Update Java. Seriously, do it right now.

20120405-000044.jpg
Another Java privilege escalation exploit spotted in the wild. Trojans and web based java classes are already installing remote access tunnels into Macs across the globe. Apple finally updated their java binaries and you should too! Protect yourself! Just run Software Update from the Apple menu.

Apple Info:
http://support.apple.com/kb/HT5228

More info (including a AppleScript test for infection):
http://mashable.com/2012/04/05/mac-flashback-trojan-check/

Oh no, not again! Apple firewire exploit published!

Firewire Symbol
This is Deja Vu of an attack from years ago where RAM was accessed from the firewire buss.  This study published back in Sept 2011 (that i am late to discover) revisits this attack on Lion.  Security researchers from frameloss published the specifics on an attack and how to avoid it.  Learn how your password could be extracted from your computer’s memory via your firewire port.  Even when you thought it was locked!  Even with FileVault!

Mostly you must turn off fast user switching, and activate a feature that dumps the password for added security.   read all about it here. . .

http://www.frameloss.org/2011/09/18/firewire-attacks-against-mac-os-lion-filevault-2-encryption/#more-540

Mac Defender is annoying users trusting enough to type their passwords!

A bit of ransom-ware by the name of Mac Defender is exploiting a default setting in safari that will automatically launch any installer package that you download. It still requires the user to go through the steps of installing the software including entering their administrator password. Apparently this hasn’t prevented hundreds of users from installing the bogus software. It seems to do nothing but pop up ads and messages to lure the user to pay $79.99 to remove the infection. Easy, free removal instructions are available here. But let this be a lesson. Don’t type your password if you don’t know why it is asking for it. Don’t install things you didn’t know you downloaded.

Apple admits they make computers!

Apple, announced great new features for OS X! Like facetime and app store (maybe we’ll even get some real package management). Showed off iLife 11 and Mac OS 10.7 Tiger! Many features and software available Today! Tiger is slated for summer of 2011, but facetime beta and iLife 11 are available already. Lastly, new macbook air. Thinner and more solid then every! Also, amazing battery life. I’m looking forward to getting my hands on it.