Weekly News Roundup
Happy Friday readers! There was certainly no shortage in security news this week, here are our picks for the top headlines:
Mac OS X Malware: “Mac OS X Pummeled By Yet Another Trojan” by Stefanie Hoffman (@FortiGuardLabs). This post from the Fortinet blog covers a huge topic from this past week’s headlines – Mac OS X Trojan “SabPub.” The recently-discovered Trojan has been attacking Mac users by creating a backdoor that it uses to run malicious commands on host machines. This is the second major Mac Trojan to make headlines in 2012, the first being the Flashback Trojan that has infected over 600,000 since September of last year. While Apple recently put out a tool for removing Flashback, the SabPub Trojan is still active as its cause and specific attack methods are still being researched.
SOURCE Boston 2012: “SOURCE Boston Security Conference and Training 2012 – Hacktivism, Duqu and Building Successful Security Programs” by Kurt Baumgartner (@k_sec). The Boston SOURCE Conference took place earlier this week, featuring security talks from a variety of industry thought leaders. This blog post from Securelist features Kurt Baumgartner’s personal highlights from the conference, including a presentation from Kaspersky Labs on findings from their latest Duqu research, talks about hacktivism and Anonymous, and a presentation from our own Shyama Rose on creating and implementing strategic security programs for organizations.
Android Malware: “Fake Instagram app infects Android devices with malware” by Graham Cluley (@gcluley). This post from Sophos’ Naked Security blog features Graham Cluley reporting on the recent spread of malware disguised as the Instagram application following the app’s breakout success. The malware creators are hosting the app on Russian websites and tricking users into downloading the malware to their mobile devices. This activity has become very common lately, particularly with Android applications. As always, the lesson here is to make sure that you know where your application is coming from before starting a download.
Software Vulnerabilities: “Apple, Oracle, Google Lead Major Vendors with Software Vulnerabilities in Q1, Security Report Says” by John P. Mello Jr. (@jpmello). This article takes a look at the findings of Trend Micro’s latest report, “Security in the Age of Mobility.” This report lists major software vendors and the number of vulnerabilities present in their operating systems and/or software released throughout January, February, and March of this year. Apple ranked as the company with the most reported vulnerabilities (91), and other notable vendors in the top 10 include Oracle (78), Google (73), Microsoft (43), IBM (42), Cisco (36), Mozilla (30), and Adobe (27). The article also takes a look at the number of vulnerability patches released by major technology firms as well as the amount of mobile malware that Trend detected for the period. Read the full article for links to Trend’s report.
Twitter Spam: “Huge Twitter spam campaign for fake antivirus discovered” by Emil Protalinski (@EmilProtalinski). A large-scale spam campaign has recently surfaced on Twitter, using hacked and fake accounts to spread thousands of tweets promoting malware disguised as antivirus software. The links typically lead users to .tk or .tw1.su hosted sites that trick them into downloading the malware with a message that reads, “Windows Antivirus 2012 has found critical process activity on your PC and will perform fast scan of system files!” The campaign is still spreading, so be careful to inspect links on Twitter before clicking and avoid clicking on anything that may seem questionable.
That’s it! Be sure to comment with any news pieces you feel that we missed.