We just added the following news to our Site:
Update: MacKeeper has issued version 3.4.1 of their app and release notes addressing this advisory. Read more at MacKeeper Security Advisory
A vulnerability has been discovered in MacKeeper, a utility program for OS X. MacKeeper was originally created by Ukrainian company ZeoBIT and is now distributed by Kromtech Alliance Corp. A flaw exists in MacKeeper's URL handler implementation that allows arbitrary remote code execution when a user visits a specially crafted webpage. Learn More.
With May 3rd-9th heralding 2015’s Privacy Awareness Week, leading Macintosh security software developer, SecureMac, is contributing privacy advice and product discounts to help raise awareness at a time when privacy is more important than ever. Learn More
Apple has released Mac O X 10.10.2, fixing a handful of issues including the Thunderstrike security vulnerability along with many others. This update is available for immediate download.
SecureMac has released a new version of their award winning PrivacyScan app, adding full privacy features and support for Apple’s new operating system Yosemite. It is available for download immediately from the Mac App Store and has a demo available at http://privacyscan.securemac.com. Read More.
To bring awareness to Cybersecurity Awareness Month SecureMac has prepared 5 Easy Tips to help stay protected and increase your privacy. Cybersecurity Awareness Month 5 Security Tips for Mac OS X.
SecureMac has released a new version of their privacy app, PrivacyScan 1.6. The latest version of the personal privacy application is designed specifically for Mac OS X, adding features to securely wipe digital footprints left after using the computer and accessing the Internet. In this latest release, PrivacyScan adds improved compatibility with future versions of Mac OS X and also adds additional Firefox web browser support and fixes. Download PrivacyScan 1.6 | Learn more.
Apple has released Mac OS X Mavericks 10.9.2 and Security Update 2014-001 addressing multiple vulnerabilities including app sandbox bypass, SSL/TSL, Safari Session Cookies, QuickTIme and much more. It is recommended to update to Mac OS X 10.9.2 immediately.
Wednesday evening, Apple updated XProtect to defend against the two known variants of OSX/CoinThief.
SecureMac has more information on how the CoinThief malware is initially installed on infected systems, with steps it takes to disguise its behavior. Read more information about CoinThief.
SecureMac has discovered that OSX/CoinThief has been distributed under four different app names and from various download sites. Identification and removal instructions can be found here.
SecureMac has discovered that variants of OSX/CoinThief are being actively distributed through popular download sites exposing users to this malware. Continue reading the developing advisory about OSX/CoinThief Bitcoin stealing trojan horse.
Security Alert: SecureMac has discovered a new Trojan Horse called OSX/CoinThief.A, which targets Mac OS X and spies on web traffic to steal Bitcoins. This malware has been found in the wild, and there are multiple user reports of stolen Bitcoins. Read the developing story New Apple Mac Trojan Called OSX/CoinThief.
SecureMac has released PrivacyScan 1.5 (http://privacyscan.securemac.com/ ), offering privacy protection for Mac users. In this latest release, PrivacyScan will notify Google Chrome and Chromium users when their browser is configured to sync with Google’s servers, which can restore erased data. PrivacyScan will also add the capability to clean open windows in many popular apps along with other updated features and enhancements. Download a 15-Day Free trial of PrivacyScan today or buy direct from Mac App Store or PrivacyScan website.
SecureMac has announced the release of PrivacyScan 1.4. The latest version of its critically acclaimed personal privacy application is designed specifically for Mac OS X Mavericks, adding features to securely wipe digital footprints left behind after using the computer and accessing the Internet. Because this latest release is engineered for Apple’s latest operating system (Mac OS X 10.9), it can adapt to the new technology to ensure advanced security by seeking and destroying privacy threats attempting exploit the latest Mac OS version. - http://privacyscan.securemac.com
SecureMac has prepared a guide to help users identify and remove the adware being distributed by CNET's download.com in place of popular Mac apps. The guide provides detailed information, including step-by-step instructions to determine if the adware is installed on your system, and the steps to remove it.
SecureMac has discovered adware being delivered in place of popular Mac apps on CNET's Download.com. Get the details on how the adware is being delivered, and ways to identify if it is installed on your system.
SecureMac has released an update to PrivacyScan that includes new support for Opera 15 and the Chromium web browser, bug fixes, an improved user interface, reduction in price and a 15-day free trial. PrivacyScan is available for a limited time for 7.99 from the Mac App Store and direct from the PrivacyScan site. This is a free update for existing PrivacyScan users -- please see upgrade instructions for Mac App Store purchases and SecureMac purchases.
PrivacyScan now has a free trial available for users to seek and destroy privacy threats and is available for immediate download exclusively from http://privacyscan.securemac.com/download. PrivacyScan has also added an additional purchasing option, adding the ability to purchase directly from the PrivacyScan site.
SecureMac announced today that PrivacyScan, the online and offline privacy application to seek and destroy privacy threats while clearing up valuable hard disk space, has been nominated for Macworld UK's 2013 award in the Best Consumer Software category. PrivacyScan made the shortlist for the 18th annual Macworld UK awards 'Best Consumer Software' category ranking with 10 of the industry's leading software titles. Winners will be announced at the award ceremony the evening of June 20, 2013, at The Royal Garden Hotel in London.
SecureMac created an infograph to help show an assortment of statistics highlighting the changes in both mobile OS popularity and the malware that associated with each over the past three years.
SecureMac announces the release of PrivacyScan 1.2, a specialized app to seek and destroy privacy threats for the Mac, now available in the Mac App Store. PrivacyScan is a utility designed for people who value privacy and want to keep their online and offline experiences to themselves. PrivacyScan has been met with critical acclaim, including being awarded Best of Show for Macworld | iWorld by Macworld UK, Editor’s Choice Award — Macworld UK, Mac Gem for Macworld GemFest 2012, a 5 Mouse Rating from Macworld UK, 5/5 Mice from Macworld AU, has top ranking in the utilities section of the Mac App Store, and continues to receive rave reviews from users.
Get PrivacyScan 1.2
Security New Years Resolution - 5 Easy Tips to Keep Your Mac Secure in 2013 has been published and is now available for immediate implimentation to help keep you secure this New Year! Which methods are you already using and how do you rank?
Security researcher Israel Torres for SecureMac has published his latest piece about OS X security entitled 10 Security Tips for Safe Computing for OS X Mountain Lion. The in-depth article covers many aspects of OS X's built-in security features and how to use them to your benefit.
SecureMac releases MacScan 2.9.4 offering full Apple Mac OS X Mountain Lion (10.8) support as well as interface updates and enhanced support for both Firefox and SeaMonkey web browsers. The latest version also adds the latest definitions to protect against the malware affecting Mac OS X and has been featured in the August 2012 issue of Macworld as “Hot Stuff — What We’re Raving about This Month.”
PrivacyScan 1.1, Privacy Protection for Your Mac, is now available in the Mac App Store with new and improved privacy cleaning features. PrivacyScan protects online and offline privacy by shredding files that can be used to track your web browsing and computer usage. PrivacyScan's shred functionality is able to overwrite sensitive data up to 35 passes!
From Doctor Web,
the Russian anti-virus vendor—"conducted a research to determine the scale of spreading of Trojan BackDoor.Flashback that infects computers running Mac OS X. Now BackDoor.Flashback botnet encompasses more than 550 000 infected machines, most of which are located in the United States and Canada. This once again refutes claims by some experts that there are no cyber-threats to Mac OS X."
Apple released Java update featuring security fixes that were exploited by Flashback Trojan. Install the latest update to patch these threats. Read more about the Java update here
SecureMac has learned of a new piece of Mac malware that is currently in the wild and infecting computers running OS X. As first reported at http://labs.alienvault.com/labs/index.php/2012/alienvault-research-used-as-lure-in-targeted-attacks/ this piece of malware exploits a vulnerability in computers running older, unpatched versions of Java.
SecureMac is honored and humbled that Macworld UK has awarded PrivacyScan as Best of Show winner for Macworld | iWorld this year. PrivacyScan gives peace of mind to the privacy-conscious user by ensuring that potential threats, both online and offline, are eradicated with multiple levels of secure delete file shredding.
SecureMac has released PrivacyScan 1.0.1, Privacy Protection for Your Mac available for download immediately from the Mac App Store . PrivacyScan has seen top rankings on the Mac App Store, during first launch at Macworld 2012 the program took placement #7 in the Top Paid Apps and #1 in Utilities across the board. The latest version of PrivacyScan adds bug fixes and is available for free to existing users.
PrivacyScan, Privacy Protection for Your Mac, is now available on the Mac App Store. PrivacyScan protects online and offline privacy by shredding files that can be used to track your web browsing and computer usage. Going above and beyond United States DoD (Department of Defense) government standards, PrivacyScan's shred feature can overwrite data with up to 35 passes! Check it out on the Mac App Store or visit the PrivacyScan homepage.
View press release
SecureMac will be exhibiting at Macworld | iWorld 2012 (January 26th - 28th) in San Francisco, California. PrivacyScan, the latest in privacy software will be released at the show and demonstrated at booth #442. The team will also be demonstrating the latest version of MacScan, giving away goodies and talking security. Be sure to stop by the booth, and to learn more about PrivacyScan be sure to follow PrivacyScan on Facebook and Twitter.
SecureMac is celebrating the release of MacScan 2.9.2 and offering users a free 30-day trial to audit their computer's security for malware and privacy threats. The latest version adds additional browser support, scheduler bug fixes, interface changes and the latest definitions to protect against the malware affecting Mac OS X. Download MacScan Now
SecureMac will be exhibiting at MacWorld | iWorld in San Francisco, Ca. January 26th - 28th 2012 located at booth 442. If you haven't pre-registered for the event already you still have a chance to get free expo hall passes by following @SecureMac on Twitter and on Facebook. We will be announcing new products at the show so be sure to stay connected!
Steve Jobs, 1955 - 2011.
Mac OS X Lion (10.7) contains a security issue which can allow non-root
users access to the password hashes as well as ability to change the
password without authenticating the current password. Read more at "Defence
in Depth" including full details, scenarios and temporary fixes.
SecureMac is celebrating the release of MacScan 2.9.1, the latest version of it's award-winning anti-malware privacy and security software for Mac OS X. The Download, Tweet and Win! Campaign allows Mac users the opportunity to download MacScan and audit their computer for security threats and privacy issues such as tracking cookies and tweet their results for a chance to win great prizes such as a MacBook Air, MacScan licenses and gift cards to favorite retailers.
The contest is now over. Thank you to everyone who participated!
Read full Press Release
SecureMac has released MacScan 2.9 the latest in malware protection and security for Mac OS X offering full support for OS X 10.7 (Lion). MacScan 2.9 is available for purchase directly from the MacScan Site or within the application, users may evaluate MacScan for free for 30-days. Existing MacScan users can upgrade at no charge.
Apple has released Mac OS X 10.7 also known as Lion available through the Mac App Store as a download for $29.99 USD.
Trojan Horse Alert: SecureMac has identified a new version of the previously identified MAC Defender malware. The new variant, just like the previously identified "Mac Security," "Mac Protector," and "Mac Guard" versions, is an updated version of the original malware, rebranded as "Mac Shield."
Read the updated analysis and removal removal instructions
Trojan Horse Alert: SecureMac has identified a new version of the previously identified MAC Defender malware. The new variant, just like the previously identified "Mac Security" and "Mac Protector" versions, is an updated version of the original malware, rebranded as "Mac Guard."
Read the updated analysis and removal removal instructions
Trojan Horse Alert: SecureMac has discovered a new version of the previously identified MAC Defender malware. The new variant, just like the previous identified "Mac Security" version, is an updated version of the original malware, rebranded as "Mac Protector."
Read the updated analysis and removal removal instructions
Trojan Horse Alert: SecureMac has discovered a new version of the previously identified MAC Defender malware. The new variant is an updated version of the original malware, rebranded as "Mac Security." The new version did not change the main functionality of the code, but rather cleaned up the existing code and added small updates including the capability to send information about the infected system back to the authors of the malware, along with an updated user interface to reflect the name change.
Read the updated analysis and removal removal instructions
Trojan Horse Alert:A new privacy and security threat is targeting computers running Apple's Mac OS X disguised as an anti-virus program called MAC Defender. The rogue anti-virus program will "detect" nonexistent threats as being present on the user's system in an effort to persuade them to hand over their credit card information and purchase a "subscription" to the program.
Read the full analysis and removal removal instructions
SecureMac is pleased to announce MacScan 2.8, the latest version of its award-winning anti-spyware privacy and security software for Apple’s Mac OS X. This new version of MacScan enhances protection against the latest threats for Mac OS X, adding usability enhancements and bug fixes.
Visit the MacScan site
As predicted by the SecureMac team, the new version of BlackHole RAT 2 was officially released on a hacker message board this weekend, with some slight differences from the earlier version analyzed by SecureMac. The trojan horse, once installed, disguises itself as a Java Updater. In addition, the author is now referring to the trojan as Freeze RAT, but it contains much of the same code as BlackHole Rat 2.0a. The new version has a more complicated installation process that requires physical access to the computer, so SecureMac continues to rate this as a low threat.
Read more details about BlackHole RAT 2.0
The SecureMac team announced today that a new version of the BlackHole RAT 2.0 Trojan Horse for Mac OS X has been discovered. This new version should be not confused with an older variant from back in February already detected by SecureMac and other anti-malware software.
Read more details about BlackHole RAT 2.0
A new trojan horse is targeting Mac OS X, and SecureMac has identified multiple variants of the threat. The trojan horse labeled as BlackHoleRAT, created by a hacker calling himself Das_Virus, appears to originate from Germany. Although in early stages this trojan horse is actively being developed.
Read more details about BlackHole RAT
Apple has released Mac OS X 10.6.5 in the update includes many security concerns addressed. An outline of the security update 2010-007 can be found here http://support.apple.com/kb/HT4435. Users should install this latest update, access the Software Update from within the System Preferences.
Core Security has discovered a vulnerability in Mac OS X 10.5 which could be used by a remote attacker to execute arbitrary code by getting the user to download a PDF document containing a embedded malicious CFF font. The advisory shows a communication timeline with Apple as well.
Full advisory: Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch
Review - Sophos Anti-Virus for Mac has been reviewed. Read our review on Sophos free anti-virus solution for Mac OS X and see how it compares. Read the Sophos Anti Virus for Mac Review.
Trojan Horse Alert: A new variant of the Boonana malware, first documented and named by SecureMac, has been discovered by ESET. The new variant, trojan.osx.boonana.b, behaves in a very similar manner to the original malware, and is currently being distributed on multiple sites. In addition to the website documented by ESET as currently distributing the malware, SecureMac has identified two more websites that are currently hosting the new malware variant. Rather than the initial site which tricks users into running (and installing) the malware, these servers seem to be hosting update code for the malware.
Visit the Boonana advisory page for more details about the Trojan horse trojan.osx.boonana.a including initial analysis and removal instructions or download Boonana Trojan Horse Removal Tool directly.
Trojan Horse Alert: SecureMac has discovered a new trojan horse in the wild that affects Mac OS X, including Snow Leopard (OS X 10.6), the latest version of OS X. The trojan horse, trojan.osx.boonana.a, is spreading through social networking sites, including Facebook, disguised as a video. The trojan is currently appearing as a link in messages on social networking sites with the subject "Is this you in this video?"
Apple has updated Java for Mac OS X 10.5 and 10.6 addressing several security issues. Users are advised to download the latest update via Software Update in System Preferences or download directly from the Apple Download page.
PGP Whole Disk Encryption (WDE) ensures your entire hard disk is encrypted and only accessible by you. Read the whole review of PGP Whole Disk Encryption for Mac OS X.
Trojan Horse Alert: Intego recently alerted users to the presence of a new variant of the HellRaiser Trojan Horse, which they identify as OSX/HellRTS.D. SecureMac has analyzed this new variant and it is detected in the latest MacScan spyware definitions update (Spyware Definitions Version 2010006) as HellRaiser Trojan Horse 4.2. MacScan has detected previous variants of this trojan horse since 2005.
HellRaiser is a trojan horse that allows complete control of a computer by a remote attacker, giving the attacker the ability to transfer files to and from the infected computer, pop up chat messages on the infected system, display pictures, speak messages, and even remotely restart or shut down the infected machine.
The attacker can search through the files on the infected computer, choosing exactly what they want to steal, view the contents of the clipboard, or even watch the user's actions on the infected computer.
In order to become infected, a user must run the server component of the trojan horse, which can be disguised as an innocent file. The attacker then uses the client component of the trojan horse to take control of the infected system.
Read more about HellRaiser Trojan Horse aka OSX/HellRTS.D
Mac OS X Security Update
- Apple posts new
security update (2010-003) for Leopard and
Snow Leopard. Users may update via the Software Updates System
Preferences or by accessing Apple's download site directly.
This security update addresses ATS (Apple Type Services) handling of
embedded fonts. Accessing documents containing malicicously crafted
embedded fonts may lead to arbitrary code execution. Charlie Miller is
credited for discovery of this threat.
Apple has released Mac OS X 10.6.3, in this release it includes over a dozen security fixes. Users are advised to upgrade to the latest version of Mac OS X by accessing the Software Update in the System Preferences or by accessing Apple's download page directly. http://support.apple.com/downloads/
Mac OS X Security Update
Mac OS X security update (2010-001) has been posted by Apple fixing several security issues including a Adobe Flash. Other security fixes include CoreAudio, cupsd printing scheduler, issues with DMGs,TIFFs, SSL and TSL. To update your system access the software update icon within the System Preferences and check for updates.
More information at Apple KB Article.
SecureMac is celebrating 10 years of success. This year marks the Macintosh security company's ten-year anniversary. Over the past decade, SecureMac has expanded its role as the premier source for Macintosh security news, released its award-winning anti-spyware and privacy program MacScan, and two free trojan removal tools for the most dangerous threats against OS X. SecureMac continues to lead the drive to educate users about the security threats for OS X, and looks forward to more years of continued success.
Snow Leopard has over 1000 new additions, one of which being reported is
XProtect, Apple's step in the direction towards security. When the user
launches an installer the file is checked for malicious software
currently only iServices Trojan horse and DNSChanger Trojan horse and
the user is prompted with a warning. This is limited in scope and misses
the vast majority of malware for Mac OS X. Read more the
MacScan anti-spyware and privacy for Mac OS X has released new spyware
definitions to protect against the latest malware for Mac OS X.
Definitions can be downloaded from within MacScan. Download 30 day demo of
DNSChanger Trojan Horse (aka RSPlug Trojan) is running wild lately with multip|le variants surfacing rapidly and being distributed through more mainstream sites including gamer and technical download sites as well as pornographic and search engine optimized pages resulting in high rankings in search results.
Learn more about the symptoms of DNSChanger Trojan Horse infected computers or scan your computer for spyware with MacScan or remove DNSChanger Trojan Horse (RSPlug) with DNSChanger Trojan Horse Removal Tool for free.
Apple has released iPhone 3.0 OS now available for installation. Users who are able to upgrade their operating system for their iphones are suggested to do so as it addresses about 40 security issues. To download and install the latest version simply connect your iPhone to your computer and launch iTunes, from the iTunes' iPhone interface section for Version an Update option will be available.
Today Apple released Java for Mac OS X 10.5 Update 4, which is an update that appears to correct the Java vulnerability reported by SecureMac last month. The update requires OS X 10.5.7 or higher. More information can be found at: http://support.apple.com/kb/HT3581.
The trojan horse OSX/Jahlav-C recently reported in the news is in fact a variant of the already discovered DNSChanger Trojan Horse. Other variant and aliases include OSX.RSPlug, OSX/Puper and OSX/Jahlav.
This variant is already detected by SecureMac's Anti-Spyware product MacScan as well as the free DNSChanger Trojan Horse Removal Tool. Learn more information on avoiding DNSChanger Trojan Horse and removal tips.
Apple has finally acknowledged that spyware and viruses are a threat for Mac OS X, as well as the latest operating system in the works, Snow Leopard. Snow Leopard will be adding new technology to help prevent against attacks such as sandboxing and anti-phishing features in Safari. This, however, is not a 100% solution to protect against malware.
Security Alert: Safari prior to version 4 (released June 8th, 2009) may permit malicious web pages to steal files from the local system simply by accessing a web page without further interaction. This vulnerability is present in both Mac OS X and Windows Safari. The attack is accomplished by mounting an XXE attack against the parsing of the XSL XML.
Today, Landon Fuller posted a proof-of-concept exploit for an unpatched vulnerability in the Java Runtime Environment currently in use by OS X. While this particular proof-of-concept is meant to be harmless, the vulnerability itself currently affects OS X, including OS X 10.5.7, the latest shipping version of OS X. This vulnerability could be exploited to perform "drive-by-downloads" commonly used as a means to infect computers with spyware, or any arbitrary command with the permissions of the executing user. All a user has to do is visit a web page hosting a malicious java applet to be exploited. Until Apple patches their implementation of Java, we recommend that users disable Java applets in their web browser.
SecureMac has released MacScan 2.6.1, a update to the anti-spyware software for Mac OS X. Download the 30-day demo of MacScan 2.6., existing users may upgrade for free. Visit MacScan.
iBotNet also known as the iServices Trojan Horse botnet first reported
by SecureMac back in
January has been activated. Users who have been infected are encouraged to download the iServices Trojan Horse Removal Tool, available for free at http://macscan.securemac.com/files/iServicesTrojanRemovalTool.dmg
Read more about the botnet at MacNN.
Proof-of-concept exploit code has been posted online for six kernel
vulnerabilities, five of which affect Mac OS X 10.5.6. Information
A new variant of the DNSChanger Trojan Horse, DNSChanger 2.0e, has been discovered in the wild. The trojan horse arrives in a disk image (some samples are called serial_Avid.Xpress.Pro.5.7.2.dmg), and is again disguised as an installer for "MacCinema," just like the 2.0d variant. Once installed, the trojan horse behaves in a similar manner to past variants.
A new variant of the DNSChanger Trojan Horse, DNSChanger 2.0d, has been discovered in the wild. The trojan horse arrives in a disk image called FlashPlayer.dmg, and is disguised as an installer for "MacCinema." Once installed, the trojan horse behaves in a similar manner to past variants.
SecureMac has released iServices
Trojan Removal Tool 1.1 (Formally known as iWorkServices Trojan
Removal Tool 1.0) a free utility to assist with the removal of the
OSX.Trojan.iServices.A and OSX.Trojan.iServices.B trojans distributed
with pirated software.
Pirated copies of Photoshop CS 4 has been reported by
Intego to contain malware. On January 16th Photoshop CS 4 containing
the malware was seeded to peer-2-peer servers. This trojan have been
labeled as OSX.Trojan.iServices.B, the second variant of the trojan, the
first discovered in iWork 09 pirated software. It is recommended not to
download these files. Like its predecessor this variant obtains root
privileges, and notifies the remote host of the infected computers
location on the Internet.
SecureMac has released a free tool to remove the iWorkServices
Horse called iWorkServices
Trojan Removal Tool. The trojan as reported by Intego (1/22/09)
has been bundled with pirated copies of iWork 09. Read more below.
Security Alert: A trojan is being distributed
pirated copies of
Apple's iWorks 09.
Pirated copies of iWorks 09 are being distributed with a trojan bundled
in the installer package. Intego has released a
that users should not download iWorks 09 from pirate software sites.
The malicious software is installed in the startup items folders (
/System/Library/StartupItems/iWorkServices ) where it has full root
privilege rights. Once installed the trojan connects to a remote server
notifying it of the infected computers location on the net awaiting
further instruction including the ability of downloading additional
Users concerned of infection may use third party
software from security vendors to remove the trojan horse.
New Mac Exploit to be detailed at Blackhat DC 09 security conference held in Washington
DC in February. Vincenzo Lozzo's presentation ' Let Your Mach-O Fly'
will demonstrate how it is possible to inject a binary into the machine
without leaving traces on the hard disk. Read more at ars technica.
It's been a year since the DNSChanger Trojan Horse was discovered in the
wild. In the intervening months, it has grown to become the single most
widespread piece of malware on OS X, with multiple variants actively
affecting Macintosh computers world-wide. To promote safe web browsing,
SecureMac has issued a bulletin
on the DNSChanger Trojan Horse detailing
infection, ways to check for and remove the Trojan, and a list of safe
practices to use when surfing the web.
SecureMac has released an update to the free DNSChanger Trojan Horse
Removal Tool (2.0) available for download here.
Safari has tied for last place in the CIS report scoring the password
security features in browsers. Details and score chart are displayed.
This report will give better insight why it is not good to store
passwords. Read more.
SecureMac.com, Inc will be attending MacWorld San Francisco 2009 January 6th - 9th, 2009.
We will be demoing the latest version of MacScan as well as discussing macintosh security. Please stop by out booth this year in the expo hall, booth #202.
To receive a free Hall pass for MacWorld 2009, read more
Intego has discovered a new variant of the DNSChanger Trojan horse which
they have labeled as "OSX.RSPlug.E Trojan Horse". The details can be
Apple has officially acknowledged that Mac users should use anti-virus solutions in this technical note. As their market share continues to grow, so do the threats to the users.
Washington Post: Apple: Mac Users Should Get Antivirus Software
The Tech Herald: Apple Encourages Anti-Virus Protection
CNet: Apple suggests Mac users install antivirus software
Apple Insider: Apple encourages Anti-Virus Software
MacScan 2.6 the anti-spyware
security privacy suite for the Macintosh has been released adding
FireFox 3 support. This is a free upgrade to existing users and includes
the latest definition updates.
Apple's latest security update (2008-005) has addressed many security
issues including the highly discussed Apple Remote Desktop Agent
security hole. Install the latest security update by running Software
Sophos has released a whitepaper offering 10 steps to better protect
your Mac from data theft. Some steps include setting firmware password,
seperate keychain passwords, filevaulted home folders, securely empty
trash, and setup secure virtual memory. Read the full white paper.
Intego has posted an advisory titled OSX.Trojan.PokerStealer Trojan
Horse to their website. The trojan horse is a script wrapped in an
executable bundle. Once launched, the script will prompt the user for
his password, and turn on SSH for outside attackers to gain access to
Security Alert: SecureMac has discovered
multiple variants of a new Trojan horse in the wild that affects Mac OS
X 10.4 and 10.5. AppleScript.THT Trojan Horse
runs hidden on the system, and allows a malicious user complete remote
access to the system, can transmit system and user passwords, and can
avoid detection by opening ports in the firewall and turning off system
logging. Additionally, the AppleScript.THT Trojan horse can log
keystrokes, take pictures with the built-in Apple iSight camera, take
screenshots, and turn on file sharing. The Trojan horse exploits a
recently discovered vulnerability with the Apple Remote Desktop Agent,
which allows it to run as root. Read more.
Mac OS X root escalation exploit code in the wild.
SecureMac has released a free utility called DNSChanger
Removal Tool to
remove the DNSChanger Trojan Horse, also known as OSX.RSPlug.A and
OSX/Puper, which has been found on numerous pornographic websites
disguising itself as a video codec. Once downloaded and installed,
DNSChanger changes the DNS settings on the computer, redirecting websites
entered by the user to malicious sites. If personal information is
entered on these malicious websites, it can lead to identity theft.
If the DNSChanger trojan horse is detected, DNSChanger Removal Tool
give you the option to remove it. If the DNSChanger trojan horse
detected and removed, you will need to restart your computer to clear out
the bad DNS entries added by the DNSChanger Trojan Horse. Download
DNSTrojan Removal Tool. This detection and removal is also
available in MacScan.
Intego has released a security advisory entitled 'Mac OS X Leopard
Quarantine Bug Allows Users to Launch Malicious Attachments in Mail' which
they consider low but still a threat. They have proof of concept and
details surrounding this vulnerability. Read
SecureMac has released MacScan 2.5.1 the premier anti-spyware security
program for Mac OS X. Click to download MacScan.
SecureMac's Anti-Spyware program for the Macintosh has been released.
MacScan 2.5 adds
OS X 10.5) support as well as the ability to
schedule scans. Now you can have MacScan audit your system while you are
sleeping or in your idle time. To download your thirty day trial of
MacScan or upgrade your existing version please visit the MacScan
Adobe Flash exploit could log keystrokes according to three critical security updates released. Adobe Flash
Players 184.108.40.206, 220.127.116.11 and 18.104.22.168 as well as earlier version running
on ALL platforms are vulnerable and can be exploited by loading a
malicious SWF file under these players.
Apple has released their security
update (2007-005) this month with another security update specifically
following only a few days after. The QuickTime security issue detailed on
Apples site describes the execution as "...enticing a user to visit a web
page containing a maliciously crafted Java applet, an attacker can trigger
the issue which may lead to arbitrary code execution."
For those who do not have their computers set to check for updates on a
regular basis should do so, and those who have it set to less frequently
may consider having it check for updates more often.
MacScan 2.4, the
anti-spyware program for Mac OS X has been released. MacScan detects,
isolates and removes spyware, detects blacklisted cookies and cleans up
Internet clutter. The new version
includes updated definition files, extended trial period to thirty days,
Internet Cleaning Preference Saving as well as bug fixes. Localized in
English and Korean with additional languages to follow.
MacBook has been successfully hacked during a hack contest at CanSecWest
security conference. The MacBook was fully patched with the latest
security patches supplied by Apple. The hack came through a Malicious web
page that exploited a flaw in Safari. Read More
ComputerWorld writes a story about MySpace users getting hacked via a
QuickTime security issue affecting both Mac and PC users infecting the
computer with a Trojan Horse mining personal data and passwords. Apple
stated this has already been addressed in the March 5th security update.
However many users have still not done the update falling suseptable to
the hack. [Read More]
Mac OS X 10.4.9 has been released offering fixes for 30 security flaws. Updating can be accomplished
by accessing the Update Control in your System Preferences or by visiting
The BBC has a news story titled - Mac
users 'still lax on security' and is worth the read.
MacScan (a SecureMac product)
2.3 has been released with key new features. Such as the blacklisted cookie scanner. This feature maintains a list of known
tracking cookies, and when run, removes them from web browsers in which
they are found. No more loosing saved usernames or passwords when
cleaning cookies. The cookie blacklist definitions, like the spyware
definitions, come in easy to download updates. Version 2.3 also adds file cleaning support for additional
your 15-day free trial of MacScan 2.3.
Month of Apple bugs January 17, 2007 Apple SLP
Daemon Service Registration Buffer Overflow Vulnerability
January 16, 2007 Multiple
Colloquy IRC Format String Vulnerabilities
January 15, 2007 Multiple
Mac OS X Local Privilege Escalation Vulnerabilities
January 14, 2007 AppleTalk
ATPsndrsp() Heap Buffer Overflow Vulnerability
January 13, 2007 Apple DMG
HFS+ do_hfs_truncate() Denial of Service Vulnerability
January 12, 2007 Apple DMG
UFS ufs_lookup() Denial of Service Vulnerability
January 11, 2007 Apple DMG
UFS byte_swap_sbin() Integer Overflow Vulnerability
January 10, 2007 Apple DMG
UFS ffs_mountfs() Integer Overflow Vulnerability
January 9, 2007 Apple
Finder DMG Volume Name Memory Corruption
January 8, 2007 Application
Enhancer (APE) Local Privilege Escalation
January 7, 2007 OmniWeb
January 6, 2007 Multiple
Vendor PDF Document Catalog Handling Vulnerability
January 5, 2007 Apple
DiskManagement BOM Local Privilege Escalation Vulnerability
January 4, 2007
iLife iPhoto Photocast XML title Format String
January 3, 2007 -
Quicktime HREFTrack Cross-Zone Scripting vulnerability
January 2, 2007
VLC Media Player udp:// Format String Vulnerability
January 1, 2007 -
Apple Quicktime rtsp URL Handler Stack-based
Apple Security Update 2006-008 has been released today fixing a security issue
in Quicktime for Java and Quartz composer. The update is available now via
Software Update and the link provided. This fix fixes a issue that could
allow malicious websites to access private information without the users
Microsoft has posted an advisory warning users to a 'zero-day' security
vulnerability in its popular product Microsoft Word. The Vulnerability in
Microsoft Word Could Allow Remote Code Execution. In order for this
attack to be carried out, a user must first open a malicious Word file
attached to an e-mail or otherwise provided to them by an attacker. [Microsoft
Mac OS X
Apple UDIF Disk Image Kernel Memory Corruption is an advisory and
proof of concept exploit that demonstrates a bug in Mac OS X
com.apple.AppleDiskImageController. The controller fails to properly
handle currupted DMG images leading to an exploitable memory curruption
condition with potential kernel-mode arbitrary code execution by
Intego VirusBarrier X4
Definition Bypass Exploit covers an issue discovered by Kevin
Finisterre that would render the anti-virus software incapable of
detecting viruses. This could lead an attacker to an attacker compromising
the computer further. Intego has been advised and have provided a fix.
The Openbase application included with Apple Xcode has been proven prone
to multiple privilege escalating issues discovered by Kevin Finisterre.
It was discovered that a local attacker can exploit the issue to gain
superuser privileges. The issue affects Apple Xcode 2.2 and earlier. Read full
Virus Infected iPods - Apple announced that
a small number of iPods shipped with Windows
Virus on them. Those Video iPods available for purchase after September
12th 2006 contained the windows virus RavMonE.exe. Users who connect these
infected iPods to their Windows computers (including Bootcamp) should run
antivirus software and wipe the iPod restoring the software.
Mac OS X Exploit In The Wild has been reported by CNET.
The article states a researcher at Matasano Security has found a hole that
could exploit a weekness in Mac OS X to allow limited privileges to gain
full access. Update to Mac OS X 10.4.8 to fix the security issue
Multiple Firefox Vulnerabilities have been reported including
man-in-the-middle, spoofing and cross-site scripting attacks and holes
potentially compromising the users computer. [Read More]
MacScan 2.2 spyware protection
for Mac OS X has been released and is available for download as a free
upgrade. This version improves scanning of spyware,
definition updates, improved stability and support for 10.2.
Washington Post has an article titled 'Hijacking a Macbook in
60 Seconds or Less' going over a demonstration given at Blackhat
Security conference in Las Vegas by Johnny Cache and David Maynor.
Apple Security Update 2006-004 has been released.
To update Mac OS X go to the System Update Controls in the System
Preferences and check for updates. Update includes fixes for AFP Server,
Bluetooth, Bom, DHCP, dyld, fetchmail, gunzip, Image RAW, ImageIO,
LaunchServices, OpenSSH, telnet, WebKit, and AppKit.
Kaspersky Lab has written an article titled Malware
Evolution: Mac OS X Vulnerabilities 2005-2006.
Xcode 2.3 has
released due to a xcode security advisory (apple
APPLE-SA-2006-05-23). The impact of the security
issue would allow remote attackers to obtain or modify WebObjects projecs
while Xcode is running. Security Focus
Symantec's LiveUpdate for Macintosh does not set execution path
environments allowing non-privledged users to change the path opening up
potential to trojan horse attacks. Symantec has released a LiveUpdate
Vulnerability Report with patch and information for the issue.
SecureMac is pleased to announce the release ofMacScan 2.1, a major
update to its anti-spyware program. MacScan 2.1 has been totally
revamped and is now a Universal Application, which will run natively on
both Intel and PowerPC-based Macintosh Computers.
Recent security articles of interest are as follows. Spreading Security
Awareness for OS X. And Cyberthieves
silently copy keystrokes. With the recent worms for OS X security
issues for the OS will be focused on in the news. Submit all news and
information to email@example.com
Mac OS X Virus Alert - Sophos Anti Virus has
found the first 'real virus' for Mac OS X known as OSX/Leap-A
or OSX/Oompa-A. The OSX/Leap worm or trojan is spread via instant
messenger forwarding itself as a file named 'latestpics.tgz'. When
launched the worm attempts to spread via iChat sending itself to the users
buddy list. The application will also try to infect the recently used
Apple QuickTime/iTunes QuickTime.QTS Heap Overflow was addressed by Apple,
this issue could allow for malicious code to be executed when processing a
malformed .MOV (movie) file. Apple has released updated QuickTime and
iTunes. Advisory with
MacScan 2.0 for Mac OS X has
been released. MacScan will find, isolate, and remove spyware, keystroke
loggers, and trojan horses as well as detect whether remote administration
applications have been installed on a computer. By scanning files
received as e-mail attachments or downloaded from the web, MacScan can
proactively protect computers from inadvertently accepting new spyware.
MacScan's spyware definitions are constantly being updated, letting users
keep pace with the hackers.
Apple has released
Update 2005-009 that covers issues dealing with CoreFoundation where a
maliciously-craftered URL may result in execution of arbitrary code. Also
included in update: curl, iodbcadmintool, apache 2, apache_mod_ssl,
openssl, passwordserver, safari, sudo, and syslog.
Apache Mod_SSL - updated to version 2.8.7-1.3.23 to address a buffer
overflow vulnerability which could potentially be used to run
arbitrary code in conjuction Apache is updated to version
Macromedia posted a Flash
Player 7 security advisory. The advisory discusses that a
vulnerability has been identified that could allow the execution of
arbitrary code. Macromedia Flash Player 8 has been released but not for
Macintosh operating systems, for security updates Macintosh users should
refer to the update
2.0b3 has been released for beta testing, this product detects,
isolates and removes spyware and cleans up Internet history and cookies.
The beta has been tested on 10.2.4, this is a time expiring beta.
Apple Security Update is available for Mac OS X 10.4.2 Client/Server and
Mac OS X 10.3.9 Client/Server. To download go to your System Preference's
software update control panel and check for new updates.
Widget allows you to safe securely through the Proxify network
allowing for stripping of advertisements and protection of the user while
surfing. Some other features include surfing in text only, remove cookies,
remove scripts, hide referal information and other encoding
New security update is available for Mac OS X downloadable from the
Software Update system preference panel.
QuickTime 7.0 contains a security bug where a maliciously crafted Quartz
Composer object can leak data to an arbitrary web location. Apple has
released QuickTime 7.0.1 which addresses this issue, users sould
With the release of Mac OS X 10.4, the version of FileVault included
addresses an issue discussed in this FileVault
advisory. Mac OS X 10.4 allows the user to securely delete the
data, however the issue still remains 10.3.9.
Clam Anti-Virus (ClamAV Mac OS X) is affected by a command execution
vulnerability as described within the advisory.
Details within the advisory claim that when a suspected infected file is
handled by the program and is not able to be removed ClamAV may attempt to
copy it to another location utilizing the 'ditto' utility in Mac OS X.
The ditto utility is called in an insecure manner allowing the attacker to
include arbitrary commands in the file name that will would be executed in
within ClamAV. The most recent version of ClamXAV is 0.85.1 and is
not vulnerable, be certain you are running the latest version of
Apple's Keynote, a slideshow/presentation application has been updated due
to a security issue discovered. Keynote 2.0.2 fixes an issue discovered by
David Remahl that could allow malicious Keynote presentations to take
advantage of the uncoducmented URI handler keynote://, automatic disk
image mounting, and WebKit's abilities to manipulate the system when
Keynote 2 (prior to 2.0.2) is installed. Users of Keynote 2 should
download the latest version of Keynote available within Software Update.
Apple has just released a system update, a few days prior to the release
of Tiger (10.4) that fixes many issues and also states better overall
performance out of the operating system. In this update Safari has a few
bug fixes included not automatically opening 'safe downloads' after
opening and also addition of important Verisign root certificates that
allow for secure SSL connections over the web. Updates to the
system are available for Mac OS X Client and also Mac OS X server.
package changes and download.
Macintosh computers for the longest time have allowed for users while in
front of the console to boot from another device by connecting it and
holding down key(s) during startup bypassing all security. There are a few
ways to gain access to Mac OS X from physical access status. Users are
reporting that you can boot from a Firewire Drive and gain access to the
computer, this is indeed true and has been. The solution for this is to
enable open firmware password
protection which allows for extra added security to exist and also
keeping the computer locked in a secure location.
Advisory Update Apple has released a security
update to address the URI issue with the web browser. The Apple security
update can be obtained through Mac OS X Software Update panel.
URI handler allows for arbitrary code execution. In this advisory it details
the seriousness of this apple security issue and how the URI Helpers can
be abused to run arbitrary maliciously. It has been reported while using
IE and Safari while surfing malicious websites code may execute the
browsers helper handler to run arbitrary code.
A Mac OS X proof of concept trojan has been found showing the potential of
trojans in Mac OS X. The proof of concept did not harm anything
it was dubbed MP3Concept or MP3Virus.gen and added into the anti-virus
definitions for future protection of this style. This trojan
contains the file extension of
.mp3 although it is not, the icon itself is hardcoded into the trojan and
not picked up based on file creator associations. The file itself is a
Carbon (CFM) application with the file type of APPL. iTunes should not be
able to execute a trojan or virus, and this file would only be able to run
if double clicked on to execute it. It does have potential for
manipulation to cause harm but at its current state did not, it
was a benign trojan proof of concept code.
Many news media sources are reporting this finding to be destructive as if
it were a trojan or virus to cause harm. Again it was proof of concept
showing the ability allowing the anti-virus companies to have a heads up
and protect against future manipulations of the code.
Apple released Security Update 2003-12-19 described to offer numerious
security updates such as fixes for directory services, fetchmail,
root via usb keyboard, file server, and a few
buffer overflow issues.
Apple released 10.3.2
accessable via the software update pane in Mac OS X. The update includes
enhancements for FileVault and increased security for the system.
Security Advisory William Carrel's
Security Advisory is SERIOUS. Mac OS X is vulnerable to Malicious DHCP
responses granting root access to remote users. Full security advisory can
be found here: http://www.carrel.org/dhcp-vuln.html
Security Advisory FileVault in Mac OS X 10.3
(Panther) does not securely delete the files it encrypts that can be
restored with file recovery software. FileVault
Security Advisory - Secure Delete after Encryption.
Security Advisory: Mac OS X 10.2.7 and prior
with a USB Keyboard contain a security vulnerability that allows a user
to gain root
access to the computer by holding down a two key combination during
startup that only. Read about root access via USB Keyboard
on Mac OS X.
Panther Security Advisory: Mac OS X Panther
contains a security vulnerability; With access to
the keyboard, an unauthorized user can access the currently active
screen-locked user environment. Security Advisory - Read full
Mac OS X 10.3 (A.k.a. Panther) has been released. This new version
contains many new security features, fixes and all around new applications
for the Mac OS X users. Amoungst the new features is the file security
utility FileVault, review to come shortly.
New SSH Exploit (detailed here) affects
Mac OS X granting the attacker access to the
computer as root. This security issue is vulnerable in OpenSSH version
prior to 3.7, and Mac OS X is currently only at OpenSSH 3.4. To protect
yourself from being vulnerable to this security risk disable SSH access to
your computer by accessing your Sharing Control Pane and make sure that
Remote Login is disable. Or setup your firewall to restrict access to the
SSH port to only allow trusted connections. We will update this issue when
Apple releases a security update.
A security vulnerability in Mac
OS X's password protected screensaver has
been discovered allowing a user with physical access to bypass the
screensaver's authentication scheme without supplying a valid
released by Sustainable Softworks. IPNetSentryX offers basic protection
without erecting barriers for the safe use of your Internet connection,
this is the Mac OS X version of IPNetSentry. Download and product
Keep your Apple AirPort Administrator Password Safe. An advisory has been
released detailing an issue how an anonymous attacker can sniff and obtain
the Administrator's password when the administrator logs into the AirPort
Base Station to manage while connecting to it via a network or non-WEP
enabled wireless connection based on the units method of password
authentication. Secure connectivity can be obtained by connecting a
computer directly to the computer via a cross-over cable. Full details
about the authentication credentials involved with the AirPort can be read
in the @Stake advisory - CAN-2003-0270
Mac OS X 10.2.6 is available - Update.
Security Update!Mac OS X 10.2.5 has been made available for update! This version fixes a
issue in Apache 2.0 (CAN-2003-0132), File Sharing/Service (CAN-2003-0198),
OpenSSL (CAN-2003-0131), Samba
(CAN-2003-0201), and sendmail (CAN-2003-0161). Details as follows:
Directory Services - Mac OS X and Mac OS X Server contains a security hole in DirectoryServices
which allows for
escalation of privledges and denial of service attack which is fixed with the 10.2.5 update. DirectoryServices is part
of the operating systems information services subsystem, and is launched at being setuid as root by default. Credit for
this find goes to Dave G. as noted by Apple's security advisory.
OpenSSL - The new version fixes OpenSSL so it is not suspectable to the known Klima-Pokorny-Rosa attack.
sendmail - contained a issue where it did not adequately check the length of email addresses in the address
Apache 2.0 - Fixed a known denial of service vulnerability in Apache 2.0 - 2.0.44, the apache 2.0 service is only
present in the Mac OS X server.
PGP Corporation has released PGP 8.0.2 for Mac OS X.
This is a free update to all the users of PGP 8.0. PGP Enterprise 8.0.2
for Mac OS X introduces PGP Admin for Mac OS X. 8.0.2 also adds OpenPGP
security improvements and a new user interface for signature
Apple has released Security Update 2002-03-24 which is downloadable via
Software Update in Mac OS X. This update addresses a few security issues
which are vulnerable including Samba's vulnerability of allowing the
possibility for an unauthorized remote user to access the system.
OpenSSL security fixes are also included in this update, a
issue lays within OpenSSL where the RSA private key could be
compromised when communicating over certain protocols.
A security vulnerability in SENDMAIL included in Mac OS X has been fixed
and addressed in Apple's Software Update. Please update your
Mac OS X immediately. ISS
warning discusses the issue.
MacScan Public Beta 3 has
been released. MacScan runs on both Mac OS Classic and Mac OS X to
detect, isolate, and remove spyware. This new version includes bug
fixes, new spyware
detection and also full administrative scan for Mac OS X and Mac OS X Spyware.
Apple has released Mac OS X 10.2.4 which addresses a security issue
discovered by @Stake known as the TruBlueEnvironment
Privilege Escalation Attack. Clicking the link will take you to a
page with information on the subject and the advisory. The security
issue exists in Mac OS X system prior to 10.2.4 and allows for local
users to gain root privledges.
Mac OS X Screen Effects' password protection contains a security flaw
which allows for a user with physical access to the keyboard to be able
to quit or launch programs while being prompted to enter the password.
When full Keyboard access is turned on (toggled on/off by pressing
shift+f1) the doc can be accessed 'blindly' although you can not see it,
the doc is still functioning.
allows Macintosh (X) users to store their 'little secrets' in a
encrypted format using 448 bit cipher block chaining blowfish algorithm.
The application may also optionally interface with your Keychain. Read the Review, See Screenshots
and Download Now.
Apple has released Mac OS X 10.2.3 which adds security fixes to the
operating system as well as more support and bug fixes. Below outlines
the security updates details.
fetchmail updated to version 6.1.2+IMAP-GSS+SSL+INET6
CAN-2002-1383: Multiple Integer Overflows
CAN-2002-1366: /etc/cups/certs/ Race Condition
CAN-2002-1367: Adding Printers with UDP Packets
CAN-2002-1368: Negative Length Memcpy() Calls
CAN-2002-1384: Integer Overflows in pdftops Filter and Xpdf
CAN-2002-1369: Unsafe Strncat Function Call in jobs.c
CAN-2002-1370: Root Certificate Design Flaw
CAN-2002-1371: Zero Width Images in filters/image-gif.c
CAN-2002-1372: File Descriptor Resource Leaks
Apple Software Updates are performed by accessing the Software Update
pane located in the system preferences.
and removes spyware from your Macintosh. SecureMac.com's MacScan is
available for immediate download for Mac OS Classic (PPC/68k FAT) and
MAC OS X. Visit the link above to learn more about and download
PGP 8.0 Desktop and
Enterprise is now available. The new version of PGP
8.0 contains full support for Apple's Mac OS X 10.2. In this version a
new user interface has been integrated, plug-in for Apple Mail
supporting PGP/MIME, and Entourage integration. You will also
notice dock and service integration added.
The PGP Disk format is compatible between Mac OS X and Windows. The PGP
8.0 Freeware is also available at PGPs site. Download, Purchase and
more Information on PGP 8.0 for the
SecureMac.com is looking for experts to write reviews for
security programs they know inside and out that we don't have reviewed
on our site already. Please contact firstname.lastname@example.org
Mac OS X 10.2.2 is available for download, go to the Software Update
Panel and proceed to update. The fix includes a few security related
issues as well as many bugs in the system.
The security update addresses, 11-21-2002
fixes a security issue related to BIND (Domain Server and Client Library
Software) where a unauthorized person disrupt the normal operation.
Toolkit Volume 1 was released today giving Mac OS 9 and Mac OS X
users the ability to encrypt files on their hard disk, folders, and
also securely delete files by overwriting the data making it so the
data is less likely to be recovered. Visit their site today and see the
demonstration, screenshots and technical details or download the Free Trial
I'd like to welcome everyone back to SecureMac.com, we've added a new
face to the site and are cleaning up many of the articles. Major updates
will be seen throughout the site because of you - the readers -
feedback and suggestions. Please let us
know how you
enjoy the new layout and if you find any bugs or issues viewing it on
your web browsers.
SecureMac.com has many new features and great news to roll out including
a Macintosh security software title for Mac OS 9(+earlier) and Mac OS X
alike can enjoy.
PGP 8.0 Beta for Mac OS X
has been released. This is something Mac OS X users have been waiting
for. PGP is encryption software which is supported for cross-platform
use. Note that this is a beta of the software and to be cautious.
Mac OS X 10.2 Security Update - "Terminal This update fixes a security
hole introduced in Terminal version 1.3 (v81) that shipped with Mac OS X
10.2 (Jaguar) which could allow an attacker to remotely execute
arbitrary commands on the user's system. Terminal is updated to version
1.3.1 (v82) with this Security Update." Updates can be downloaded from
the Software Update Pane, Apple's Security update page can be found here
PGP Corporation announces Mac OS X PGP
be released Q4 of
2002. They purchased the software from Network Associates. Good
things ahead for the company and PGP product..
The Secure Trusted Operating
System Consortium ( STOS ) is pleased
to announce the 1st annual Mac OS X & BSD
Security Symposium. The
symposium is designed for system and lab administrators, programmers,
developers, strategists, and other technical staff involved in the
deployment and securing of systems. Past STOS events have been the
central networking events for the Mac OS X/Darwin security community.
The Mac OS X & BSD Security Symposium follows the previous STOS events
by providing an environment that promotes the sharing of ideas and
techniques with a shared goal of maximizing the security of the involved
systems. The addition of Robert Watson's TrustedBSD tutorial and
several new papers on various aspects of BSD based operating, brings
even more value to this event. Click the link for information, content,
and registration information. There is no other event with the same
depth of Mac OS X and BSD security subject matter as the Mac OS X and
BSD Security Symposium.
Security Update 2002-08-02 is out and includes the following updated
programs offering increased security protecting from recent attacks
and holes discovered that effected the components; OpenSSH, OpenSSL,
SunRPC, mod_ssl. Download via Apple's OS X Software Update Panel or
download from Apple's Web
Fixed! A security issue dubbed as Mac
OS X SoftwareUpdate Security
Issue describes how a user could have the SoftwareUpdate Pane
install files from an untrusted server by poisoning the DNS in tricking
the computer to believe that another IP is Apple's host and install
malicious software has been fixed by apple, performing a
software update will resolve the issues or visit the depot
Mac OS X users should now perform a system update to install the latest
security fixes resolving the issues described below which allowed remote
users to attack the system.
Security Alert //fixed! Mac OS X systems
remote login' enabled in the sharing pane of the system preferences
should be disabled until a new release of OpenSSH has been made
available from Apple in the security updates.View advisory now a new
version of the software is out but not available through the Apple
Software Updates. This has been fixed - Update Software in Pane
Security Advisory Cisco VPN Client for Linux,
Solaris and Mac OS X contains a security
vulnerability, when the exploit is executed the vpnclient grants
administrative rights to the local user. More information and fix, update and
advisory for the mac os x cisco client.
Version 1.2 of SubRosa
Utilities has been released and can be downloaded directly here
This is the cross compatible encryption/decryption utility workable on
Mac OS, Mac OS X and Windows OS. When you delete files use their secure
SubRosa Utilities is the newest cross platform security encryption package
for Mac OS, Mac OS X and Windows 98. SubRosa Utilities is a suite of security programs to ensuring your data stays
secure. The package comes with a file encryption and decryption application, and a File Shredding program to ensure
when you say your files are deleted they are securely deleted making it hard to impossible for recovery. Check out SubRosa Utilities today, and download right away.
Microsoft Office 98 running on Mac OS 8.1+ is vulnerable to a
exploit that allows malicious code to be run. Microsoft has released a
that fixes all the Office 98 applications (Excel 98, Office 98,
PowerPoint 98, and Word 98) more information can be found on their bulletin
Apple has announced today that they will be dropping Mac OS 9
development saying it isnt dead for the customers just for development.
said it was time to drop Mac OS 9 at the WWDC today. What
does this mean for developers, Mac OS 9 is still more of a secure OS
than Mac OS X is. The session advised developers to develop for Mac OS X
rather than OS 9. Government agencies still wont use Mac
OS X in their
environment because of the issues still within it. Mac OS 9 - We hope
developers still do their development on it to create a even
more secure environment and Apple works on updating and making Mac OS X
secure as its previous systems. WWDC up to the minute coverage
On Guard 3.4 offers security
improvements to the desktop security software. Apple's Navigation Services and restricting the users ability to
store files in protected folders have been added in this version. For
update information, download links and a review of On Guard Read more
Mac OS X Update 10.1.4 is now available and includes the following
security enhancement for your system:
* BSD-based TCP/IP connections now check and block broadcast or
multicast IP destination addresses
The Software Update pane in System Preferences will update the system
software with these security fixes and additional updates
Alert! Unchecked Buffer in Internet
Explorer and Office for Mac Can Cause Code to Execute code. Anyone
running Internet Explorer and Office for the Macintosh should read the
Intego has released an update to their content filtering
software - ContentBarrier which can be
downloaded from the Intego
Software Update page.
Firewalk X 2 is a GUI based firewall for Mac OS X. The new version includes
setting of rules with expiration, and network restriction based on application. Download
Firewalk X 2
LockOut 4.1 for OS 8, 9 and LockOut 3.3 for OS X is a desktop protection application by
password. New in 4+ version is the Administration controls - Take a peak @ LockOut
Mac OS X Security update is available for download. To do so
open up the Software update in the System Panel and perform the
security update or download for Apples web
fixes/upgrades/installs the following:
groff updated version 1.17.2 to address the vulnerability CVE ID:
where an attacker could gain rights as the 'lp' user remotely.
mail_cmds is updated to fix a vulnerability where users could be added
to the mail group
OpenSSH - updated to version 3.1p1 to address the vulnerability reported
in FreeBSD Security Advisory FreeBSD-SA-02:13,
where an attacker could influence the contents of the memory.
PHP - updated to version 4.1.2 to address the vulnerability reported in
CA-2002-05, which could allow an intruder to execute arbitrary code
with the privileges of the web server.
rsync - updated to version 2.5.2 addresses a vulnerability which could
lead to corruption of the stack and possibly to execution of arbitrary
code as the root user. FreeBSD Security Advisory
sudo - updated to version 1.6.5p2 to address the vulnerability reported
in FreeBSD Security Advisory FreeBSD-SA-02:06,
where a local user may obtain superuser privileges.
Protect Your Mac from Hackers and
Viruses is a article which informs Macintosh users about security
and details the importances of data recovery and loss prevention. Read this article now
Mac OS X users running Apache with PHP installed be aware there
is a security issue in PHP versions prior to 4.1.2. OpenOSX.com has
prepared a 4.1.2 install
of PHP for Mac OS X which corrects the security issue..
TypeRecorder released version
1.5 of their keystroke saving application which runs under Mac OS 9+
adding new features to the program.
Mac OS X 10.1.3 has been released you can update with the built
in "Software Update" feature. Networking and Security Improvements
Login authentication support for LDAP and Active Directory
OpenSSH version 3.0.2p1
WebDAV support for Digest authentication
Mail includes support for SSL encryption
MacAnalysis 2.0b9 for classic and
2.1.4 for OS X has been released. This update for the security auditing
tools adds new functionality supporting the airport, adding new exploits
to the security sweep, auto updating and content filtering. MacAnalysis is available for Mac OS and Mac OS
Ettercap 0.6.4 just released
and tested with Darwin. Ettercap will sniff, intercept, and log data on
LAN networks, used by system administrators to find problematic
IPNetSentry 1.3.3 for the PPC has
been released fixing a few bugs in this Firewall software, not protected
yet from the outside world? Give IPNetSentry a try - It's shareware,
free download get more info
February 2002 virus definitions have been released. Update your
anti-virus software to protect you from the latest viruses, trojans and
macros. Find the links to download the newest definitions from the left
hand side of the web page.
MacAnalysis 2.1.3 X the security
auditing suite for Mac OS X has been released, this version fixing a bug
many users were running into and adds more improvements. Download
MacAnalysis X or the classic version here
Previous Macintosh Security News :
October 2001 - December 2001,March 2001 - Sept 2001 and Early 2001 Macintosh Security News