Think your Mac’s safe now that you’ve removed that Flashback infection? Think again. New research conducted by security specialists Sophos has revealed a “disturbingly high level” of Macs are currently carrying malware, though much of it is designed to attack Windows machines.
Of the 100,000 Macs that Sophos analyzed, one in five was found to be carrying Windows malware, while one in 36 was carrying malware designed for and dangerous to Mac OS X.
The Flashback saga has yet to reach its end, as a recent report debunks earlier claims that the number of infected Macs had fallen from 600,000 to 140,000 over a matter of a few days. Apple released a security tool to combat Flashback last week, and Norton Symantec reported that the number of infected machines had fallen to 140,000 shortly after. That number has been proven to be inaccurate.
In an interesting turn of events, the original Flashback whistleblower, Russian security firm Dr. Web, has revealed that around 650,000 Macs are still infected with the notorious trojan. Not only are there many Macs connected to the botnet that were previously unaccounted for, but more OS X computers are added every day.
With the number of Flashback-infected Macs dwindling more each day and Apple’s release of software updates that can both clean an infected Mac and prevent infection or reinfection, it’s easy for IT departments and individual Mac users to think that the crisis has passed. That doesn’t mean that it’s time to forget about the issue of malware targeting Macs, however. In fact, the entire event has been a wakeup call to IT and security professionals as well as to the wider Mac community – Macs are not invincible.
When reflecting on the Flashback events of the past couple of weeks, there are five major themes or lessons for businesses and IT department to consider when it comes to supporting Macs going forward.
A few years back Seattle Rex had gone all out on a 17” MacBook Pro – spending approximately $4,500 on the then top-of-the-line machine ($5,100 including AppleCare). The particular MacBook Pro he bought turned out to be defective. The laptop’s Nvidia graphics processor started displaying symptoms of the defect shortly after his AppleCare expired. A few days later the laptop died completely – it wouldn’t even start up. At the time Rex’s laptop broke down the defect was a known and well-documented issue. Apple had even issued a tech note and was replacing defective models as they failed.
There have been rumors circulating for some time about Google releasing its own cloud storage service. According to reports, the service is on the verge of release a launch expected next week. Google’s service will enter a crowded market of cloud providers that includes Apple’s iCloud, Box with its new OneCloud feature, and the popular Dropbox.
Public cloud services like these tend to concern business and IT leaders because of the ease with which data migrates out of the office when they’re widely used. A Google service is likely to engender even more privacy and confidentiality issues on the part of businesses – and for good reasons that should concern anyone considering using it.
Almost every cloud storage service on the Internet operates using a freemium model. Anyone who signs up gets a certain amount of storage for free. When someone uses up all their free storage, they can add more for a fee. Cloud providers usually layer on a few extra features for paid customers like the ability to stream audio files or the ability to restore deleted files or older versions of documents. Just like most companies now, they to outsource the support process making it easy for clients to resolve issues easily. Netzen is a company that provides IT support to businesses in the UK, consider checking them out if you need help with your IT.
With so many free options, however, it can be tempting to use multiple services simultaneously. Add files to a free Dropbox account up till the free 2GB, then create an account with Box for the next 5GB (Box’s free limit), then create a SugarSync account and on and on.
This approach, known as cloud squatting, effectively nets users unlimited free storage so long as they’re willing to play an ongoing game of musical chairs with their data. iOS and other mobile apps that can access and edit files across different services make it surprisingly easy for users to become cloud squatters – and it’s surprisingly difficult for a business or IT department to prevent or deal with cloud squatting employees.
Many of us feel a deep personal connection with our iPhones, and small wonder: the average person’s smartphone knows more about them than their spouse or significant other. Our iPhones hold our contacts, photos, videos, music, banking data, texts, emails, voicemails, web logins, apps and more. We use our phones to pay our bills, send texts to our girlfriends, check-in to our favorite club, play games with friends, and much more besides.
That makes our iOS devices a juicy target for tracking, and what most people aren’t aware of is that, historically, Apple has made it very easy to anyone to tell what you do with your iPhone. It’s called a Unique Device Identifier or UDID. Every iOS device has one, and using it, third-parties have been able to put together vast databases tracking almost everything you do with your iPhone, iPod touch or iPad.
The good news for privacy advocates is that the days of UDID are numbered. Following the recent stink the U.S. Congress raised over how iOS apps handle a user’s personal information without permission, Apple has given an ultimatum to third-party App Store developers: either stop tracking UDIDs or get kicked out of the App Store. Now ad networks and developers are scrambling to agree on a way to track your device in the future.
But are these replacements any good, or do they pose even bigger privacy concerns than UDIDs did?
Thursby last week released ADmitMac PKI 4. The release is a specialized version of the company’s ADMit Mac software that focuses two factor authentication. The solution is largely aimed at government customers and regulated industries like healthcare where data security is paramount.
Thursby’s ADMitMac is an Active Directory integration solution that offers several features beyond the built-in Active Directory support that Apple provides in OS X. It offers Mac management capabilities, improved browsing of Windows network resources including Microsoft’s distribute file system, and a number of other administrative tools.
Mobile technology is playing an ever bigger role in the workplace. According to a recent study by IT training and certification giant CompTIA, 84% of knowledge workers use an iPhone or other smartphone for at least some work tasks on a daily basis – unsurprisingly email and using web-based services ranked as the most common and universal uses.
Despite that level of use, the survey – which didn’t break out numbers for corporate-owned versus employee-owned devices – found that only 22% of businesses have an official policy regarding the use of mobile technology. An additional 20% indicated that they are exploring options for mobility policies but haven’t yet completed them.
Apple has just released an update to Java for OS X that effectively removes any traces of the notorious Flashback trojan from an infected system. The update can be downloaded now in Software Update on all Macs running Snow Leopard through Mountain Lion.
Got a little corner of your property that you’d like to keep a closer eye on? Or are you just concerned that the babysitter is not shaking your kids hard enough when they start acting up? Then what you need is the Dropcam HD, a Wi-Fi video camera designed for remote monitoring.
Stolen phones could soon be a thing of the past thanks to a collaboration between the U.S government and the four biggest mobile carriers. The new scheme will use a central database of stolen handsets, and the carriers will use this to block their reactivation.
The idea is that it will reduce cellphone theft by making stolen phones virtually useless.
OpenDNS, the DNS provider of choice to the discerning and paranoid, is blocking the Flashback Trojan. Once it has infected your Mac, Flashback attempts to “call home” to a server to receive further instructions.
Apple has said that its working on a tool to end the notorious Flashback botnet once and for all, but there’s still the remotest chance you could get infected. Keep in mind that only around 600,000 Macs have fallen prey to Flashback, and that number is a tiny fraction of the millions of Mac users around the world. Most of the machines that have been infected already are centralized in North America.
Your Mac is completely up to date and you’ve already checked to see if you’re infected by the Flashback trojan. If everything is squared away and you’re not infected already, here’s how to ensure there is zero chance you’ll get infected while you wait for Apple to save the day.
A Mac trojan called Flashback resurfaced in the news over the last week or so after it was revealed that 600,000+ Macs were infected by the nefarious botnet. We’ve showed you how to see if you’re infected by Flashback, and Apple has released two updates already to patch the malware.
Apple is about to get into the antivirus business, as the company has said that it is working its own tool for you to detect and remove Flashback once and for all. The folks in Cupertino will also be working with ISPs around the globe to hunt down the source of this botnet and kill it at the root.
The after effects of the Flashback Trojan are going to be felt for a long time to come. Although there’s been the occasional Mac malware announcement over the past few years, none was ever found to be rampant in the wilds of the Internet. Most were easily avoided by Apple’s basic security elements or by simple user actions like telling Safari not to immediately open so-called “safe” files after downloading them.
As a result, the Flashback Trojan caught a lot of people off guard – including individual Mac owners and some IT professionals who ought to have known better. It also highlighted deficiencies on the part of Apple when it comes to security.
One of the mobile news items this week was the discovery by developer Gareth Wright of a vulnerability in the Facebook apps for both iOS and Android. At issue in the iOS version of the Facebook app is the fact that a user’s login data is stored in a clear text .plist file. Copying that file to another device will allow full access to a person’s Facebook account.
Facebook was quick to point out that this file could only be copied directly from an iOS device if the device had previously been jailbroken. Wright responded by saying that the portion of the iOS file system where the data is located can be accessed by connecting any iOS device (jailbroken or not) to a Mac or PC running iTunes and creating a backup. With the right tools, its fairly easy to search an iOS device backup or even the filesystem on a connected device.
This brings up an important issue for businesses deploying iOS devices or operating a BYOD program – iOS backups made through iTunes can be an attack vector to retrieve business data.
A security researcher has discovered a serious flaw with the Facebook and Dropbox apps for both Android and iOS that puts all of your sensitive personal data at risk.
Anyone with access to your device can use a free piece of software that’s easily available on the internet to retrieve an unencrypted, plain text file from your device that provides access to your entire account — without requiring a jailbreak.
A new set of attacks have made their way on the scene, causing a new set of problems for Mac users who once though they were safe from viruses. As most of you know, most Mac users currently don’t have an antivirus program installed, which causes problems if their Mac becomes over taken with a virus. Historically, Windows has been plagued with viruses, and OS X has been thought to be virtually safe, but today, a security expert warns Mac users of new viruses.
Social network Path came under great scrutiny after it was discovered that the app would upload a user’s entire address book to Path’s servers. The worst part, for iOS users at least, was Path never let them know. After a public apology, Path worked diligently to remedy the issue and came up with a few enhancements to the way they handle user privacy. Today, Path has rolled out an update to both its Android and iOS apps reflecting the changes and assuring users that they take their privacy seriously (or at least now they do).
When Cliff Weitzman emailed me about his Black SMS iPhone app, I was impressed by the pitch alone. An App Store app that encrypts text messages and emails between iPhones and iPads? Sign me up!
Black SMS accomplishes a task that I haven’t seen anything from the App Store come close to replicating. It does indeed encrypt your texts and emails so that they are unreadable without the Black SMS app and an associated password. CIA agents and paranoid boyfriends should take notice of this one.
We’ve already seen some pretty crazy uses of the iPad and iPhone in spy movies, but it looks like iOS is getting an official nod of approval as a mobile operating system worthy to be used in spy games. The Australian government just approved iPhones and iPads to be used for the storing and sharing of classified documents, meaning Ethan Hunt wannabes Down Under can look even more bad ass in their espionage attempts.
The costs of not complying with HIPAA (the 1996 Health Insurance Portability and Accountability Act), which includes self-reporting of data breaches, can be steep. Blue Cross Blue Shield of Tennessee recently finalized a settlement with the Department of Health and Human Services for $1.5 million for a recent breach (on top of a $17 million price tag for the investigation and remediation actions). HHS seems to be making a a show of high profile enforcement as a way to encourage better compliance among smaller organizations, including hospitals and individual medical practices.
This raises the question of whether or not using the iPad in healthcare increases the risk of privacy violations. If so, will a show of force on the part of HHS dampen the enthusiasm for the iPad in healthcare?
One of the big fears CIOs and IT staffers have about the consumerization of IT and BYOD trends is that mobile devices like the iPad and iPhone combined with personal cloud services like iCloud, Google Docs, and Dropbox make it very easy for confidential business data to leave the office and the company network.While this is a definite fear for IT staff, how do most knowledge workers view the risk and the consequences of such so-called data sprawl?
According to a recent study, four out of five workers rank removing confidential data from the office as an offense that should get a person fired and yet 90% believe that it happens on a regular basis.