DNS Changer 2.0e Trojan Horse

SecureMac Advisory

Posted: March 17th, 2009

Security Risk: Critical

Just after the DNSChanger 2.0d variant was identified, another new variant of the DNSChanger Trojan Horse, DNSChanger 2.0e, has been discovered in the wild. The trojan horse arrives in a disk image (some samples are called serial_Avid.Xpress.Pro.5.7.2.dmg), and is again disguised as an installer for “MacCinema,” just like the 2.0d variant. Once installed, the trojan horse behaves in a similar manner to past variants.

This variant is being distributed on websites offering “cracked” or pirated copies of software, and is initially disguised as a serial …

Security Alert: Trojan found in Pirated copies of Apple’s iWorks 09

Security Alert: A trojan is being distributed with pirated copies of Apple’s iWorks 09.

Pirated copies of iWorks 09 are being distributed with a trojan bundled in the installer package. Intego has released a warning recommending that users should not download iWorks 09 from pirate software sites.

The malicious software is installed in the startup items folders ( /System/Library/StartupItems/iWorkServices ) where it has full root privilege rights. Once installed the trojan connects to a remote server notifying it of the infected computers location on the net awaiting further instruction including the ability …

AppleScript.THT Trojan Horse – Mac OS X

New OS X Trojan Horse in the WildSecureMac Security Advisory

Security Risk: Critical

SecureMac has discovered multiple variants of a new Trojan horse in the wild that affects Mac OS X 10.4 and 10.5. The Trojan horse is currently being distributed from a hacker website, where discussion has taken place on distributing the Trojan horse through iChat and Limewire. The source code for the Trojan horse has been distributed, indicating an increased probability of future variants of the Trojan horse.

The Trojan horse runs hidden on the system, and allows a malicious user …

Intego Virus Barrier Virus Definition Bypass Exploit

Advisory Title: Intego VirusBarrier X4 definition bypass exploit
Release Date: 2006 November 8
Affected Products: Intego VirusBarrier X4
Severity: Moderate
Where: Local System
Author: Kevin Finisterre

Fix: Bug Fixed Starting with 2006/11/01 Vdef files
Exploit: pwntego.tar.gz

Kevin Finisterre, a security researcher with digitalmunition.com has discovered and demonstrated a flaw in Intego VirusBarrier X4, an antivirus program for Macintosh computers. The “pwntego” exploit show how systems running Intego VirusBarrier X4 can lose their protection. Kevin discovered that the program suffered from a flaw related to the number of alerts it can process simultaneously.

Kevin saw that if an attacker is …

Mac OS X URI Handler Security Issues & Exploits

Recently, Mac OS X has been known to be vulnerable to many new remote exploits.

Theses exploits are allowing to remotely execute code on your computer when you surf a webpage. Most of the people reading about theses vulnerabilities often missunderstand or apprehend the impact it can have, for a user.

While many people will use Paranoid Android, from Unsanity, and it does protects you well, many don’t even know about the vulnerability in the first place. Theses can lead to the total erasement of your personal data (by erasing /Users/you), to …

Mac OS X FileVault Review – Encrypting files and folders

Notes & Warnings
Ability

If FileVault is enabled on an account, access to that account’s Public folder and Sites folder will not be available to anyone else, regardless if the user is logged in or not. So, if that user wishes to serve a website out of the Sites folder in their home folder, activating FileVault is would not be a viable option for him or her.

Stability

There have been several reports of people losing data with FileVault and various related errata under Mac OS X v10.3.0, but the 10.3.1 update along with …

LittleSecrets – Encrypted Text Note Pad for Mac OS X

Information

LittleSecrets for Mac OS X gives the Macintosh users the ability to store notes in an encrypted format that can only be accessed with the password assigned to the file. Upon launching the encrypted file the user is instructed to enter the password, only upon proper authentication is access granted to the file.

Think of LittleSecret as a note management system that allows for you to sort and create new notes all manageable from the programs interface. The user is allowed to create folders and sub-folders to sort the information even …

Stealth Signal Service for Mac OS the undetectable software-based transmitter

Computer equipment is stolen every second around the world. What makes you believe your computer is any bit safer than the next guys. The concept of Stealth Signal is simple. When you use the Stealth Signal service your computer is being kept tabs on, so the next time someone steals your laptop of desktop computer they will help you locate it, read how…

How Stealth Signal Operates

A small undetectable program (Stealth Signal Transmitter) is installed in your computer. This program silently tries to send a signal to our Monitoring Network at …

Sudo for Mac OS X has been found vulnerable to buffer overflows

What is sudo?

Sudo (superuser do) is a piece of software that allows a system admin to give certain users/groups the ability to run commands as root or another user

Sudo is available with most all unix based operating systems including Mac OS X.

The Problem

On 4.23.2K1 FreeBSD, Inc. released a security advisory warning users that all version of sudo prior to version 1.6.3.7 contains a local command-line buffer overflow allowing a local user to potentially gain increased privileges on the local system.

Mac OS X 10.0.4 DOES included a fixed version of sudo …

StaticUsers.net – Eudora Client + Pro

Information

Euroda is a widely supported Email client for both Macs and PC’s. Pro Version supports multiple accounts and personalities.

Views

Eudora has grown a lot from user suggestions. They have a nice BETA SITE where you can beta test their PRO version.

Download Versions

Download new Beta Version of Eudora PRO
Download FREE Eudora Light Version or Purchase PRO Version

More Info

QUALCOMM can be reached by email, website or call them directly at 1 800 238 3672

Insecurity

This mail client has been pretty secure. There has been a little exploit known that will show a password for …