OS X Mass Exploitation – Why Now?

Market share! It’s an easy answer, but not the only one. In 2011, Apple was estimated to account for over 5% of worldwide desktop/laptop market share. This barrier was a significant one to break – Linux maintains under 2% market share and Google ChromeOS even less. This 15 year peak coincided with the first exploration by the aggressive FakeAv/Rogueware market targeting Apple computers, which we discovered and posted in April 2012 and later in May 2011, which no longer seem to be such an odd coincidence. Also, the delay in Apple malware until now most likely was not because Apple exploits were unavailable, or because the Mac OS X system is especially hardened. Read Full Article

SOURCE Boston Security Conference and Training 2012 Day 2 – Dan Geer Keynote, Android Modding and Cloud Security

Dan Geer’s Keynote Speech kicked off Day 2 of SOURCE Conference Boston this morning. The talk itself was heady and complex, something to keep up with. Notable talks were Jeremey Westerman’s “Covering *aaS – Cloud Security Case Studies for SaaS, PaaS and IaaS”, and Dan Rosenberg’s “Android Modding for the Security Practitioner”.

Read Full Article

SabPub Mac OS X Backdoor: Java Exploits, Targeted Attacks and Possible APT link

we can confirm yet another Mac malware in the wild – Backdoor.OSX.SabPub.a being spread through Java exploits. This new threat is a custom OS X backdoor, which appears to have been designed for use in targeted attacks. After it is activated on an infected system, it connects to a remote website in typical C&C fashion to fetch instructions. The backdoor contains functionality to make screenshots of the user’s current session and execute commands on the infected machine. Read Full Article