SecurityAs 2018 continues, so does the flood of new stories, threats, and developments in the security world. Just recently, we reached into the grab bag to take a quick look at a variety of different stories; this week, we’re going back again to pull out a mixture of the most prominent topics making a splash in the headlines over the past couple of weeks. From the consequences of tracking your exercise with an app to the pitfalls of perfectly proper grammar, we’ve got a lot of ground to cover in today’s show
February 22, 2018 •
17 min read
SecurityA key piece of Apple’s iPhone source code may be out in the wild.
On February 7, someone posted something called “iBoot” on GitHub. GitHub is a popular site for sharing computer code. This time, though, it appears the code in question was not the user’s to share. Instead, “iBoot” is said to be the source code for a crucial iPhone boot process. The leak has the potential to jeopardize the security of the iPhone going forward.
According to a report on the leak from Motherboard, iBoot is the …
February 20, 2018 •
3 min read
SecurityWay back in 2007, Apple released the iPhone and changed the world overnight by putting the power of an iPod, a phone, and the Internet right in our pockets. The iPhone quickly relegated the iPod to the annals of history, and for better or worse, it all but killed the wristwatch too. Then Apple decided it was time to bring the watch back to life — and thus, the Apple Watch was born.
February 15, 2018 •
13 min read
SecurityKeeping the software on your Mac up to date is essential, particularly because it can help to keep you safe from new threats and vulnerabilities. We’ve seen the emergence of a new type of malware that’s hitting Mac users through a service used to streamline the updating process, MacUpdate. A popular site for many years, MacUpdate acts like a “one stop shop” for software updates, allowing users to grab updated copies of their favorite software quickly. Unfortunately, it looks like several apps on the site were compromised and pushed malware …
February 12, 2018 •
3 min read
SecuritySpectres, Meltdowns, and an endless parade of patches — 2018’s already off to quite a start, and it can all be just a little overwhelming. This week, we’re pulling back to the bigger picture and reaching into the grab bag for a Mix & Match episode as we cover a slew of stories from this past month!
February 8, 2018 •
20 min read
Securityalso known as BitCoinMiner, CoinMiner, Miner
Type:
Trojan Horse
Platform:
Mac OS X
Last updated:
02/02/18 9:51 pm
Threat Level:
High
Description
CreativeUpdate is a Trojan horse that mines cryptocurrency. It was discovered in 2018 on the popular Mac app distribution platform MacUpdate, masquerading as the macOS utilities Deeper and OnyX, as well as an illegitimate version of Firefox. It should be noted that the developers of Deeper, OnyX, and, of course, Firefox, have nothing to do with the malware: CreativeUpdate’s authors designed their Trojan to impersonate these apps, and then circumvented the security checks at MacUpdate in order to …
February 2, 2018 •
2 min read
SecurityAlongside Apple’s recent updates to macOS Sierra and OS X El Capitan to address the Spectre and Meltdown vulnerabilities, the final week of January also saw the release of a variety of other incremental updates for most of Apple’s products. Typically, Apple does not disclose detailed descriptions of the security vulnerabilities they fix in these updates, preferring to speak in vague terms to avoid exposing attack vectors that are still open on un-patched systems. However, we do know a little about what went into some of these updates besides …
February 2, 2018 •
2 min read
SecurityType:
Spyware
Platform:
Mac OS X
Last updated:
02/01/18 10:47 pm
Threat Level:
High
Description
CrossRAT is cross-platform spyware that can be deployed on Windows, Linux, and macOS. First discovered in 2018, CrossRAT is attributed to the Dark Caracal APT group, which is thought to have links to a Lebanese government intelligence agency, and is part of a larger cyber-espionage campaign that has been carried out on a global scale since 2012.
The spyware is coded in the Java programming language, and when executed on macOS attempts to write itself to the system as a .jar Java package file. CrossRAT …
February 1, 2018 •
2 min read
Security
-
-
- Last updated:
- 02/01/18 11:04 pm
-
Description
MaMi is malware that changes DNS settings.
MaMi Threat Removal
MacScan can detect and remove MaMi Malware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
Download MacScan
February 1, 2018 •
1 min read
SecurityYour iPhone is secure, right? That’s the general impression, anyway — and it’s certainly an impression Apple has worked hard to maintain over the years. It’s easy enough to call it secure, but what is in place to keep you safe? What does Apple do to protect its users day after day, and do we ever need to go beyond the “out of box” security experience? On today’s edition of The Checklist, we’re talking about the overall security features you’ll find in iOS, whether you’re an iPhone or an iPad user
February 1, 2018 •
17 min read
SecurityOn today’s edition of The Checklist, we’re tackling the complex topics of Spectre and Meltdown, arguably two of the biggest and most far-reaching security vulnerabilities we’ve ever seen. Among those impacted are everyone from iOS and macOS users to Windows machines and just about anything powered by an Intel processor around the world!
January 25, 2018 •
16 min read
Security MacScan 3
Malware authors are targeting macOS with increasing frequency, and although there is more Mac malware activity now than ever before, many users still go unprotected against these threats. MacScan protects you from malware adding much needed security and privacy.
Requires macOS 10.9 or higher and an active internet connection for monthly updates.
Number of Computers
1 Computer
3 Computers
Subscription length
1 Year
2 Years
$49.99
Purchase
PrivacyScan
Protect your online and offline privacy by shredding files that can be used to track your web browsing and computer usage with PrivacyScan for macOS.
Requires macOS 10.7 or higher.
Number of Computers
1 Computer
5 …
January 19, 2018 •
1 min read
SecurityLast week, we brought you Part One of our 2017 Security Year in Review. This week, we’ll wrap that up with Part Two! If you didn’t get a chance to check out Part One yet, the episode and its accompanying show notes are available right here in our archives. In it, you’ll find out about the highlights of the past year in both iOS and macOS security, including all the information you need to know about what the bad guys were up to in 2017. This week, we’re pulling back …
January 18, 2018 •
15 min read
SecurityFor this, Episode 71 of The Checklist, we sat down during the first week of January 2018 to put a magnifying glass over the year that just ended. For part one of our discussion, we’re taking an in-depth look at the biggest security issues that affected macOS and iOS in 2017. With so many things going on — and there were quite a lot — it can be tough to remember all the details. To start our recap, we’ll go all the way back to this time one year ago: the beginning of January.
January 11, 2018 •
13 min read
SecurityApple has confirmed that a pair of critical security vulnerabilities uncovered by security researchers late in 2017, and now filtering out into media reports, does affect “all Mac systems and iOS devices.” These bugs, dubbed Meltdown and Spectre, affect the clear majority of computers and a vast number of mobile devices, regardless of make, model, or manufacturer. Though tricky to exploit, these bugs could allow an attacker untraceable access to a wide variety of user data.
By exploiting a weakness in an advanced function within the processor, Meltdown allows …
January 8, 2018 •
1 min read
SecurityFor more than a year, we’ve been taking a little time every week here at The Checklist to bring you a podcast focused on and around the security of the Mac, iOS devices, and the Apple platform in general. We all know that was silly, though — after all, there aren’t any major security problems with Apple, right?
There is no such thing as 100% safe & secure, although it has indeed been the case that Apple systems experience fewer major vulnerabilities and problems than their counterparts, generally speaking. …
January 4, 2018 •
13 min read
Securityalso known as BitCoinMiner, CoinMiner
Type:
Trojan Horse
Platform:
Mac OS X
Last updated:
01/02/18 11:56 pm
Threat Level:
High
Description
CpuMeaner is a Trojan horse. It comes disguised as a pirated software application, meaning that a victim would have to attempt to illegally download a pirated app in order to be infected by CpuMeaner. Once installed, the Trojan writes to the LaunchAgent directory in order to achieve persistence on the system (the ability to survive reboots). The malware then runs a custom version of XMRig, an open source program designed to mine the cryptocurrency Monero, and sets up a …
January 2, 2018 •
2 min read
Securityalso known as Backdoor.OSX.OceanLotus.a
-
-
- Last updated:
- 02/13/23 7:56 pm
-
Description
OceanLotus is a trojan horse.
OceanLotus Threat Removal
MacScan can detect and remove OceanLotus Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
Download MacScan
January 2, 2018 •
1 min read
SecurityIn Episode 68, we spent some time talking about all the ways the bad guys can try to target the elderly online and over the phone. This week, we’re running all the way down to the other end of the age spectrum to look at the ways troublesome bad actors might target your kids. We’ll also discuss how these nefarious rogues may set their sights on your children as a way to target you, the parent, as their endgame.
December 28, 2017 •
17 min read
SecurityAs we went into Thanksgiving a few weeks ago, we urged you to have some proactive talks with your family about how to stay safe while using their computers, especially on the Internet. We also covered how you could take action to lay the groundwork to make sure everything stays in good working order. Now, as we head deeper into the holidays, we’d like to ask our listeners to keep an ear out as we return home once more to spend time with our extended families.
Previously, our discussions …
December 21, 2017 •
15 min read