Apple under attack: Flashback gives the flashbacks to sloppy security management from the company – Part 3

Monday, April 9th, 2012 6:12:51 by

“Wait until HTML5 becomes more ubiquitous for similar types of threat vulnerabilities, and you can have a botnet that runs in your browser,” Ferguson cautioned. “The more ubiquitous these platforms are, it won’t matter if it’s a mobile device or a computer. It it’s running Java or any other cross-platform technology, the threat is there.”

Steve Bono, principal security analyst for Independent Security Evaluators, says that it’s not the first time that Flashback has struck Mac machines. The malware first came in 2011 under the disguise of Flash Player installer, hence the name, notifying the users to install an update to the Flash Player. Oblivious to its true nature, users installed the software which in return surveiled the personal data on the web browsers.

“Flashback’s come back around a few times now,” said Bono. “It’s possible that these computers have been infected since the beginning — sometime last fall. These things go unpatched, and once a vulnerability is known, it can take months to make the patch.”

Moreover, it also came in disguise of antivirus software to intimate the users of the potential threats on their machines. However, what it detected and removed was a show to prove the point. The viruses it detected were its own generation and in addition, it asked permission for a full-paid version installation.

Apple, which declined to comment on the Flashback malware, announced plans to tighten up security in the next major version of Mac OS X, due for release this summer, with a feature called Gatekeeper. The new protection tool offers to keep users safe by requiring that developers register with Apple to have their applications signed and verified by Apple. Users can then choose whether they want to keep their computers from installing software that hasn’t been signed by a registered developer.

“The approach they’re taking is two-pronged: Gatekeeper to make you download stuff that has at least some checking for malicious code, and antivirus [XProtect] baked into the OS for when you happen to get hit,” Miller said. “On the grand scheme, they have the right ideas, they just haven’t been keeping up on things like they should.”

 

Tags: , , , , , , , , , , ,

Short URL: https://www.newspakistan.pk/?p=18434

Posted by on Apr 9 2012. Filed under Sci-Tech. You can follow any responses to this entry through the RSS 2.0. You can skip to the end and leave a response. Pinging is currently not allowed.

You must be logged in to post a comment Login

Join WishFree.com

Photo Gallery

Unique Auction UAE
Log in