dipity

Created by iThreats on Jan 2, 2011

Last updated: 03/11/11 at 09:13 PM

• Rogue Antivirus Via Skype Phone Call?
  Mar 11, 2011

  Brian Krebs published an interesting blog post about Rogue Antivirus and the scams that offers "professional online repair service" plan for Mac and Windows users.
  http://krebsonsecurity.com/2011/03/rogue-antivirus-via-skype-phone-call/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+KrebsOnSecurity+%28Krebs+on+Security%29&utm_content=FeedBurner

• Safari/MacBook first to fall at Pwn2Own 2011
  Mar 9, 2011

  A team of security researchers from the French pen-testing firm VUPEN successfully exploited a zero-day flaw in Apple’s Safari browser to win this year’s Pwn2Own hacker challenge. VUPEN co-founder Chaouki Bekrar (right) lured a target MacBook to a specially rigged website and successfully launched a calculator on the compromised machine. The hijacked machine was running a fully patched version of Mac OS X (64-bit).
  http://www.zdnet.com/blog/security/safarimacbook-first-to-fall-at-pwn2own-2011/8358?

• CVE-2011-1073
  Feb 28, 2011

  crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and (2) perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on /tmp/crontab.XXXXXXXXXX temporary files.
  http://marc.info/?l=full-disclosure&m=129891323028897&w=2

• RAT 'BlackHole'
  Feb 25, 2011

  ‘BlackHole’ is the latest remote administration tool (RAT) and is available both in Windows and Mac. Hacktool such RAT employs client-server program that communicates to its victim’s machine through its trojan server. The server application is installed on the victim while the client application is on the managing side.

• CVE-2011-1059
  Feb 22, 2011

  Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557.

• CVE-2011-0600
  Feb 8, 2011

  -- Affected Vendors: Adobe -- Affected Products: Adobe Reader -- Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader on Mac OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
  http://packetstormsecurity.org/files/view/98289/ZDI-11-074.txt

• Apple iOS Push Notifications: Security Implications, Abuse Scenarios, and Countermeasures
  Feb 7, 2011

  Millions of iOS users and developers have come to rely on Apple’s Push Notification Service (APN). In this article, I will briefly introduce details of how APN works and present scenarios of how insecure implementations can be abused by malicious parties. Apple’s iOS allows some tasks to truly execute in the background when a user switches to another app (or goes back to the home screen), yet most apps will return and resume from a frozen state right where they left off. Apple’s implementation helps preserve battery life by providing the user the illusion that iOS allows for full-fledged multi-tasking between 3rd party apps.
  http://www.dhanjani.com/blog/2011/02/apple-ios-push-notifications-security-implications-abuse-scenarios-and-countermeasures.html

• Announcing Pwn2Own 2011
  Feb 3, 2011

  
  http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dvlabsblog+%28TippingPoint+DVLabs+Blog%29&utm_content=Google+Reader

• Mac Software Scam
  Jan 27, 2011

  EuroSoft 2011

• CVE-2011-0639
  Jan 24, 2011

  Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.

• Top 5 OS X Malware
  Jan 21, 2011

  As defined by malwarecity.com in Top 5 Malware for Mac OS X Users Should Know About: Jahlav RSPlug HellRTS OpinionSpy Boonana
  http://macviruscom.wordpress.com/2011/01/21/top-5-os-x-malware/

• Exploiting Jnanabot for Fun and Profit
  Jan 17, 2011

  
  http://www.symantec.com/connect/blogs/exploiting-jnanabot-fun-and-profit

• Backdoor 'Starfield'
  Jan 14, 2011

  Starfield is a bundle of unwanted application, component and internet plugin usually distributed and discreetly installed by tool offered by GoDaddy network.

• CVE-2010-4013
  Jan 10, 2011

  Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to interaction between Software Update and distribution scripts.

• Mac App Store Cracked Open for Piracy
  Jan 6, 2011

  After the release of the Mac AppStore, Logan of Appinsect has devised a new way of cracking Mac store applications. Interestingly, the method does not use KickBack or Hackulous’s Installous 4.0. The method only replaces the signature files from free apps into the paid apps. Follow the simple steps below to install cracked apps on your Mac.
  http://www.gadgetsdna.com/how-to-install-cracked-apps-on-mac/7840/