Apple vulnerabilities in OS X, Spyware related Zero-Day, and in local iOS 10 backup.

Some of my friends and other people I talked thought Apple Mac OS X is secured against malicious attack, spyware and viruses. Well, that’s a bad expectation. If you don’t have any security software running on your MAC to protect your system, you simply don’t know that someone already infected your lovely machine.

I always and highly recommended to install anti-virus and anti-spyware to every workstation you own if you’re connecting to the Internet.

For the month of September 2016, we have the following vulnerabilities check them out.

Researchers at Palo Alto Networks have come across an OS X Trojan they believe has been used by a notorious Russia-linked cyber espionage group in attacks aimed at the aerospace industry.

The malware, dubbed “Komplex,” appears to have been developed by the threat actor known as Sofacy, Pawn Storm, APT28, Sednit, Fancy Bear and Tsar Team. The gang has been tied to numerous high-profile attacks, including ones aimed at the U.S. government and the country’s political parties, the German parliament, and the World Anti-Doping Agency (WADA).

According to Palo Alto Networks, Komplex attacks start with a binder component that deploys a decoy document, which is displayed with the Preview application in OS X, and the Trojan’s dropper. The dropper component is designed to drop and execute the main payload and ensure its persistence by configuring the system to launch it when OS X starts.

Once it infects a device, the malware establishes contact with its command and control (C&C) server and collects system information. The Trojan allows attackers to execute arbitrary commands and download additional files to the affected machine.

continue reading here.

Apple Patches Spyware-Related Zero-Days in OS X, Safari

Apple has released security updates for Mac OS X and Safari to patch zero-day vulnerabilities that were recently used to spy on individuals via iOS devices.

Called Trident, the flaws, namely CVE-2016-4655, CVE-2016-4656, and CVE-2016-4657, were discovered by Citizen Lab and Lookout researchers after they were being actively exploited by a piece of surveillance software called Pegasus. Developed and sold by an organization called NSO Group, the spyware was said to be employed by government agencies for surveillance purposes.

As it turns out, the three vulnerabilities weren’t affecting only iOS. Apple has now released a patch to resolve the CVE-2016-4655 and CVE-2016-4656 security flaws in OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6, and another to fix CVE-2016-4657 in Safari (for OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5).

The first two bugs affect the Kernel and could result in kernel memory being disclosed and in applications executing arbitrary code with kernel privileges. The third issue could lead to arbitrary code execution when the user visits a maliciously crafted website. Just as on iOS, improved memory handling and improved input sanitization addressed these bugs.

continue reading here.

and Apple Confirms Weakened Security in Local iOS 10 Backups

iOS 10 Allows for Brute Force Attacks of 6,000,000 Passwords Per Second to be Attempted on Local Backups

Apple admitted recently to an issue affecting the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC and said a fix would be included in an upcoming update.

Released mid-September, iOS 10 addressed a total of seven vulnerabilities, the most severe of which could be exploited by a man-in-the-middle (MitM) attacker to prevent a device from receiving updates. Because iOS 10 rendered some devices useless, Apple was quick to release iOS 10.0.1, which also included a new fix for one of the “Trident” security flaws patched last month.

The security weakness of local backups was discovered in iOS 10 backups by ElcomSoft, a company that specializes in password recovery tools. According to them, the bug introduced by Apple in iOS 10 makes local backups significantly more susceptible to brute-force attacks than those for previous operating system versions.

According to ElcomSoft, they were able to recover passwords from iOS 10 backups at speeds several thousand times faster when compared to recovering from password-protected iOS 9 backups. The changes that Apple introduced in iOS 10 for offline (iTunes) backups appear to be the root cause of the problem.

continue reading here.

Happy safe surfing. You’re hardworking admin.