OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Multiple vulnerabilities found in Mac OS X

Posted on June 17th, 2015 at 3:30 PM EST

A group of six researchers at several universities in the US and China published a paper last weekend revealing the details of several different vulnerabilities in Mac OS X. These vulnerabilities all provide ways for a malicious app to gain access to data from another app. Frighteningly, these vulnerabilities can be exploited from a Mac App Store app, and can even allow an attacker to gain access to keychain entries!
Read the rest of this entry »

26 Comments

Address bar spoofing vulnerability found

Posted on May 20th, 2015 at 2:19 PM EST

A proof-of-concept was released several days ago of an issue with some web browsers, including Safari, that could allow a phishing page to display the wrong address in the browser’s address bar. This is a potentially very serious issue, but fortunately there are some things you can do about it, if you’re aware of them.
Read the rest of this entry »

17 Comments

Serious MacKeeper vulnerability found

Posted on May 9th, 2015 at 7:21 AM EST

I have long advised against using MacKeeper for a variety of reasons (some of which can be found in Ongoing MacKeeper fraud). However, now there’s a new reason to avoid MacKeeper: it has been found to contain a serious vulnerability that can lead to remote code execution through the use of a malicious URL. In non-tech-speak, a hacker can create a link that will, if clicked, result in MacKeeper executing code embedded within the link! Such code could do things like wiping your hard drive clean, uploading data to a remote server, or downloading and installing malware.
Read the rest of this entry »

22 Comments

How serious is Thunderstrike?

Posted on January 19th, 2015 at 10:59 AM EST

A few weeks ago, Trammell Hudson demonstrated a way to permanently infect a Mac’s firmware using an exploit involving the Thunderbolt port on recent Macs. There has been a lot of very excellent information written about this, such as Rich Mogul’s Thunderstrike article in TidBITS. Although I can’t really provide any additional information, I can at least give readers my own perspective.
Read the rest of this entry »

28 Comments

Major iOS insecurity!

Posted on November 11th, 2014 at 7:32 AM EST

I don’t usually write about iOS security issues here, because, well, there aren’t any! Okay, maybe iOS isn’t really all that rosy, but it’s been pretty secure overall. Malware has existed for iOS for some time, but required jailbreaking the device (ie, hacking it to remove security and allow apps to be installed from sources other than the App Store). Unfortunately, that changed yesterday, as FireEye has announced a method they are calling the “Masque Attack” that can be used to install malware on iOS devices that have not been jailbroken.
Read the rest of this entry »

6 Comments

Should you worry about POODLE bites?

Posted on October 15th, 2014 at 7:38 AM EST

Yesterday, Google revealed a vulnerability that one of their researchers found in SSL3, a technology used to secure many network connections, including those used by secure websites. This bug – which is being called “POODLE” – could allow for an attacker to gain access to encrypted transmissions sent between the browser and a secure site. The question many Mac users will be asking this morning is: how much should we worry?
Read the rest of this entry »

19 Comments

What does the “Shellshock” bug affect?

Posted on September 25th, 2014 at 9:48 AM EST

The Internet’s tech news sites are awash in reports about the newly-discovered bug in the bash shell, now being called “Shellshock.” However, much of the coverage is either confusing for non-techies, or is misleading or even outright wrong. So what is this “Shellshock” thing, and what does it mean to you?
Read the rest of this entry »

38 Comments

Implications of celebrity photo iCloud hack

Posted on September 2nd, 2014 at 9:28 AM EST

If you haven’t seen it in the news yet, I’m sure you will soon: the hackers who obtained and published nude photos of a number of female celebrities allegedly got those photos by hacking the iCloud accounts of those celebs. It’s unclear at this time whether iCloud was actually involved or whether news media have noticed two separate stories and glued them together. In any case, though, an iCloud vulnerability was real, so how concerned do we need to be?
Read the rest of this entry »

17 Comments

Uninstall Adobe Shockwave immediately!

Posted on May 22nd, 2014 at 7:01 AM EST

Yesterday, Brian Krebs announced a shocking discovery: Adobe Shockwave Player includes an Adobe Flash Player component that has not received any security fixes since January 2013! This is a very serious security failure on Adobe’s part. I won’t be surprised if Apple blocks the current version of Shockwave, as they have done with vulnerable versions of Flash and Java in the past, but don’t wait for that to happen… remove Shockwave today!
Read the rest of this entry »

24 Comments

Adobe Flash Player security update released

Posted on April 29th, 2014 at 6:12 AM EST

Adobe has released an update to their Adobe Flash Player software, which evidently had a vulnerability that was actively being exploited on Windows. There is no indication that this was being exploited on Mac OS X, but since the vulnerability was present in Flash for Mac OS X as well, all Mac users who have Adobe Flash Player installed should immediately update.

Note that the only legitimate place to download Flash is from get.adobe.com/flashplayer, or by using Flash’s automatic update feature. Never install Flash by clicking a pop-up on a website that tells you Flash is outdated and needs to be updated!

9 Comments