…a little more Mac news. Actually, one of the many interesting presentations at the Virus Bulletin conference this year was a fascinating presentation by Methusela Cebrian Ferrer, whose presentations on Apple security have become a regular feature of VB conferences in the past three years, and I’ve just submitted an article to Infosecurity Magazine’s blog on that and some other issues: I’ll flag it here when it’s published.
Methusela’s paper on Cyber attacks: how are Mac OS X and iOS users playing the role? should be publicly available in due course, and I’ll put up a pointer to that, too.
One of the other issues I discussed was a small but significant development flagged by F-Secure in the malware variant they detect as Trojan-Downloader:OSX/Flashback.B. This development does, as Brod suggests, seem to indicate that malware authors are expecting that AV researchers looking at Mac malware will start to make more use of virtualized environments.
Meanwhile, Sophos’ Chet Wisniewski has pointed to an interesting article on Protect your Macs: Security best practices by Joshua Kautzman. Well-deserved plug for Sophos, whose offering of free AV for Mac home users was something of a gamechanger for that market sector, but there are of course other good commercial-grade security programs for Mac out there.
And while it’s not really security news (although blackhats have used it as a hook for various kinds of attack) I can’t not mention the sad passing of Steve Jobs last week. There has been a great deal of commentary since, but my good friend Andrew Lee has expressed succinctly the feelings that many of us have experienced at this sad time.
David Harley CITP FBCS CISSP
Small Blue-Green World/AVIEN/Mac Virus