BOSTON (Reuters) – Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday.
mac hacker – read more
Startup AttackIQ can run attack scenarios against live networks to see whether the defenses customers think are in place are actually doing their job.
The platform, called FireDrill, consists of an agent that is deployed on representative endpoints, and a server that stores attack scenarios and gathers data.
The platform’s function is similar to that of another startup SafeBreach. Both companies differ from penetration testing in that they continuously test networks whereas a pen test gives a snapshot in time with large gaps between each snapshot.
To read this article in full or to leave a comment, please click here
A fresh analysis of documents disclosed by former U.S. intelligence contractor Edward Snowden shows that AT&T has been a much closer and eager partner for the National Security Agency’s Internet spying activities than was previously known.
AT&T has been by far the most critical telecom player in the NSA’s surveillance efforts and its willing participation in mass spying on both foreign and U.S. citizens has apparently been crucial in helping the U.S. agency take advantage of bulk record collection laws, according to a joint report in ProPublica and the New York Times.
To read this article in full or to leave a comment, please click here
Securing Macs against stealthy malware infections could get more complicated thanks to a new proof-of-concept exploit that allows attackers with brief physical access to covertly replace the firmware of most machines built since 2011.
Once installed, the bootkit—that is, malware that replaces the firmware that is normally used to boot Macs—can control the system from the very first instruction. That allows the malware to bypass firmware passwords, passwords users enter to decrypt hard drives and to preinstall backdoors in the operating system before it starts running. Because it’s independent of the operating system and hard drive, it will survive both reformatting and OS reinstallation. And since it replaces the digital signature Apple uses to ensure only authorized firmware runs on Macs, there are few viable ways to disinfect infected boot systems. The proof-of-concept is the first of its kind on the OS X platform. While there are no known instances of bootkits for OS X in the wild, there is currently no way to detect them, either.
The malware has been dubbed Thunderstrike, because it spreads through maliciously modified peripheral devices that connect to a Mac’s Thunderbolt interface. When plugged into a Mac that’s in the process of booting up, the device injects what’s known as an Option ROM into the extensible firmware interface (EFI), the firmware responsible for starting a Mac’s system management mode and enabling other low-level functions before loading the OS. The Option ROM replaces the RSA encryption key Macs use to ensure only authorized firmware is installed. From there, the Thunderbolt device can install malicious firmware that can’t easily be removed by anyone who doesn’t have the new key.
Read 9 remaining paragraphs | Comments