• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans


  • Subject: Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
  • From: Todd Heberlein <email@hidden>
  • Date: Thu, 02 Jun 2011 09:08:19 -0700

These malware applications, by and large, look like any regular application. I don't think the antivirus software people (or Apple for that matter) will be able to develop an effective strategy to detect early versions of these malware apps, which is part of what spearphishing is about -- you get a relatively unique malware that bypasses all the AV systems.

My guess is that Apple will move to a default system configuration of:
    (1) buying applications from their curated store
    (2) running signed application

To run unsigned applications, you will need to go through hoops similar to enabling the root account on your Mac. Part of the the system's regular software update will include downloading certificate revocation lists to limit the damage of a stolen or abused certificates.

Todd

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

  • Follow-Ups:
    • Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
      • From: Joel Esler <email@hidden>
References: 
 >[Fed-Talk] Another Head up: Spearphishing with Mac trojans (From: "Disiena, Ridley J. (GRC-VO00)[DB Consulting Group, Inc.]" <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
  • Next by Date: Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
  • Previous by thread: Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
  • Next by thread: Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
  • Index(es):
    • Date
    • Thread