Tag - Malware
The latest version of the adware toolbar malware known as Genieo now has the ability to access the OS X Keychain without user knowledge, thanks to privileges gained during the initial install where the user willingly uses their admin password. Though the program itself does not use the technique to cause any malicious harm on its own, the trick will likely be copied and used by others to possibly compromise the security of the OS X password manager. The technique exploits no hack or flaw, but abuses existing privileges.
Users of controversial utility software MacKeeper who are not up-to-date on the latest version are vulnerable to a serious security flaw that can trick users into passing their admin passwords onto attackers, thus leaving the Mac vulnerable to a complete remote takeover. Though the problem has been fixed in version 3.4.1 of the much-maligned "cleanup" utility, the flaw is being actively exploited in the wild by attackers preying on users who have not updated.
Controversial software package MacKeeper -- long a sore spot with veteran users due to its aggressive and fear-based advertising, reputation for causing more problems than it might solve, and deliberate difficulty and obfuscation when users want to remove it -- has often been labelled junkware, extortionware, trickware, or even a form of malware in its own right, despite the company's protestations. A security researcher has now found, however, that the program contains a critical security flaw that leaves users vulnerable to attack.
Victims of one strain of "ransomware" may be able to get their data back. A collaboration between the Netherlands Police's National High Tech Crime Unit (NHTCU) and security company Kaspersky, a tool has been created that can be used to decrypt data encrypted by the CoinVault malware, potentially saving many users from paying a random or having to rebuild their data if backups failed.
Oracle's Java Update 8 Update 40 for OS X has an unexpected surprise for installers. The update instructions note that the company has "partnered with companies that offer various products" and will install the borderline-malware Ask.com toolbar into unsuspecting OS X users' systems.
Hackers have stolen more than $300 million from financial institutions around the world, according to a report from Kaspersky Lab provided to the New York Times. More than 100 banks in over 30 countries have allegedly been the victims of a malware-based attack, which began in 2013, though it appears the criminals behind it employed more sophisticated techniques than other malware intrusions, such as that of Target.
Millions of Android users are at risk from malicious apps offered for download on Google Play, an antivirus firm has revealed. A card game called Durak downloaded between 5 million and 10 million times, an IQ test, and a history app are all said by an Avast researcher to include malware which can trick users into paying for services or buying apps they do not need.
A new USB microcontroller -- roughly the size of a small thumb drive -- has been demonstrated as a proof-of-concept device that leverages a serious and unfixable vulnerability in USB easily take over and install malware on any unlocked computer. Though it requires physical access or tricking the user into inserting the controller into a USB port, the device has worrying implications for any computer left unattended for more than a minute -- the time it takes for the device to gain admin access, change network settings, install a backdoor and remove any obvious sign of intrusion.
Beginning in Russia and spreading quickly to other countries, a new variation on the formerly-dormant Red October malware has been detected by security firms such as Blue Coat and Kaspersky this week. The new version -- which is notably targeting smartphones of diplomats, military leaders and business executives -- contains a level of sophistication in the function and code that suggests a rogue state, which would have the resources to assemble the talent, is backing the attack.
In a statement, electronic payment gateway provider Charge Anywhere announced that it had discovered "malware that had not been previously detected by any anti-virus program" in their system. The discovery was made after an unnamed party requested the company investigate some unauthorized transactions that appeared to be made legitimately.
Now AAPL Stock: The symbol you provided ("AAPL") doesn't appear to be registered
Cirrus creates Lightning-headphone dev kit
Apple supplier Cirrus Logic has introduced a MFi-compliant new development kit for companies interested in using Cirrus' chips to create Lightning-based headphones, which -- regardless of whether rumors about Apple dropping the analog headphone jack in its iPhone this fall -- can offer advantages to music-loving iOS device users. The kit mentions some of the advantages of an all-digital headset or headphone connector, including higher-bitrate support, a more customizable experience, and support for power and data transfer into headphone hardware. Several companies already make Lightning headphones, and Apple has supported the concept since June 2014. http://bit.ly/29giiZj
Apple Store app offers Procreate Pocket
The Apple Store app for iPhone, which periodically rewards users with free app gifts, is now offering the iPhone "Pocket" version of drawing app Procreate for those who have the free Apple Store app until July 28. Users who have redeemed the offer by navigating to the "Stores" tab of the app and swiping past the "iPhone Upgrade Program" banner to the "Procreate" banner have noted that only the limited Pocket (iPhone) version of the app is available free, even if the Apple Store app is installed and the offer redeemed on an iPad. The Pocket version currently sells for $3 on the iOS App Store. [32.4MB]
Porsche adds CarPlay to 2017 Panamera
Porsche has added a fifth model of vehicle to its CarPlay-supported lineup, announcing that the 2017 Panamera -- which will arrive in the US in January -- will include Apple's infotainment technology, and be seen on a giant 12.3-inch touchscreen as part of an all-new Porsche Communication Management system. The luxury sedan starts at $99,900 for the 4S model, and scales up to the Panamera Turbo, which sells for $146,900. Other vehicles that currently support CarPlay include the 2016 911 and the 2017 models of Macan, 718 Boxster, and 718 Cayman. The company did not mention support for Google's corresponding Android Auto in its announcement. http://bit.ly/295ZQ94
Apple employees testing wheelchair features
New features included in the forthcoming watchOS 3 are being tested by Apple retail store employees, including a new activity-tracking feature that has been designed with wheelchair users in mind. The move is slightly unusual in that, while retail employees have previously been used to test pre-release versions of OS X and iOS, this marks the first time they've been included in the otherwise developer-only watchOS betas. The company is said to have gone to great lengths to modify the activity tracker for wheelchair users, including changing the "time to stand" notification to "time to roll" and including two wheelchair-centric workout apps. http://bit.ly/2955JDa
SanDisk reveals two 256GB microSDXC cards
SanDisk has introduced two 256GB microSDXC cards. Arriving in August for $150, the Ultra microSDXC UHS-I Premium Edition card offers transfer speeds of up to 95MB/s for reading data. The Extreme microSDXC UHS-I card can read at a fast 100MB/s and write at up to 90MB/s, and will be shipping sometime in the fourth quarter for $200. http://bit.ly/294Q1If
Apple's third-quarter results due July 26
Apple has advised it will be issuing its third-quarter results on July 26, with a conference call to answer investor and analyst queries about the earnings set to take place later that day. The stream of the call will go live at 2pm PT (5pm ET) via Apple's investor site, with the results themselves expected to be released roughly 30 minutes before the call commences. Apple's guidance for the quarter put revenue at between $41 billion and $43 billion. http://apple.co/1oi1Pbm
Twitter stickers slowly roll out to users
Twitter has introduced "stickers," allowing users to add extra graphical elements to their photos before uploading them to the micro-blogging service. A library of hundreds of accessories, props, and emoji will be available to use as stickers, which can be resized, rotated, and placed anywhere on the photograph. Images with stickers will also become searchable with viewers able to select a sticker to see how others use the same graphic in their own posts. Twitter advises stickers will be rolling out to users over the next few weeks, and will work on both the mobile apps and through the browser. http://bit.ly/29bbwUE