Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
- Subject: Re: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
- From: Todd Heberlein <email@hidden>
- Date: Thu, 02 Jun 2011 09:08:19 -0700
These malware applications, by and large, look like any regular application. I don't think the antivirus software people (or Apple for that matter) will be able to develop an effective strategy to detect early versions of these malware apps, which is part of what spearphishing is about -- you get a relatively unique malware that bypasses all the AV systems.
My guess is that Apple will move to a default system configuration of:
(1) buying applications from their curated store
(2) running signed application
To run unsigned applications, you will need to go through hoops similar to enabling the root account on your Mac. Part of the the system's regular software update will include downloading certificate revocation lists to limit the damage of a stolen or abused certificates.
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden