Tag Archives: apple

Apple Update Targets Mac Malware

May 31, 2011

Apple released a security update today designed to address the recent scourge of scareware targeting Mac users. The update comes as security experts spotted new versions of the rogue application family MacDefender making the rounds via poisoned links on Facebook.

Security Update 2011-003, available for Mac OS X v. 10.6.7 and Mac OS X Server v. 10.6.7, includes a component that checks for the MacDefender malware and its known variants. In its most recent advisory, Apple states: “If MacDefender scareware is found, the system will quit this malware, delete any persistent files, and correct any modifications made to configuration or login files. After MacDefender is identified and removed, the message below will be displayed the next time an administrator account logs in.”

ChronoPay Fueling Mac Scareware Scams

May 27, 2011

47 Comments

Some of the recent scams that used bogus security alerts in a bid to frighten Mac users into purchasing worthless security software appear to have been the brainchild of ChronoPay, Russia’s largest online payment processor and something of a pioneer in the rogue anti-virus business.

Since the beginning of May, security firms have been warning Apple users to be aware of new scareware threats like MacDefender and Mac Security. The attacks began on May 2, spreading through poisoned Google Image Search results. Initially, these attacks required users to provide their passwords to install the rogue programs, but recent variants do not, according to Mac security vendor Intego.

A few days after the first attacks surfaced, experienced Mac users on an Apple support forums began reporting that new strains of the Mac malware were directing users to pay for the software via a domain called mac-defence.com. Others spotted fake Mac security software coming from macbookprotection.com. When I first took a look at the registration records for those domains, I was unsurprised to find the distinct fingerprint of ChronoPay, a Russian payment processor that I have written about time and again as the source of bogus security software.

Test Your Browser’s Patch Status

March 30, 2011

40 Comments

With new security updates from vendors like Adobe, Apple and Java coming out on a near-monthly basis, keeping your Web browser patched against the latest threats can be an arduous, worrisome chore. But a new browser plug-in from security firm Qualys makes it quick and painless to find and patch outdated browser components.

Patch Tuesday, Etc.

March 8, 2011

35 Comments

Microsoft has issued security updates to fix at least four security holes in its Windows operating system and other software. Not exactly a fat Patch Tuesday from Microsoft, but depending on how agile you are in updating third-party applications like Flash, iTunes and Shockwave, you may have some additional patching to do.

Apple QuickTime Patch Fixes 15 Flaws

December 9, 2010

11 Comments

Apple this week issued an update that plugs at least 15 security holes in its QuickTime media player.

OS X Patch Catch-Up

November 15, 2010

10 Comments

Apple recently released a massive update to address at least 130 security vulnerabilities in Mac OS X systems, including a monster patch that fixes 55 flaws in Adobe Flash Player. The seventh major update to OS X this year includes… Read More »

Adobe, Apple Issue Security Updates

August 25, 2010

9 Comments

Adobe and Apple have released security updates or alerts in the past 24 hours. Adobe has pushed out a critical patch that fixes at least 20 vulnerabilities in its Shockwave Player, while Apple issued updates to correct 13 flaws in Mac OS X systems.

Apple Patch Catchup

August 18, 2010

18 Comments

I’ve fallen a bit behind on blog posts about notable security updates (I was counting on August to be the slowest month this year, but so far it’s actually been the busiest!). Recently, Apple released a series of important patches that I haven’t covered here, so it’s probably easiest to mention them in all in one fell swoop.

Foxit Fix for “Jailbreak” PDF Flaw

August 8, 2010

16 Comments

One of the more interesting developments over the past week has been the debut of jailbreakme.com, a Web site that allows Apple customers to jailbreak their devices merely by visiting the site with their iPhone, iPad or iTouch. Researchers soon… Read More »

Top Apps Largely Forgo Windows Security Protections

July 1, 2010

36 Comments

Many of the most widely used third-party software applications for Microsoft Windows do not take advantage of two major lines of defense built into the operating system that can help block attacks from hackers and viruses, according to research released today.