AppleToday, Landon Fuller posted a proof-of-concept exploit for an unpatched vulnerability in the Java Runtime Environment currently in use by OS X. While this particular proof-of-concept is meant to be harmless, the vulnerability itself currently affects OS X, including OS X 10.5.7, the latest shipping version of OS X. This vulnerability could be exploited to perform “drive-by-downloads” commonly used as a means to infect computers with spyware, or any arbitrary command with the permissions of the executing user. All a user has to do is visit a web page hosting a malicious java applet to be exploited. Until Apple patches their implementation of Java, we recommend that users disable Java applets in their web browser.
May 19, 2009 •
2 min read
Mac OS XPosted: April 17th, 2009 The iServices Trojan Horse botnet first reported by SecureMac back in January has been activated. Users who have been infected are encouraged to download the iServices Trojan Horse Removal Tool, available for free at https://www.securemac.com/files/iServicesTrojanRemovalTool.dmg Read more about the botnet at…
April 17, 2009 •
1 min read
AppleSecureMac Advisory Posted: March 17th, 2009 Security Risk: Critical Just after the DNSChanger 2.0d variant was identified, another new variant of the DNSChanger Trojan Horse, DNSChanger 2.0e, has been discovered in the wild. The trojan horse arrives in a disk image (some samples are called…
March 2, 2009 •
3 min read
Mac OS XSecureMac has released a free tool to remove the iWorkServices Trojan Horse called iWorkServices Trojan Removal Tool. The trojan as reported by Intego (1/22/09) has been bundled with pirated copies of iWork 09.
January 23, 2009 •
1 min read
AppleSecureMac Security Bulletin Posted: December 17th, 2008 Security Risk: Critical Halloween marked the one-year anniversary since the DNSChanger Trojan Horse was discovered in the wild, and in that time it has grown to become the single most widespread piece of malware on OS X. In…
December 17, 2008 •
3 min read
AppleLas Vegas, Nevada – SecureMac.com, an information security company known for its cutting edge security solutions and security website for Apple Macintosh computers, is pleased to announce it will be attending MacWorld Expo at the Moscone Center in San Fransisco from January 6-9, where it…
December 5, 2008 •
3 min read
Mac OS XNew OS X Trojan Horse in the WildSecureMac Security Advisory Security Risk: Critical SecureMac has discovered multiple variants of a new Trojan horse in the wild that affects Mac OS X 10.4 and 10.5. The Trojan horse is currently being distributed from a hacker website,…
June 7, 2008 •
3 min read
Mac OS XNotes & Warnings Ability If FileVault is enabled on an account, access to that account’s Public folder and Sites folder will not be available to anyone else, regardless if the user is logged in or not. So, if that user wishes to serve a website…
November 16, 2003 •
5 min read
SecureMacby CodeSamurai of SecureMac.com Disclaimer & Warning Enabling the Open Firmware password protection feature is done so at your own risk; the author of this article and/or SecureMac will NOT be held accountable or responsible for whatever you do. Changes to Open Firmware that have…
June 2, 2001 •
4 min read