We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Java now installing adware

Posted on March 4th, 2015 at 11:34 AM EST

Rich Trouton, a Mac systems administrator who runs the Der Flounder blog, discovered yesterday that a Java installer is installing adware, in the form of the Ask Toolbar. (He first wrote about it on JAMF Nation, but has published additional information in his Der Flounder post today.) Fortunately, in the course of trying to duplicate his findings, it appears that this installer is a bit finicky, and may not always install the toolbar properly.
Read the rest of this entry »


Another Tibet variant appears

Posted on September 10th, 2013 at 2:47 PM EDT

It has been a little more than a year since the last new variant of the Tibet malware was discovered, but today, Intego reported that a fourth variant has been found. They are calling this new variant OSX/Tibet.D. There are a few important lessons we can learn from this malware.
Read the rest of this entry »


Major Java update brings 40 bug fixes

Posted on June 18th, 2013 at 8:43 PM EDT

This still doesn’t change my opinion that Java needs to be avoided. These fixes came after almost two months of vulnerability, and Java has had a recent history of becoming vulnerable again within days of each fix. We’ll see how things fall out at this point, but I don’t have high hopes. If you have to use Java in your web browser, though, you should not delay installing this update. Be cautious, though, as some Java applets may not function well (or at all) with the update, so check compatibility beforehand. Of course, that may leave you in the unenviable position of having to choose between staying vulnerable and losing access to the applet that you need Java for in the first place.


Important security updates

Posted on March 15th, 2013 at 10:02 AM EDT

Apple posted a couple updates yesterday with some very important security content, and I advise updating as soon as you can. Both Mac OS X 10.8.3 and Security Update 2013-001, available for both Snow Leopard and Lion, contain a number of important security updates. However, one in particular is likely to cause the hair to stand up on the back of the neck of anyone who has been following the saga of Java’s recent descent into vulnerability perdition.
Read the rest of this entry »


Java falls three times at Pwn2Own

Posted on March 7th, 2013 at 5:12 PM EST

Every year, at the CanSecWest security conference, an infamous competition is held, called Pwn2Own. The basic idea of the contest is to “pwn,” or hack, different web browsers or technologies. Hacks must involve previously unknown vulnerabilities, and winners not only get a sizable cash prize, but they also win the computer that they hacked (thus the “Pwn2Own” name).
Read the rest of this entry »


Another hole in Java

Posted on March 1st, 2013 at 6:07 PM EST

According to ThreatPost, yet another new Java vulnerability has been discovered. Do I really have to say what I’ve said a thousand times before? Nah, there are only so many times one can beat a dead horse. Disable Java in your web browser, or it’s probably only a matter of time before you get infected with something.


New Minecraft password-stealing trojan

Posted on March 1st, 2013 at 4:46 PM EST

Minecraft has been targeted by malware before (see Cross-platform malware Jacksbot found in the wild), and with Minecraft and Minecraft modifications continuing to be popular, it’s no surprise that it has happened again. Intego announced today the discovery of a new trojan that it has named Minesteal.
Read the rest of this entry »


Java is vulnerable… Again?!

Posted on February 25th, 2013 at 10:37 AM EST

Once again, Java is in the news after new vulnerabilities have been found. Adam Gowdiak, of Security Explorations, has reported to Softpedia the discovery of two new issues in Java. These issues can, when used together, allow an attacker to once again bypass the Java sandbox altogether and gain access to the user’s machine through a malicious Java applet embedded in a web site.
Read the rest of this entry »


Mysterious new malware takes down multiple companies

Posted on February 19th, 2013 at 5:47 PM EST

This has been quite an interesting month in security news. Multiple major companies have been hacked, including Apple themselves, and there are rumors of yet another new bit of malware for the Mac. Yet all is still rather unclear. Is this all related? It’s probably too soon to say for sure, but I am guessing that it may be.
Read the rest of this entry »


Two more Java vulnerabilities found

Posted on January 20th, 2013 at 9:31 AM EST

Security researcher Adam Gowdiak has announced the discovery of two more vulnerabilities affecting the latest version of Java (Java 7 update 11). These are completely separate vulnerabilities from the still not yet fully repaired bug that caused the vulnerability prompting the latest Java update. Of course, it’s not exactly news, at this point, that Java is full of holes that hackers love to exploit. So why am I continuing to beat a dead horse? Primarily, because I continue to hear people dismiss concerns about Java’s security. Java is a sinking ship, folks… you can either hop in a lifeboat and get away or go down with the ship. The choice is yours.