.11
SecureMac has released MacScan 2.9 the latest in malware protection and security for Mac OS X offering full support for OS X 10.7 (Lion). MacScan 2.9 is available for purchase directly from the MacScan Site or within the application, users may evaluate MacScan for free for 30-days. Existing MacScan users can upgrade at no charge.

Read full Press Release

08.21.11
Apple has released Mac OS X 10.7 also known as Lion available through the Mac App Store as a download for $29.99 USD.

06.03.11
Trojan Horse Alert: SecureMac has identified a new version of the previously identified MAC Defender malware. The new variant, just like the previously identified "Mac Security," "Mac Protector," and "Mac Guard" versions, is an updated version of the original malware, rebranded as "Mac Shield."

Read the updated analysis and removal removal instructions

05.26.11
Trojan Horse Alert: SecureMac has identified a new version of the previously identified MAC Defender malware. The new variant, just like the previously identified "Mac Security" and "Mac Protector" versions, is an updated version of the original malware, rebranded as "Mac Guard."

Read the updated analysis and removal removal instructions

05.09.11
Trojan Horse Alert: SecureMac has discovered a new version of the previously identified MAC Defender malware. The new variant, just like the previous identified "Mac Security" version, is an updated version of the original malware, rebranded as "Mac Protector."

Read the updated analysis and removal removal instructions

05.04.11
Trojan Horse Alert: SecureMac has discovered a new version of the previously identified MAC Defender malware. The new variant is an updated version of the original malware, rebranded as "Mac Security." The new version did not change the main functionality of the code, but rather cleaned up the existing code and added small updates including the capability to send information about the infected system back to the authors of the malware, along with an updated user interface to reflect the name change.

Read the updated analysis and removal removal instructions

05.02.11
Trojan Horse Alert:A new privacy and security threat is targeting computers running Apple's Mac OS X disguised as an anti-virus program called MAC Defender. The rogue anti-virus program will "detect" nonexistent threats as being present on the user's system in an effort to persuade them to hand over their credit card information and purchase a "subscription" to the program.

Read the full analysis and removal removal instructions

04.03.11
SecureMac is pleased to announce MacScan 2.8, the latest version of its award-winning anti-spyware privacy and security software for Apple’s Mac OS X. This new version of MacScan enhances protection against the latest threats for Mac OS X, adding usability enhancements and bug fixes.

Visit the MacScan site

04.03.11
As predicted by the SecureMac team, the new version of BlackHole RAT 2 was officially released on a hacker message board this weekend, with some slight differences from the earlier version analyzed by SecureMac. The trojan horse, once installed, disguises itself as a Java Updater. In addition, the author is now referring to the trojan as Freeze RAT, but it contains much of the same code as BlackHole Rat 2.0a. The new version has a more complicated installation process that requires physical access to the computer, so SecureMac continues to rate this as a low threat.

Read more details about BlackHole RAT 2.0

03.31.11
The SecureMac team announced today that a new version of the BlackHole RAT 2.0 Trojan Horse for Mac OS X has been discovered. This new version should be not confused with an older variant from back in February already detected by SecureMac and other anti-malware software.

Read more details about BlackHole RAT 2.0

02.25.11
A new trojan horse is targeting Mac OS X, and SecureMac has identified multiple variants of the threat. The trojan horse labeled as BlackHoleRAT, created by a hacker calling himself Das_Virus, appears to originate from Germany. Although in early stages this trojan horse is actively being developed.

Read more details about BlackHole RAT

11.12.10
Apple has released Mac OS X 10.6.5 in the update includes many security concerns addressed. An outline of the security update 2010-007 can be found here http://support.apple.com/kb/HT4435. Users should install this latest update, access the Software Update from within the System Preferences.

11.10.10
Core Security has discovered a vulnerability in Mac OS X 10.5 which could be used by a remote attacker to execute arbitrary code by getting the user to download a PDF document containing a embedded malicious CFF font. The advisory shows a communication timeline with Apple as well.

Full advisory:
Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch

11.08.10
Review - Sophos Anti-Virus for Mac has been reviewed. Read our review on Sophos free anti-virus solution for Mac OS X and see how it compares. Read the Sophos Anti Virus for Mac Review.

11.04.10
Trojan Horse Alert: A new variant of the Boonana malware, first documented and named by SecureMac, has been discovered by ESET. The new variant, trojan.osx.boonana.b, behaves in a very similar manner to the original malware, and is currently being distributed on multiple sites. In addition to the website documented by ESET as currently distributing the malware, SecureMac has identified two more websites that are currently hosting the new malware variant. Rather than the initial site which tricks users into running (and installing) the malware, these servers seem to be hosting update code for the malware.
Read More

10.28.10
Visit the Boonana advisory page for more details about the Trojan horse trojan.osx.boonana.a including initial analysis and removal instructions or download Boonana Trojan Horse Removal Tool directly.

10.26.10
Trojan Horse Alert: SecureMac has discovered a new trojan horse in the wild that affects Mac OS X, including Snow Leopard (OS X 10.6), the latest version of OS X. The trojan horse, trojan.osx.boonana.a, is spreading through social networking sites, including Facebook, disguised as a video. The trojan is currently appearing as a link in messages on social networking sites with the subject "Is this you in this video?"
Read More

5.19.10 News
Apple has updated Java for Mac OS X 10.5 and 10.6 addressing several security issues. Users are advised to download the latest update via Software Update in System Preferences or download directly from the Apple Download page.

5.12.10 News
PGP Whole Disk Encryption (WDE) ensures your entire hard disk is encrypted and only accessible by you. Read the whole review of PGP Whole Disk Encryption for Mac OS X.

4.16.10 News
Trojan Horse Alert: Intego recently alerted users to the presence of a new variant of the HellRaiser Trojan Horse, which they identify as OSX/HellRTS.D. SecureMac has analyzed this new variant and it is detected in the latest MacScan spyware definitions update (Spyware Definitions Version 2010006) as HellRaiser Trojan Horse 4.2. MacScan has detected previous variants of this trojan horse since 2005.

HellRaiser is a trojan horse that allows complete control of a computer by a remote attacker, giving the attacker the ability to transfer files to and from the infected computer, pop up chat messages on the infected system, display pictures, speak messages, and even remotely restart or shut down the infected machine.

The attacker can search through the files on the infected computer, choosing exactly what they want to steal, view the contents of the clipboard, or even watch the user's actions on the infected computer.

In order to become infected, a user must run the server component of the trojan horse, which can be disguised as an innocent file. The attacker then uses the client component of the trojan horse to take control of the infected system.

Read more about HellRaiser Trojan Horse aka OSX/HellRTS.D

4.14.10 News
Mac OS X Security Update - Apple posts new security update (2010-003) for Leopard and Snow Leopard. Users may update via the Software Updates System Preferences or by accessing Apple's download site directly.

This security update addresses ATS (Apple Type Services) handling of embedded fonts. Accessing documents containing malicicously crafted embedded fonts may lead to arbitrary code execution. Charlie Miller is credited for discovery of this threat.

3.30.10 News
Apple has released Mac OS X 10.6.3, in this release it includes over a dozen security fixes. Users are advised to upgrade to the latest version of Mac OS X by accessing the Software Update in the System Preferences or by accessing Apple's download page directly. http://support.apple.com/downloads/

1.18.10 News
Mac OS X Security Update Mac OS X security update (2010-001) has been posted by Apple fixing several security issues including a Adobe Flash. Other security fixes include CoreAudio, cupsd printing scheduler, issues with DMGs,TIFFs, SSL and TSL. To update your system access the software update icon within the System Preferences and check for updates.

More information at Apple KB Article.

9.20.09 News
SecureMac is celebrating 10 years of success. This year marks the Macintosh security company's ten-year anniversary. Over the past decade, SecureMac has expanded its role as the premier source for Macintosh security news, released its award-winning anti-spyware and privacy program MacScan, and two free trojan removal tools for the most dangerous threats against OS X. SecureMac continues to lead the drive to educate users about the security threats for OS X, and looks forward to more years of continued success.

Read More

8.25.09 News
Snow Leopard has over 1000 new additions, one of which being reported is XProtect, Apple's step in the direction towards security. When the user launches an installer the file is checked for malicious software currently only iServices Trojan horse and DNSChanger Trojan horse and the user is prompted with a warning. This is limited in scope and misses the vast majority of malware for Mac OS X. Read more
the register.

8.23.09 News
MacScan anti-spyware and privacy for Mac OS X has released new spyware definitions to protect against the latest malware for Mac OS X. Definitions can be downloaded from within MacScan. Download 30 day demo of MacScan for free

6.26.2009 News
DNSChanger Trojan Horse (aka RSPlug Trojan) is running wild lately with multip|le variants surfacing rapidly and being distributed through more mainstream sites including gamer and technical download sites as well as pornographic and search engine optimized pages resulting in high rankings in search results.

Learn more about the symptoms of DNSChanger Trojan Horse infected computers or scan your computer for spyware with MacScan or remove DNSChanger Trojan Horse (RSPlug) with DNSChanger Trojan Horse Removal Tool for free.

6.17.2009 News:
Apple has released iPhone 3.0 OS now available for installation. Users who are able to upgrade their operating system for their iphones are suggested to do so as it addresses about 40 security issues. To download and install the latest version simply connect your iPhone to your computer and launch iTunes, from the iTunes' iPhone interface section for Version an Update option will be available.

6.15.2009 News
Today Apple released Java for Mac OS X 10.5 Update 4, which is an update that appears to correct the Java vulnerability reported by SecureMac last month. The update requires OS X 10.5.7 or higher. More information can be found at: http://support.apple.com/kb/HT3581.

6.12.2009 News
The trojan horse OSX/Jahlav-C recently reported in the news is in fact a variant of the already discovered DNSChanger Trojan Horse. Other variant and aliases include OSX.RSPlug, OSX/Puper and OSX/Jahlav.

This variant is already detected by SecureMac's Anti-Spyware product MacScan as well as the free DNSChanger Trojan Horse Removal Tool. Learn more information on avoiding DNSChanger Trojan Horse and removal tips.

6.10.2009 News
Apple has finally acknowledged that spyware and viruses are a threat for Mac OS X, as well as the latest operating system in the works, Snow Leopard. Snow Leopard will be adding new technology to help prevent against attacks such as sandboxing and anti-phishing features in Safari. This, however, is not a 100% solution to protect against malware.

Read More

6.9.2009 News
UPDATED
Security Alert: Safari prior to version 4 (released June 8th, 2009) may permit malicious web pages to steal files from the local system simply by accessing a web page without further interaction. This vulnerability is present in both Mac OS X and Windows Safari. The attack is accomplished by mounting an XXE attack against the parsing of the XSL XML.

Read More

5.19.2009 News
Today, Landon Fuller posted a proof-of-concept exploit for an unpatched vulnerability in the Java Runtime Environment currently in use by OS X. While this particular proof-of-concept is meant to be harmless, the vulnerability itself currently affects OS X, including OS X 10.5.7, the latest shipping version of OS X. This vulnerability could be exploited to perform "drive-by-downloads" commonly used as a means to infect computers with spyware, or any arbitrary command with the permissions of the executing user. All a user has to do is visit a web page hosting a malicious java applet to be exploited. Until Apple patches their implementation of Java, we recommend that users disable Java applets in their web browser.

Read More

05.18.2009 News
SecureMac has released MacScan 2.6.1, a update to the anti-spyware software for Mac OS X. Download the 30-day demo of MacScan 2.6., existing users may upgrade for free. Visit MacScan.

4.17.2009 News
iBotNet also known as the iServices Trojan Horse botnet first reported by SecureMac back in January has been activated. Users who have been infected are encouraged to download the iServices Trojan Horse Removal Tool, available for free at http://macscan.securemac.com/files/iServicesTrojanRemovalTool.dmg

Read more about the botnet at MacNN.

3.30.2009 News
Proof-of-concept exploit code has been posted online for six kernel vulnerabilities, five of which affect Mac OS X 10.5.6. Information Week Article

3.17.2009 News
A new variant of the DNSChanger Trojan Horse, DNSChanger 2.0e, has been discovered in the wild. The trojan horse arrives in a disk image (some samples are called serial_Avid.Xpress.Pro.5.7.2.dmg), and is again disguised as an installer for "MacCinema," just like the 2.0d variant. Once installed, the trojan horse behaves in a similar manner to past variants.

3.12.2009 News
A new variant of the DNSChanger Trojan Horse, DNSChanger 2.0d, has been discovered in the wild. The trojan horse arrives in a disk image called FlashPlayer.dmg, and is disguised as an installer for "MacCinema." Once installed, the trojan horse behaves in a similar manner to past variants.

1.27.2009 News
SecureMac has released iServices Trojan Removal Tool 1.1 (Formally known as iWorkServices Trojan Removal Tool 1.0) a free utility to assist with the removal of the OSX.Trojan.iServices.A and OSX.Trojan.iServices.B trojans distributed with pirated software.

1.26.2009 News
Pirated copies of Photoshop CS 4 has been reported by Intego to contain malware. On January 16th Photoshop CS 4 containing the malware was seeded to peer-2-peer servers. This trojan have been labeled as OSX.Trojan.iServices.B, the second variant of the trojan, the first discovered in iWork 09 pirated software. It is recommended not to download these files. Like its predecessor this variant obtains root privileges, and notifies the remote host of the infected computers location on the Internet.

1.23.2009 News
SecureMac has released a free tool to remove the iWorkServices Trojan Horse called iWorkServices Trojan Removal Tool. The trojan as reported by Intego (1/22/09) has been bundled with pirated copies of iWork 09. Read more below.

1.22.2009 News
Security Alert: A trojan is being distributed with pirated copies of Apple's iWorks 09.

Pirated copies of iWorks 09 are being distributed with a trojan bundled in the installer package. Intego has released a warning recommending that users should not download iWorks 09 from pirate software sites.

The malicious software is installed in the startup items folders ( /System/Library/StartupItems/iWorkServices ) where it has full root privilege rights. Once installed the trojan connects to a remote server notifying it of the infected computers location on the net awaiting further instruction including the ability of downloading additional components.

Users concerned of infection may use third party software from security vendors to remove the trojan horse.


New Mac Exploit to be detailed at Blackhat DC 09 security conference held in Washington DC in February. Vincenzo Lozzo's presentation ' Let Your Mach-O Fly' will demonstrate how it is possible to inject a binary into the machine without leaving traces on the hard disk. Read more at ars technica.

12.17.2008 News
It's been a year since the DNSChanger Trojan Horse was discovered in the wild. In the intervening months, it has grown to become the single most widespread piece of malware on OS X, with multiple variants actively affecting Macintosh computers world-wide. To promote safe web browsing, SecureMac has issued a bulletin on the DNSChanger Trojan Horse detailing common symptoms of infection, ways to check for and remove the Trojan, and a list of safe practices to use when surfing the web.

SecureMac has released an update to the free DNSChanger Trojan Horse Removal Tool (2.0) available for download here.

12.16.2008 News
Safari has tied for last place in the CIS report scoring the password security features in browsers. Details and score chart are displayed. This report will give better insight why it is not good to store passwords. Read more.

12.04.2008 News
SecureMac.com, Inc will be attending MacWorld San Francisco 2009 January 6th - 9th, 2009.

We will be demoing the latest version of MacScan as well as discussing macintosh security. Please stop by out booth this year in the expo hall, booth #202.

To receive a free Hall pass for MacWorld 2009, read more

12.03.2008 News
Intego has discovered a new variant of the DNSChanger Trojan horse which they have labeled as "OSX.RSPlug.E Trojan Horse". The details can be found here.

12.02.2008 News
Apple has officially acknowledged that Mac users should use anti-virus solutions in this technical note. As their market share continues to grow, so do the threats to the users.

Related Articles:
Washington Post: Apple: Mac Users Should Get Antivirus Software
The Tech Herald: Apple Encourages Anti-Virus Protection
CNet: Apple suggests Mac users install antivirus software
Apple Insider: Apple encourages Anti-Virus Software

9.10.2008 News
MacScan 2.6 the anti-spyware security privacy suite for the Macintosh has been released adding FireFox 3 support. This is a free upgrade to existing users and includes the latest definition updates.

8.3.2008 News
Apple's latest security update (2008-005) has addressed many security issues including the highly discussed Apple Remote Desktop Agent security hole. Install the latest security update by running Software Update.

7.14.2008 News
Sophos has released a whitepaper offering 10 steps to better protect your Mac from data theft. Some steps include setting firmware password, seperate keychain passwords, filevaulted home folders, securely empty trash, and setup secure virtual memory. Read the full white paper.

6.20.2008 News
Intego has posted an advisory titled OSX.Trojan.PokerStealer Trojan Horse to their website. The trojan horse is a script wrapped in an executable bundle. Once launched, the script will prompt the user for his password, and turn on SSH for outside attackers to gain access to the system.

6.19.2008 News
Security Alert: SecureMac has discovered multiple variants of a new Trojan horse in the wild that affects Mac OS X 10.4 and 10.5. AppleScript.THT Trojan Horse runs hidden on the system, and allows a malicious user complete remote access to the system, can transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging. Additionally, the AppleScript.THT Trojan horse can log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing. The Trojan horse exploits a recently discovered vulnerability with the Apple Remote Desktop Agent, which allows it to run as root. Read more.

6.18.2008 News
Security Alert: Mac OS X root escalation exploit code in the wild.
Read more.

1.09.2008 News
SecureMac has released a free utility called DNSChanger Removal Tool to remove the DNSChanger Trojan Horse, also known as OSX.RSPlug.A and OSX/Puper, which has been found on numerous pornographic websites disguising itself as a video codec. Once downloaded and installed, DNSChanger changes the DNS settings on the computer, redirecting websites entered by the user to malicious sites. If personal information is entered on these malicious websites, it can lead to identity theft.

If the DNSChanger trojan horse is detected, DNSChanger Removal Tool will give you the option to remove it. If the DNSChanger trojan horse is detected and removed, you will need to restart your computer to clear out the bad DNS entries added by the DNSChanger Trojan Horse. Download DNSTrojan Removal Tool. This detection and removal is also available in MacScan.

11.21.2007 News
Security Alert: Intego has released a security advisory entitled 'Mac OS X Leopard Quarantine Bug Allows Users to Launch Malicious Attachments in Mail' which they consider low but still a threat. They have proof of concept and details surrounding this vulnerability. Read more.

SecureMac has released MacScan 2.5.1 the premier anti-spyware security program for Mac OS X. Click to download MacScan.

10.31.2007 News
SecureMac's Anti-Spyware program for the Macintosh has been released. MacScan 2.5 adds Leopard (Mac OS X 10.5) support as well as the ability to schedule scans. Now you can have MacScan audit your system while you are sleeping or in your idle time. To download your thirty day trial of MacScan or upgrade your existing version please visit the MacScan Homepage.

7.16.2007 News
Adobe Flash exploit could log keystrokes according to three critical security updates released. Adobe Flash Players 9.0.45.0, 8.0.34.0 and 7.0.69.9 as well as earlier version running on ALL platforms are vulnerable and can be exploited by loading a malicious SWF file under these players.

5.30.2007 News
Apple has released their security update (2007-005) this month with another security update specifically for QuickTime following only a few days after. The QuickTime security issue detailed on Apples site describes the execution as "...enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution."

For those who do not have their computers set to check for updates on a regular basis should do so, and those who have it set to less frequently may consider having it check for updates more often.

4.25.2007 News
MacScan 2.4, the anti-spyware program for Mac OS X has been released. MacScan detects, isolates and removes spyware, detects blacklisted cookies and cleans up Internet clutter. The new version includes updated definition files, extended trial period to thirty days, Internet Cleaning Preference Saving as well as bug fixes. Localized in English and Korean with additional languages to follow.

4.21.2007 News
MacBook has been successfully hacked during a hack contest at CanSecWest security conference. The MacBook was fully patched with the latest security patches supplied by Apple. The hack came through a Malicious web page that exploited a flaw in Safari. Read More

3.21.2007 News
ComputerWorld writes a story about MySpace users getting hacked via a QuickTime security issue affecting both Mac and PC users infecting the computer with a Trojan Horse mining personal data and passwords. Apple stated this has already been addressed in the March 5th security update. However many users have still not done the update falling suseptable to the hack. [Read More]

03.15.2007 News
Mac OS X 10.4.9 has been released offering fixes for 30 security flaws. Updating can be accomplished by accessing the Update Control in your System Preferences or by visiting Apple's webiste.

02.20.2007 News
The BBC has a news story titled - Mac users 'still lax on security' and is worth the read.

01.19.2007 News
MacScan (a SecureMac product) 2.3 has been released with key new features. Such as the blacklisted cookie scanner. This feature maintains a list of known tracking cookies, and when run, removes them from web browsers in which they are found. No more loosing saved usernames or passwords when cleaning cookies. The cookie blacklist definitions, like the spyware definitions, come in easy to download updates. Version 2.3 also adds file cleaning support for additional browsers. Download your 15-day free trial of MacScan 2.3.

Month of Apple bugs January 17, 2007 Apple SLP Daemon Service Registration Buffer Overflow Vulnerability
January 16, 2007 Multiple Colloquy IRC Format String Vulnerabilities
January 15, 2007 Multiple Mac OS X Local Privilege Escalation Vulnerabilities
January 14, 2007 AppleTalk ATPsndrsp() Heap Buffer Overflow Vulnerability
January 13, 2007 Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability
January 12, 2007 Apple DMG UFS ufs_lookup() Denial of Service Vulnerability
January 11, 2007 Apple DMG UFS byte_swap_sbin() Integer Overflow Vulnerability
January 10, 2007 Apple DMG UFS ffs_mountfs() Integer Overflow Vulnerability
January 9, 2007 Apple Finder DMG Volume Name Memory Corruption
January 8, 2007 Application Enhancer (APE) Local Privilege Escalation
January 7, 2007 OmniWeb Javascript alert() Format String Vulnerability
January 6, 2007 Multiple Vendor PDF Document Catalog Handling Vulnerability
January 5, 2007 Apple DiskManagement BOM Local Privilege Escalation Vulnerability
January 4, 2007 -
iLife iPhoto Photocast XML title Format String Vulnerability
January 3, 2007 -
Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability
January 2, 2007 -
VLC Media Player udp:// Format String Vulnerability
January 1, 2007 -
Apple Quicktime rtsp URL Handler Stack-based Buffer Overflow.

12.19.2006 News
Apple Security Update 2006-008 has been released today fixing a security issue in Quicktime for Java and Quartz composer. The update is available now via Software Update and the link provided. This fix fixes a issue that could allow malicious websites to access private information without the users consent.

12.05.2006 News
Microsoft has posted an advisory warning users to a 'zero-day' security vulnerability in its popular product Microsoft Word. The Vulnerability in Microsoft Word Could Allow Remote Code Execution. In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker. [Microsoft Security Bulletin]

11.21.2006 News
Mac OS X Apple UDIF Disk Image Kernel Memory Corruption is an advisory and proof of concept exploit that demonstrates a bug in Mac OS X com.apple.AppleDiskImageController. The controller fails to properly handle currupted DMG images leading to an exploitable memory curruption condition with potential kernel-mode arbitrary code execution by unprivileged users.

11.11.2006 News
Intego VirusBarrier X4 Definition Bypass Exploit covers an issue discovered by Kevin Finisterre that would render the anti-virus software incapable of detecting viruses. This could lead an attacker to an attacker compromising the computer further. Intego has been advised and have provided a fix.

10.25.2006 News
The Openbase application included with Apple Xcode has been proven prone to multiple privilege escalating issues discovered by Kevin Finisterre. It was discovered that a local attacker can exploit the issue to gain superuser privileges. The issue affects Apple Xcode 2.2 and earlier. Read full report.

10.17.2006 News
Virus Infected iPods - Apple announced that a small number of iPods shipped with Windows Virus on them. Those Video iPods available for purchase after September 12th 2006 contained the windows virus RavMonE.exe. Users who connect these infected iPods to their Windows computers (including Bootcamp) should run antivirus software and wipe the iPod restoring the software.

10.04.2006 News
Mac OS X Exploit In The Wild has been reported by CNET. The article states a researcher at Matasano Security has found a hole that could exploit a weekness in Mac OS X to allow limited privileges to gain full access. Update to Mac OS X 10.4.8 to fix the security issue discussed.

9.18.2006 News
Multiple Firefox Vulnerabilities have been reported including man-in-the-middle, spoofing and cross-site scripting attacks and holes potentially compromising the users computer. [Read More]

8.02.2006 News
MacScan 2.2 spyware protection for Mac OS X has been released and is available for download as a free upgrade. This version improves scanning of spyware, definition updates, improved stability and support for 10.2.

Washington Post has an article titled 'Hijacking a Macbook in 60 Seconds or Less' going over a demonstration given at Blackhat Security conference in Las Vegas by Johnny Cache and David Maynor.

8.01.2006 News
Apple Security Update 2006-004 has been released. To update Mac OS X go to the System Update Controls in the System Preferences and check for updates. Update includes fixes for AFP Server, Bluetooth, Bom, DHCP, dyld, fetchmail, gunzip, Image RAW, ImageIO, LaunchServices, OpenSSH, telnet, WebKit, and AppKit.

Kaspersky Lab has written an article titled Malware Evolution: Mac OS X Vulnerabilities 2005-2006.

5.24.2006 News
Xcode 2.3 has been released due to a xcode security advisory (apple APPLE-SA-2006-05-23). The impact of the security issue would allow remote attackers to obtain or modify WebObjects projecs while Xcode is running. Security Focus Advisory.

4.19.2006 News
Symantec's LiveUpdate for Macintosh does not set execution path environments allowing non-privledged users to change the path opening up potential to trojan horse attacks. Symantec has released a LiveUpdate Vulnerability Report with patch and information for the issue.

4.18.2006 News
SecureMac is pleased to announce the release ofMacScan 2.1, a major update to its anti-spyware program. MacScan 2.1 has been totally revamped and is now a Universal Application, which will run natively on both Intel and PowerPC-based Macintosh Computers.

2.27.2006 News
Recent security articles of interest are as follows.
Spreading Security Awareness for OS X. And Cyberthieves silently copy keystrokes. With the recent worms for OS X security issues for the OS will be focused on in the news. Submit all news and information to macsec@securemac.com

2.16.2006 News
Mac OS X Virus Alert - Sophos Anti Virus has found the first 'real virus' for Mac OS X known as OSX/Leap-A or OSX/Oompa-A. The OSX/Leap worm or trojan is spread via instant messenger forwarding itself as a file named 'latestpics.tgz'. When launched the worm attempts to spread via iChat sending itself to the users buddy list. The application will also try to infect the recently used applications.

1.30.2006 News
Apple QuickTime/iTunes QuickTime.QTS Heap Overflow was addressed by Apple, this issue could allow for malicious code to be executed when processing a malformed .MOV (movie) file. Apple has released updated QuickTime and iTunes. Advisory with example code.

12.19.2005 News
MacScan 2.0 for Mac OS X has been released. MacScan will find, isolate, and remove spyware, keystroke loggers, and trojan horses as well as detect whether remote administration applications have been installed on a computer. By scanning files received as e-mail attachments or downloaded from the web, MacScan can proactively protect computers from inadvertently accepting new spyware. MacScan's spyware definitions are constantly being updated, letting users keep pace with the hackers.

11.30.2005 News
Apple has released Security Update 2005-009 that covers issues dealing with CoreFoundation where a maliciously-craftered URL may result in execution of arbitrary code. Also included in update: curl, iodbcadmintool, apache 2, apache_mod_ssl, openssl, passwordserver, safari, sudo, and syslog.

11.8.2005 News
Macromedia posted a Flash Player 7 security advisory. The advisory discusses that a vulnerability has been identified that could allow the execution of arbitrary code. Macromedia Flash Player 8 has been released but not for Macintosh operating systems, for security updates Macintosh users should refer to the update technote.

MacScan 2.0b3 has been released for beta testing, this product detects, isolates and removes spyware and cleans up Internet history and cookies. The beta has been tested on 10.2.4, this is a time expiring beta.

9.22.2005 News
Apple Security Update is available for Mac OS X 10.4.2 Client/Server and Mac OS X 10.3.9 Client/Server. To download go to your System Preference's software update control panel and check for new updates.

6.29.2005 News
Proxify Dashboard Widget allows you to safe securely through the Proxify network allowing for stripping of advertisements and protection of the user while surfing. Some other features include surfing in text only, remove cookies, remove scripts, hide referal information and other encoding options.

6.8.2005 News
New security update is available for Mac OS X downloadable from the Software Update system preference panel.

6.2.2005 News
QuickTime 7.0 contains a security bug where a maliciously crafted Quartz Composer object can leak data to an arbitrary web location. Apple has released QuickTime 7.0.1 which addresses this issue, users sould upgrade.

With the release of Mac OS X 10.4, the version of FileVault included addresses an issue discussed in this FileVault advisory. Mac OS X 10.4 allows the user to securely delete the data, however the issue still remains 10.3.9.

5.26.2005 News
Clam Anti-Virus (ClamAV Mac OS X) is affected by a command execution vulnerability as described within the advisory. Details within the advisory claim that when a suspected infected file is handled by the program and is not able to be removed ClamAV may attempt to copy it to another location utilizing the 'ditto' utility in Mac OS X. The ditto utility is called in an insecure manner allowing the attacker to include arbitrary commands in the file name that will would be executed in within ClamAV. The most recent version of ClamXAV is 0.85.1 and is not vulnerable, be certain you are running the latest version of this product.

5.25.2005 News
Apple's Keynote, a slideshow/presentation application has been updated due to a security issue discovered. Keynote 2.0.2 fixes an issue discovered by David Remahl that could allow malicious Keynote presentations to take advantage of the uncoducmented URI handler keynote://, automatic disk image mounting, and WebKit's abilities to manipulate the system when Keynote 2 (prior to 2.0.2) is installed. Users of Keynote 2 should download the latest version of Keynote available within Software Update. CVE-ID: CAN-2005-1408

4.15.2005 News
Apple has just released a system update, a few days prior to the release of Tiger (10.4) that fixes many issues and also states better overall performance out of the operating system. In this update Safari has a few bug fixes included not automatically opening 'safe downloads' after opening and also addition of important Verisign root certificates that allow for secure SSL connections over the web. Updates to the system are available for Mac OS X Client and also Mac OS X server. Full 10.3.9 package changes and download.

2.12.2005 News
Macintosh computers for the longest time have allowed for users while in front of the console to boot from another device by connecting it and holding down key(s) during startup bypassing all security. There are a few ways to gain access to Mac OS X from physical access status. Users are reporting that you can boot from a Firewire Drive and gain access to the computer, this is indeed true and has been. The solution for this is to enable open firmware password protection which allows for extra added security to exist and also keeping the computer locked in a secure location.

5.21.2004 News
Advisory Update Apple has released a security update to address the URI issue with the web browser. The Apple security update can be obtained through Mac OS X Software Update panel.

Mac OS X URI handler allows for arbitrary code execution. In this advisory it details the seriousness of this apple security issue and how the URI Helpers can be abused to run arbitrary maliciously. It has been reported while using IE and Safari while surfing malicious websites code may execute the browsers helper handler to run arbitrary code.

4.9.2004 News
A Mac OS X proof of concept trojan has been found showing the potential of trojans in Mac OS X. The proof of concept did not harm anything it was dubbed MP3Concept or MP3Virus.gen and added into the anti-virus definitions for future protection of this style. This trojan contains the file extension of .mp3 although it is not, the icon itself is hardcoded into the trojan and not picked up based on file creator associations. The file itself is a Carbon (CFM) application with the file type of APPL. iTunes should not be able to execute a trojan or virus, and this file would only be able to run if double clicked on to execute it. It does have potential for manipulation to cause harm but at its current state did not, it was a benign trojan proof of concept code.

Many news media sources are reporting this finding to be destructive as if it were a trojan or virus to cause harm. Again it was proof of concept showing the ability allowing the anti-virus companies to have a heads up and protect against future manipulations of the code.

12.19.2003 News
Apple released Security Update 2003-12-19 described to offer numerious security updates such as fixes for directory services, fetchmail, fs_usage,rsync, system root via usb keyboard, file server, and a few buffer overflow issues.

12.17.2003 News
Apple released 10.3.2 accessable via the software update pane in Mac OS X. The update includes enhancements for FileVault and increased security for the system.

11.26.2003 News
Security Advisory William Carrel's Security Advisory is SERIOUS. Mac OS X is vulnerable to Malicious DHCP responses granting root access to remote users. Full security advisory can be found here: http://www.carrel.org/dhcp-vuln.html

11.10.2003 News
Security Advisory FileVault in Mac OS X 10.3 (Panther) does not securely delete the files it encrypts that can be restored with file recovery software. FileVault Security Advisory - Secure Delete after Encryption.

10.31.2003 News
Security Advisory: Mac OS X 10.2.7 and prior along with a USB Keyboard contain a security vulnerability that allows a user to gain root access to the computer by holding down a two key combination during startup that only. Read about root access via USB Keyboard on Mac OS X.

10.28.2003 News
Panther Security Advisory: Mac OS X Panther (10.3) contains a security vulnerability; With access to the keyboard, an unauthorized user can access the currently active screen-locked user environment. Security Advisory - Read full

10.24.2003 News
Mac OS X 10.3 (A.k.a. Panther) has been released. This new version contains many new security features, fixes and all around new applications for the Mac OS X users. Amoungst the new features is the file security utility FileVault, review to come shortly.

9.17.2003 News
New SSH Exploit (detailed here) affects Mac OS X granting the attacker access to the computer as root. This security issue is vulnerable in OpenSSH version prior to 3.7, and Mac OS X is currently only at OpenSSH 3.4. To protect yourself from being vulnerable to this security risk disable SSH access to your computer by accessing your Sharing Control Pane and make sure that Remote Login is disable. Or setup your firewall to restrict access to the SSH port to only allow trusted connections. We will update this issue when Apple releases a security update.

7.07.2003 News
A security vulnerability in Mac OS X's password protected screensaver has been discovered allowing a user with physical access to bypass the screensaver's authentication scheme without supplying a valid password.

6.18.2003 News
IPNetSentryX released by Sustainable Softworks. IPNetSentryX offers basic protection without erecting barriers for the safe use of your Internet connection, this is the Mac OS X version of IPNetSentry. Download and product information available.

5.13.2003 News
Keep your Apple AirPort Administrator Password Safe. An advisory has been released detailing an issue how an anonymous attacker can sniff and obtain the Administrator's password when the administrator logs into the AirPort Base Station to manage while connecting to it via a network or non-WEP enabled wireless connection based on the units method of password authentication. Secure connectivity can be obtained by connecting a computer directly to the computer via a cross-over cable. Full details about the authentication credentials involved with the AirPort can be read in the @Stake advisory - CAN-2003-0270

5.07.2003 News
Mac OS X 10.2.6 is available - Update.

4.10.2003 News
Security Update!Mac OS X 10.2.5 has been made available for update! This version fixes a security issue in Apache 2.0 (CAN-2003-0132), File Sharing/Service (CAN-2003-0198), DirectoryService (@STAKE), OpenSSL (CAN-2003-0131), Samba (CAN-2003-0201), and sendmail (CAN-2003-0161). Details as follows:

Directory Services - Mac OS X and Mac OS X Server contains a security hole in DirectoryServices which allows for escalation of privledges and denial of service attack which is fixed with the 10.2.5 update. DirectoryServices is part of the operating systems information services subsystem, and is launched at being setuid as root by default. Credit for this find goes to Dave G. as noted by Apple's security advisory.

OpenSSL - The new version fixes OpenSSL so it is not suspectable to the known Klima-Pokorny-Rosa attack.

sendmail - contained a issue where it did not adequately check the length of email addresses in the address parsing code.

Apache 2.0 - Fixed a known denial of service vulnerability in Apache 2.0 - 2.0.44, the apache 2.0 service is only present in the Mac OS X server.

4.1.2003 News
PGP Corporation has released PGP 8.0.2 for Mac OS X. This is a free update to all the users of PGP 8.0. PGP Enterprise 8.0.2 for Mac OS X introduces PGP Admin for Mac OS X. 8.0.2 also adds OpenPGP security improvements and a new user interface for signature verification.

3.24.2003 News
Apple has released Security Update 2002-03-24 which is downloadable via Software Update in Mac OS X. This update addresses a few security issues which are vulnerable including Samba's vulnerability of allowing the possibility for an unauthorized remote user to access the system. OpenSSL security fixes are also included in this update, a issue lays within OpenSSL where the RSA private key could be compromised when communicating over certain protocols.

3.04.2003 News
A security vulnerability in SENDMAIL included in Mac OS X has been fixed and addressed in Apple's Software Update. Please update your Mac OS X immediately. ISS warning discusses the issue.

3.03.2003 News
MacScan Public Beta 3 has been released. MacScan runs on both Mac OS Classic and Mac OS X to detect, isolate, and remove spyware. This new version includes bug fixes, new spyware detection and also full administrative scan for Mac OS X and Mac OS X Spyware.

2.14.2003 News
Apple has released Mac OS X 10.2.4 which addresses a security issue discovered by @Stake known as the TruBlueEnvironment Privilege Escalation Attack. Clicking the link will take you to a page with information on the subject and the advisory. The security issue exists in Mac OS X system prior to 10.2.4 and allows for local users to gain root privledges.

1.31.2003 News
Mac OS X Screen Effects' password protection contains a security flaw which allows for a user with physical access to the keyboard to be able to quit or launch programs while being prompted to enter the password. When full Keyboard access is turned on (toggled on/off by pressing shift+f1) the doc can be accessed 'blindly' although you can not see it, the doc is still functioning.

1.25.2003 News
LittleSecrets allows Macintosh (X) users to store their 'little secrets' in a encrypted format using 448 bit cipher block chaining blowfish algorithm. The application may also optionally interface with your Keychain. Read the Review, See Screenshots and Download Now.

12.20.2002 News
Apple has released Mac OS X 10.2.3 which adds security fixes to the operating system as well as more support and bug fixes. Below outlines the security updates details.

fetchmail updated to version 6.1.2+IMAP-GSS+SSL+INET6
CAN-2002-1383: Multiple Integer Overflows
CAN-2002-1366: /etc/cups/certs/ Race Condition
CAN-2002-1367: Adding Printers with UDP Packets
CAN-2002-1368: Negative Length Memcpy() Calls
CAN-2002-1384: Integer Overflows in pdftops Filter and Xpdf
CAN-2002-1369: Unsafe Strncat Function Call in jobs.c
CAN-2002-1370: Root Certificate Design Flaw
CAN-2002-1371: Zero Width Images in filters/image-gif.c
CAN-2002-1372: File Descriptor Resource Leaks

Apple Software Updates are performed by accessing the Software Update pane located in the system preferences.

12.17.2002 News
Updated MacScan detects, isolates and removes spyware from your Macintosh. SecureMac.com's MacScan is available for immediate download for Mac OS Classic (PPC/68k FAT) and MAC OS X. Visit the link above to learn more about and download MacScan b2. [PRESS RELEASE]


. 12.03.2002 News
PGP 8.0 Desktop and Enterprise is now available. The new version of PGP 8.0 contains full support for Apple's Mac OS X 10.2. In this version a new user interface has been integrated, plug-in for Apple Mail supporting PGP/MIME, and Entourage integration. You will also notice dock and service integration added.

The PGP Disk format is compatible between Mac OS X and Windows. The PGP 8.0 Freeware is also available at PGPs site. Download, Purchase and get more Information on PGP 8.0 for the Macintosh.

12.02.2002 News
SecureMac.com is looking for experts to write reviews for security programs they know inside and out that we don't have reviewed on our site already. Please contact macsec@securemac.com ASAP.

11.21.2002 News
Mac OS X 10.2.2 is available for download, go to the Software Update Panel and proceed to update. The fix includes a few security related issues as well as many bugs in the system.

The security update addresses, 11-21-2002 fixes a security issue related to BIND (Domain Server and Client Library Software) where a unauthorized person disrupt the normal operation.

11.13.2002 News
FWB Privacy Toolkit Volume 1 was released today giving Mac OS 9 and Mac OS X users the ability to encrypt files on their hard disk, folders, and also securely delete files by overwriting the data making it so the data is less likely to be recovered. Visit their site today and see the demonstration, screenshots and technical details or download the Free Trial version.

SecureMac.com News
I'd like to welcome everyone back to SecureMac.com, we've added a new face to the site and are cleaning up many of the articles. Major updates will be seen throughout the site because of you - the readers - feedback and suggestions. Please let us know how you enjoy the new layout and if you find any bugs or issues viewing it on your web browsers.

SecureMac.com has many new features and great news to roll out including a Macintosh security software title for Mac OS 9(+earlier) and Mac OS X alike can enjoy.

10.11.2002 News
PGP 8.0 Beta for Mac OS X has been released. This is something Mac OS X users have been waiting for. PGP is encryption software which is supported for cross-platform use. Note that this is a beta of the software and to be cautious.

9.23.2002 News
Mac OS X 10.2 Security Update - "Terminal This update fixes a security hole introduced in Terminal version 1.3 (v81) that shipped with Mac OS X 10.2 (Jaguar) which could allow an attacker to remotely execute arbitrary commands on the user's system. Terminal is updated to version 1.3.1 (v82) with this Security Update." Updates can be downloaded from the Software Update Pane, Apple's Security update page can be found here

8.19.2002 News
PGP Corporation announces Mac OS X PGP to be released Q4 of 2002. They purchased the software from Network Associates. Good things ahead for the company and PGP product..

8.16.2002 News
The Secure Trusted Operating System Consortium ( STOS ) is pleased to announce the 1st annual Mac OS X & BSD Security Symposium. The symposium is designed for system and lab administrators, programmers, developers, strategists, and other technical staff involved in the deployment and securing of systems. Past STOS events have been the central networking events for the Mac OS X/Darwin security community. The Mac OS X & BSD Security Symposium follows the previous STOS events by providing an environment that promotes the sharing of ideas and techniques with a shared goal of maximizing the security of the involved systems. The addition of Robert Watson's TrustedBSD tutorial and several new papers on various aspects of BSD based operating, brings even more value to this event. Click the link for information, content, and registration information. There is no other event with the same depth of Mac OS X and BSD security subject matter as the Mac OS X and BSD Security Symposium.

8.8.2002 News
Security Update 2002-08-02 is out and includes the following updated programs offering increased security protecting from recent attacks and holes discovered that effected the components; OpenSSH, OpenSSL, SunRPC, mod_ssl. Download via Apple's OS X Software Update Panel or download from Apple's Web Site

7.16.2002 News
Fixed! A security issue dubbed as Mac OS X SoftwareUpdate Security Issue describes how a user could have the SoftwareUpdate Pane install files from an untrusted server by poisoning the DNS in tricking the computer to believe that another IP is Apple's host and install malicious software has been fixed by apple, performing a software update will resolve the issues or visit the depot site.

6.28.2002 News
Mac OS X users should now perform a system update to install the latest security fixes resolving the issues described below which allowed remote users to attack the system.

6.26.2002 News
Security Alert //fixed! Mac OS X systems with 'allow remote login' enabled in the sharing pane of the system preferences should be disabled until a new release of OpenSSH has been made available from Apple in the security updates.View advisory now a new version of the software is out but not available through the Apple Software Updates. This has been fixed - Update Software in Pane

6.19.2002 News
Security Advisory Cisco VPN Client for Linux, Solaris and Mac OS X contains a security vulnerability, when the exploit is executed the vpnclient grants administrative rights to the local user. More information and fix, update and advisory for the mac os x cisco client.

6.13.2002 News
Version 1.2 of SubRosa Utilities has been released and can be downloaded directly here This is the cross compatible encryption/decryption utility workable on Mac OS, Mac OS X and Windows OS. When you delete files use their secure deletion utility

5.30.2002 News
SubRosa Utilities is the newest cross platform security encryption package for Mac OS, Mac OS X and Windows 98. SubRosa Utilities is a suite of security programs to ensuring your data stays secure. The package comes with a file encryption and decryption application, and a File Shredding program to ensure when you say your files are deleted they are securely deleted making it hard to impossible for recovery. Check out SubRosa Utilities today, and download right away.

5.13.2002 News
Microsoft Office 98 running on Mac OS 8.1+ is vulnerable to a exploit that allows malicious code to be run. Microsoft has released a patch that fixes all the Office 98 applications (Excel 98, Office 98, PowerPoint 98, and Word 98) more information can be found on their bulletin Off98URLSecurity.

5.6.2002 News
Apple has announced today that they will be dropping Mac OS 9 development saying it isnt dead for the customers just for development. Steve Jobs said it was time to drop Mac OS 9 at the WWDC today. What does this mean for developers, Mac OS 9 is still more of a secure OS than Mac OS X is. The session advised developers to develop for Mac OS X rather than OS 9. Government agencies still wont use Mac OS X in their environment because of the issues still within it. Mac OS 9 - We hope developers still do their development on it to create a even more secure environment and Apple works on updating and making Mac OS X secure as its previous systems. WWDC up to the minute coverage

4.18.2002 News
On Guard 3.4 offers security improvements to the desktop security software. Apple's Navigation Services and restricting the users ability to store files in protected folders have been added in this version. For update information, download links and a review of On Guard Read more

4.17.2002 News
Mac OS X Update 10.1.4 is now available and includes the following security enhancement for your system:
* BSD-based TCP/IP connections now check and block broadcast or multicast IP destination addresses

The Software Update pane in System Preferences will update the system software with these security fixes and additional updates

4.16.2002 News
Alert! Unchecked Buffer in Internet Explorer and Office for Mac Can Cause Code to Execute code. Anyone running Internet Explorer and Office for the Macintosh should read the information here.

Intego has released an update to their content filtering software - ContentBarrier which can be downloaded from the Intego Software Update page.

4.11.2002 News
Firewalk X 2 is a GUI based firewall for Mac OS X. The new version includes setting of rules with expiration, and network restriction based on application. Download Firewalk X 2

LockOut 4.1 for OS 8, 9 and LockOut 3.3 for OS X is a desktop protection application by password. New in 4+ version is the Administration controls - Take a peak @ LockOut

4.05.2002 News
Mac OS X Security update is available for download. To do so open up the Software update in the System Panel and perform the security update or download for Apples web site. This update fixes/upgrades/installs the following:

Apache Mod_SSL - updated to version 2.8.7-1.3.23 to address a buffer overflow vulnerability which could potentially be used to run arbitrary code in conjuction Apache is updated to version 1.3.23.

groff updated version 1.17.2 to address the vulnerability CVE ID: CAN-2002-0003, where an attacker could gain rights as the 'lp' user remotely.

mail_cmds is updated to fix a vulnerability where users could be added to the mail group

OpenSSH - updated to version 3.1p1 to address the vulnerability reported in FreeBSD Security Advisory FreeBSD-SA-02:13, where an attacker could influence the contents of the memory.

PHP - updated to version 4.1.2 to address the vulnerability reported in CERT CA-2002-05, which could allow an intruder to execute arbitrary code with the privileges of the web server.

rsync - updated to version 2.5.2 addresses a vulnerability which could lead to corruption of the stack and possibly to execution of arbitrary code as the root user. FreeBSD Security Advisory FreeBSD-SA-02:10

sudo - updated to version 1.6.5p2 to address the vulnerability reported in FreeBSD Security Advisory FreeBSD-SA-02:06, where a local user may obtain superuser privileges.

4.01.2002 News
Protect Your Mac from Hackers and Viruses is a article which informs Macintosh users about security and details the importances of data recovery and loss prevention. Read this article now

3.08.2002 News
Mac OS X users running Apache with PHP installed be aware there is a security issue in PHP versions prior to 4.1.2. OpenOSX.com has prepared a 4.1.2 install of PHP for Mac OS X which corrects the security issue..

2.22.2002 News
TypeRecorder released version 1.5 of their keystroke saving application which runs under Mac OS 9+ adding new features to the program.

2.20.2002 News
Mac OS X 10.1.3 has been released you can update with the built in "Software Update" feature. Networking and Security Improvements include:

Login authentication support for LDAP and Active Directory services
OpenSSH version 3.0.2p1
WebDAV support for Digest authentication
Mail includes support for SSL encryption
2.18.2002 News
MacAnalysis 2.0b9 for classic and 2.1.4 for OS X has been released. This update for the security auditing tools adds new functionality supporting the airport, adding new exploits to the security sweep, auto updating and content filtering. MacAnalysis is available for Mac OS and Mac OS X

2.13.2002 News
Ettercap 0.6.4 just released and tested with Darwin. Ettercap will sniff, intercept, and log data on LAN networks, used by system administrators to find problematic situations.

2.07.2002 News
IPNetSentry 1.3.3 for the PPC has been released fixing a few bugs in this Firewall software, not protected yet from the outside world? Give IPNetSentry a try - It's shareware, free download get more info

2.04.2002 News
February 2002 virus definitions have been released. Update your anti-virus software to protect you from the latest viruses, trojans and macros. Find the links to download the newest definitions from the left hand side of the web page.

MacAnalysis 2.1.3 X the security auditing suite for Mac OS X has been released, this version fixing a bug many users were running into and adds more improvements. Download MacAnalysis X or the classic version here

Previous Macintosh Security News :
October 2001 - December 2001,March 2001 - Sept 2001 and Early 2001 Macintosh Security News Here


Knowing security is important. Most people are blinded by the word 'security + mac' your current security program probably is not secure the way it should be for your office, school, internet, or even home. I hope you learn more from this site then you have ever known about macintosh security. We will constantly update it with the most current programs, news and downloads. If you are a programmer for the mac, please contact us, we are looking to make a program. email SecureMac for more information

Email us with anything we are missing. Want your application listed ? Want to exploit another program. Are we missing anything! Come on send it in. Make this THE Mac security Site!


Commercial Macintosh Security Website
listed on Freaks Mac Archives, macsurfer.com, macobserver.com , resexcellence.com, maccentric.com, mac virus, applelinks.com, WOZ


Security + OS
DiskLock
PowerBook Security Control Panel
Empower Pro
FileGuard
FreeGuard
FoolProof
Deus Lock Master
OnGuard
Keys Off
LockOut
MacOS Algorithm
Modem Security
Password Key
PGPuam
PPF
Shift Key Suite
Stealth Signal
SuperLock Lite
SuperLock Pro
Web-Confidential


Macintosh Viruses
Disinfectant
Sophos Anti-Virus
Norton AntiVirus
Nav 7 Nav 6 Nav X
Virex - Oct
VirusBarrier - Netupdate
vScan - Discontinued.

Mac Physical Security


Macintosh Firewalls
DoorStop Firewall
Firewall Q & A
IPNetSentry
NetBarrier
Norton Personal Firewall

Mac Spyware & Privacy
Monitorer
NetShred - Delete Files Safely

Network Security
MacAnalysis
Oyabun Tools
WDTech RAE
ToolDaemon

Application Security Issues
AIM - AOL Instant Messenger
Back Orifice
Eudora E-Mail Client
Internet Configure
IE 5.1, OE 5.1, Powerpoint, Excel Vulnerability
MS Personal webServer
NetBus
Outlook Express 4.5 Password Flaw
SubSeven
Sub7ME Server

Resource Info
AppleShare Server Info

Mac OS Encryption
EnScript
FGP
FileTwister
ForgotIt?
GenPass
MacLockSmith
My-Privacy
My Secret
PGPi
PGPhone
PGP Personal
PGP Freeware
PowerCrypt-dev
Private File
Quick Encrypt
SubRosa Utilities
Tresor

Deleting Files
Eraser Pro
ShredIt

Backups

Apple Hardware

MacOS DoS
Mac Attack


All material (c) 2014 SecureMac.com and respected owners