Scammers exploit Apple iPad fever
Filed under: Software, Hacks, Odds and ends, Apple, Security
And now we're at the point in the iPad cycle where there's just enough information out there about it that people are interested, but not enough that they can discern credible information from scammers. That's the report of the BBC, which says that "hi-tech" scammers are using iPad-based searches to prey on users and install various types of "rogue security software." The news here isn't necessarily that scammers are out there scamming people (that happens all of the time), but it's that scammers are cashing in on the iPad frenzy to do so. Then again, that's probably not a huge surprise, either: they probably always latch onto whatever the hottest search topics are, and this past week, of course, it was the iPad.
In my own personal opinion, these fearmongering reports are the biggest scam of all. Even the BBC is only reporting this based on information from Symantec, and that's S.O.P. for the antivirus company: a) release a report that claims everyone is in danger and that viruses are everywhere, b) get some less-than-tech savvy journalist to believe it, and c) sell copies of your antivirus software and profit. In reality, if you click links only on trusted sites and keep an eye on everything coming in to your Mac, you don't need Symantec to tell you how to be safe. If you install "security software" that you happened to pick up while searching for iPad news, of all things, then you can't be surprised when your system gets compromised.Scammers exploit Apple iPad fever originally appeared on The Unofficial Apple Weblog (TUAW) on Mon, 01 Feb 2010 19:30:00 EST. Please see our terms for use of feeds.
Scammers exploit Apple iPad fever originally appeared on The Unofficial Apple Weblog (TUAW) on Mon, 01 Feb 2010 19:30:00 EST. Please see our terms for use of feeds.
Read | Permalink | Email this | Comments
Mac OS X ::
tuaw
Povezani zapisi:
08-31-2010 1:24
A vulnerability/backdoor in Apple Quicktime has been announced, and we are keeping an eye on it.
Cheers,
Adrien de Beaupr
EWA-Canada.com
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
ISC
08-27-2010 11:51
Apple je zakrpio brojne sigurnosne rupe u svom Mac OS X operativnom sistemu, uključujući i zakrpu za otkveni propust kod PDF i PNG fajlova koji bi hakeri mogli zloupotrebiti. Više detalja o Appole-ovom 84MB pokrivanju propusta možete pogledati na njihovom Security Advisory. Jedno je sigurno, a to je da Mac OS X korisnici bi trebali da preuzmu ovu zakrpu što pre. Sigurnosni Update 2010-005 može biti instaliran putem automatizovanog [...]
Vaš komentar
Naslovi
08-26-2010 10:30
Over the weekend, Microsoft issued a new security advisory which covered a vulnerability in how Windows handles DLL files. The attack scenario would go this way: a vulnerable application would be used to open a file.
The opened file can be a perfectly legitimate file; however the malicious file must be located in the same directory and given the same file name as a legitimate DLL file. When the vulnerable application loads, instead of calling the legitimate DLL file the malicious file is loaded instead.
This is because of errors in how Windows selects which DLL files to load, giving preference to libraries located in the same directory as the opened file instead of those in the correct system directories. Any code in the malicious file would be executed, causing a full-fledged problem for users.
These kinds of attacks–known as binary planting or DLL preloading–have been known for years. However, they were not much of a threat because the malicious file had to already be on the user’s system. Recently, however, independent researchers have found a way to exploit this attack remotely, via network shares. This resulted in Microsoft issuing the said advisory.
Popular applications like Firefox and Powerpoint are among those initially reported as affected by the vulnerability. However, more exploits for many other applications have been found, and reports on attacks actively exploiting the bug have been posted.
The existence of malware attacks actively leveraging on the said vulnerability may drive Microsoft to take more drastic action. Until a clear solution is given, users are strongly advised to be careful about files opened from network shares.
Enterprise users with certain Trend Micro products such as Deep Security and OfficeScan with Intrusion Defense Firewall (IDF) plug-in may download the latest rules to help protect themselves against this threat; these rules prevent DLLs from being loaded from remote shares.
Post from: TrendLabs | Malware Blog - by Trend Micro
New DLL Vulnerability Exploited in the Wild
trendmicro
08-25-2010 21:25
/* Exploit Title: Ettercap NG-0.7.3 DLL hijacking (wpcap.dll) Date: 25/08/2010 Author: Teo Manojlovic Tested on: Windows XP SP3 Vulnerable extensions: .pcap Compile and rename to wpcap.dll, create a file in the same dir .pcap extension and visit http://chaossecurity.wordpress.com/ */ http://www.exploit-db.com/exploits/14762/
chaossecurity
