New adware trojan targets OS X users

TUAW

Adware attacks against OS X are on the rise this year, says a report by anti-virus company Doctor Web. The Russian firm recently discovered another threat, Trojan.Yontoo.1, which has quickly become the most prominent adware trojan attacking Apple desktops and laptops.

The trojan worms its way onto your computer through websites that require you to install a plugin to view the content of the site. The most common vector are movie trailer websites that prompt you to install an HD Video player or similar plugin. Instead of a media plugin, unsuspecting users will download the trojan.

Never install a plugin that a web page is asking you to install. If there is an update to something like flash or Java, go to Adobe or Oracle and download from there.

Vulnerabilities Continue to Weigh Down Samsung Android Phones

Threat Post:

Via Daring Fireball

Independent Italian researcher Roberto Paleari discussed several bugs he recently found in Samsung Android phones in a post on his blog yesterday. Paleari claims that after taking some time to sit down with some of his devices, he found six exploitable bugs on older devices such as the Galaxy Tab and the newer Galaxy S3.

Don’t worry, I’m sure an update will be released soon.

Paleari writes that Samsung did contact him on Feb. 20 and requested he delay public disclosure, insisting that “any patches [Samsung] develops must first be approved by the network carriers.”

Never mind.

Nearly 35% Of Android Apps In China Secretly Steal User Data

TechCrunch

Earlier this week, the Data Center of China Internet (DCCI) released a report (h/t Tech In Asia) that showed nearly 35 percent of the Android apps it surveyed were secretly stealing user data unrelated to the app’s functionality. The DCCI, a research institute, looked at 1,400 apps downloaded from different app markets and found that 66.9 percent were tracking users’ private data, with 34.5 percent collecting information that had no connection to the app’s usage.

Really secure.

Mac malware that infected Facebook bypassed OS X Gatekeeper protection

Ars Technica

Pintsized.A is a new family of Mac malware that uses an exploit to bypass Gatekeeper, an OS X protection that allows end users to tightly control which sources are permitted to install apps, according to an article published Monday by The Security Ledger. Mac antivirus provider Integosays the trojan masquerades on infected machines as Linux printing software known as cupsd, although it runs from a different location than the legitimate title. It’s unclear exactly how the malware gets around Gatekeeper.

Maybe we should run some kind of anti-virus as an extra precaution. Of course, the biggest security hole is the human using the computer so…

Android Accounted For 79% Of All Mobile Malware In 2012, 96% In Q4 Alone, Says F-Secure

TechCrunch

According to a report out today from security specialists F-Secure, Android accounted for 79% of all malware in 2012, up from 66.7% in 2011 and just 11.25% in 2010. On the other side of the spectrum, Apple’s iOS, the world’s second-most popular platform for smartphones in terms of new purchases, remains one of the least compromised, with 0.7% of malware on its platform.

Galaxy S III bug bypasses lockscreen, allowing access to all personal data

The Verge

The lockscreen on your phone may not be doing a good job of keeping intruders out. A new bug has been found on the Galaxy S III that can let users bypass the lockscreen and access all phone functions, and we’ve just confirmed its efficacy on a Sprint version of the device running Android 4.1.1.

I’m sure there will be a quick update…yeah right.

Japanese Government Warns Against Google’s App Store

Fast Company

The Information Technology Promotion Agency has alertedJapan’s Android smartphone and tablet users to avoid a malicious app called “sexy porn model wallpaper,” and to avoid using Google’s official Android app store Play altogether.

受賞 (WINNING, or so says Google Translate)

In The Security World, Android Is The New Windows

ReadWrite VIA LoopInsight

“There’s so much malware on Android, you’d think it would be a huge deal,” Cobb said. And the growth of is “huge,” he added, “both in the number of malware exploits and their increasing sophistication. The rate of growth in Android malware is impressive, and scary.”

WINNING.

 

New Java vulnerability is being exploited in the wild

TNW

FireEye offered the following details in regards to the latest Java failure:

Not like other popular Java vulnerabilities in which security manager can be disabled easily, this vulnerability leads to arbitrary memory read and write in JVM process. After triggering the vulnerability, exploit is looking for the memory which holds JVM internal data structure like if security manager is enabled or not, and then overwrites the chunk of memory as zero.

Upon successful exploitation, it will download a McRAT executable from same server hosting the JAR file and then execute it.

Just Another Vulnerability Announced.

Security updates available for Adobe Flash Player

 

Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash (SWF) content. The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target Flash Player in Firefox.

Adobe recommends users apply the updates for their product installations.