Phishing, attack sites, and malware sites keep getting hotter, as the summer grinds on. Headlines since last time . . .
* Malware Affects Website of Aeronautical Parts Provider
* Mac, Windows Malware Campaign Targets Uyghur Activists
* New OS X Tibet malware variant surfaces
* 6 Ways Apple Is Polishing Mac Security
* New Apple Mac OS X malware spreading
* Cybercrime moves to the cloud
* 5 top Android malware
and more . . .
New OS X Tibet malware variant surfaces
Security company Kaspersky Labs has intercepted a new variant of the Tibet malware for OS X, which is being distributed to specific Uyghur activist groups as part of a seemingly politically motivated APT (advanced persistent threat) attack.
The malware is being distributed in e-mails to certain Uyghur Mac users, and is contained within a ZIP file called “matiriyal.zip.” If this file is opened it will reveal an image file and a text file that is a disguised OS X application that if run will install the malware. Once installed, the malware will connect to a command-and-control server based in China, and allow a remote attacker to issue local commands and access files.
Full story : CNET
Cybercrime moves to the cloud
Researchers say criminals are moving their malware heavy lifting from end user PCs to servers in the cloud.
The same flexibility and freedom companies get from having their software and services hosted in the cloud is enabling cybercriminals to conduct highly automated online banking theft — without doing much of the necessary information processing on their victims’ own computers.
Full story : CNET
New Apple Mac OS X malware spreading
A new backdoor malware is spreading and targeting computers running Apple Inc.’s Mac OS X platform, a computer security firm warned over the weekend.
Kaspersky Lab expert Costin Raiu said the new Mac OS X backdoor variant appears to be targeted at Uyghur activists. ”Perhaps it is no surprise that we are seeing an increase in the number of APT (advanced persistent threat) attacks against such high profile users using Macs,” he said in a blog post.
Full story : GMA News
Malware Affects Website of Aeronautical Parts Provider
According to researchers at Sophos the anti-virus vendor, a European manufacturing company for aeronautical parts had its website contaminated with an attack code, which exploited a yet-to-be patched vulnerability within Windows, resulting in the execution of malware on visitors’ PCs.
Specifically, when end-users accessed the website through Internet Explorer of Microsoft, the live attack-code characterized with a package of XML Core Services infected them on whichever Windows version they used. According to Sophos’ researchers, cyber-criminals installed the attack code on the website after initially performing hijack of its security.
Full story : SPAMfighter News
5 top Android malware
ophos, IT security and data protection firm has revealed the extent of malware targeting Android mobile phones, by analyzing detection statistics from its Sophos Mobile Security app.
The data has been taken from installations of the app on Android smart phones and tablets in 118 different countries around the world.
Full story : Times of India
Mac, Windows Malware Campaign Targets Uyghur Activists
According to Kaspersky, victims are being hit with an email laced with a new, mostly undetected version of the MaControl backdoor Trojan, which supports both i386 and PowerPC Macs.
The malware is hidden within a zip file that contains a JPG image and a Mac application. When the malware is executed, it installs itself in the system and connects to its command and control (C&C) server for instructions.
Full story : eWeek
6 Ways Apple Is Polishing Mac Security
Have you heard the Mac security boilerplate, courtesy of Apple? “A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers. That’s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part.”
In fact, that was Apple’s security-related marketing message, but only until earlier this month, when the company refreshed its “Why you’ll love a Mac” reasoning. The revision instead highlights how “built-in defenses in OS X keep you safe from unknowingly downloading malicious software on your Mac.”
Full story : InformationWeek
If you think you’re a victim, file a complaint with the
FBI Internet Crime Complaint Center : IC3.