Signup Now
In order to make a post or to start a new thread and or to interact with other
members of this board, you will need to create an account first.
  • Amused
  • Angry
  • Annoyed
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Kemetic
  • Depressed
  • Drunk
  • Embarrased
  • Enraged
  • Friendly
  • Geeky
  • Godly
  • Happy
  • Hateful
  • Dedicated
  • Peace Out
  • Curious
  • Sankofa
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • Wtf
  • Afrikantic
  • Da Bomb
  • Questioning
  • Vengeful
  • Loud
  • Ma'atic
  • Led Astray
  • Revolutionary
  • Uneasy
  • Black Love
  • Obibini
  • Dancing
  • Abibitumi Kasa
  • Abibifahodie
  • Hard-working
  • RBG
  • Great!
  • Precise
  • Shocked
  • Protective
  • Persistent
  • Inquisitive
  • Disciplined
  • 2 Fangaz
  • Cautious
  • Oreo
  • Eternal
  • Hoodwinked
  • Well-read
  • Troll
  • Brilliant
  • Genius
  • Pretty
  • Impressive
  • Monumental
  • Flirtatious
  • Explosive
  • Cheeky
  • Cute
  • Sarcastic
  • Joyful
  • Uhuru
  • Jammin'
  • Ecstatic!
  • Peaceful
  • RBG Love
  • Outspoken
  • Womanly
  • On Point
  • B-day
  • Tropical
  • Resist
  • Partying
  • Protest
  • Persevering
  • Hot
  • Confused
  • Scholarly
  • Shocking
  • white
  • Playful
  • Kuumba
  • Queenly
  • Bright
  • Kwanzaa
  • Ujima
  • Umoja
  • Stranded
  • Loving
  • Violent
  • Nguzo Saba
  • Timeless
  • Beautiful
  • Joking
  • Full of BS
  • Outraged
  • Sassy
  • Bamboozled
  • Afrikan
  • Defensive
  • Social
  • Jovial
  • Intelligent
  • Nia
  • Beautiful 2
  • Appreciative
  • Warrior
  • Nerdy
  • Relaxed
  • Surprised
  • Jagunjagun
  • Reborn
  • Unsure
  • Lonely
  • Mad
  • Nubian
  • Humorous
  • Flirtatious 2
  • On Point 2
  • On Lock
  • 5 Stars
  • Amandla
  • Committed
  • Historical
  • Feminine
  • Cleansing
  • Asafo
  • Celebrative
  • Fighter
  • Kidding
  • Handsome
  • Funny
  • Optimistic
  • Furious
  • Paranoid
  • Khepera
  • Outta Here
  • Oppressed
  • Miseducated
  • Rebel
  • Strong
  • Gossipy
  • Dangerous
  • On fire
  • Serious
  • Divine
  • Queenly 2
  • Sleepy
  • Imani
  • Ujamaa
  • Exotic
  • Celebrative 2
  • Courageous
  • Kujichagulia
  • Confident
  • Informative
  • Visionary
  • Courageous 2
  • Helpful
  • User Tag List

    + Reply to Thread
    Results 1 to 2 of 2
    1. #1
      abibifahodie Kuo (Admin)
      .
       
      I am:
      Afrikan
       
      Ajamu's Avatar
      Join Date
      Jun 2008
      Age
      50
      Posts
      1,240
      Contribute If you enjoy reading the
      content here, click the below
      image to support our site.

      Rep Power
      15


      Did you find this post helpful? Yes | No

      Default New Trojan Variant Can Install Without Password

      New Trojan Variant Can Install Without Password | PCWorld

      A new variant of the Flashback Trojan that appeared last year can install itself on a Mac without need for an administrator's password.



      By Dan Moren, Macworld Apr 2, 2012 4:13 pm


      Flashback, a Mac Trojan horse thatís been in the public eye since it was uncovered by security firm Intego last year, has a new trick up its sleeve: It can now infect your computer from little more than a visit to a website.

      Originally, Flashback masqueraded as an installer for Adobeís Flash Playeróhence the nameóbut the malware has changed tacks at last once since then, instead pretending to be a Mac software update or a Java updater.

      The latest variant, discovered by security researchers at F-Secure and dubbed OSX/Flashback.K, takes advantage of a weakness in Java SE6. That vulnerability, identified as CVE-2012-0507, allows the malware to install itself from a malicious website the user visits, without needing the user to enter an administratorís password.

      No fix is currently available for this vulnerability on the Mac, although the hole was patched in Java for Windows back in February. Unfortunately, Apple has long been criticized for lagging behind Windows when it comes to updating Java for security patches. However, given that Apple rolls out updates every few months, it seems likely that the company will distribute a patch in the not too distant future.

      Until then, F-Secure suggests users deactivate Java on their Macs. The company has also given instructions for checking if your system is currently infected by the Flashback Trojan.

      Itís also worth noting that the Java vulnerability has recently been included in the popular BlackHole exploit kit used by many attackers.

      While thereís no need for widespread panic, the fact that this latest version of the malware can install itself without the userís password is enough of a reason for concern that some precautions are necessary. Disabling Java is a good step, but the first line of defense is, as always, to be cognizant of the websites you visit and use common sense.

    2. #2
      abibifahodie Kuo (Admin)
      .
       
      I am:
      Afrikan
       
      Ajamu's Avatar
      Join Date
      Jun 2008
      Age
      50
      Posts
      1,240
      Contribute If you enjoy reading the
      content here, click the below
      image to support our site.

      Rep Power
      15


      Did you find this post helpful? Yes | No

      Default Re: New Trojan Variant Can Install Without Password

      Apple Patches Java Flaw Exploited by Flashback Trojan



      By Fahmida Y. Rashid


      Mac users with Java installed should act quickly to install the latest version of Java from Apple. The security flaw is already being exploited by the Flashback Trojan in drive-by download attacks.

      Apple updated Java to version 6 update 31 for OS X 10.6 (Snow Leopard) and 10.7 (Lion) on Apr. 3. The update addressed 12 vulnerabilities in Java, which could be exploited by malicious Websites to run code using the privileges of the current user, Apple said in its security notice. Oracle fixed the same security flaw for Java for Windows, Linux, and Unix back in February.

      The new Mac malware, a variant of the Flashback Trojan, did not require user interaction to infect computers. Malicious Websites exploited a specific Java vulnerability (CVE-2012-0507) that allowed Flashback.K to download itself on to Macs without user awareness in a drive-by download attack. Once installed, the malware displayed a dialog window to ask the user for the administrative password, according to an analysis by researchers at F-Secure. Even if users didn't enter the password, it was too late, as the malware was already resident on the computer.

      The Flashback.K is "one of the first cases of drive-by exploitation we have seen for OS X," Chester Wisniewski, a senior security advisor at Sophos, wrote on the Naked Security blog.

      Russian security firm Dr. Web (Google Translate) claimed over 550,000 Macs have been infected with this version of Flashback. Mikko Hypponen, chief scientist of F-Secure, said on Twitter that F-Secure was unable to confirm or deny the number at this time.

      Once on the computer, Flashback.K injects itself into the Safari Web browser and modifies the contents of certain Web pages to trick users. There are reports that exploits for the Java vulnerability has been recently added to the Blackhole exploit kit, which means it has become even easier for criminals to launch malicious Websites that can take advantage of the flaw.

      "It appears that the Flashback gang is keeping up with the latest in exploit kit development," F-Secure said.

      Even though Lion does not ship with Java by default on new installations, many Mac users installed it manually, often because a Website required the platform. When they got to those sites, they were prompted to download and install Java, and may have forgotten since then that they have it on their Macs.

      Apple has long maintained its platform was safe from malware. In the past year, malware developers have started developing attacks specifically for the Mac OS X. Just last week, AlienVault warned of malicious Microsoft Office for Mac files that appeared to be targeting non-governmental organisations in Tibet.

     

     
    + Reply to Thread

    Thread Information

    Users Browsing this Thread

    There are currently 1 users browsing this thread. (0 members and 1 guests)

    Similar Threads

    1. Install SSL on cPanel with One IP Address
      By Obadele Kambon in forum Math and Science (STEM)
      Replies: 0
      Last Post: 04-09-2012, 10:00 AM
    2. New Flashback Trojan variant found for OS X
      By Ajamu in forum Math and Science (STEM)
      Replies: 0
      Last Post: 02-24-2012, 02:29 PM
    3. WIN 7: How to Reset Your Forgotten Windows Password the Easy Way
      By Ajamu in forum Math and Science (STEM)
      Replies: 0
      Last Post: 11-03-2011, 04:52 PM
    4. What mental software do you need to download, install, or re-install?
      By KhepraEvolutionary in forum Math and Science (STEM)
      Replies: 0
      Last Post: 10-13-2008, 11:18 PM

    Visitors found this page by searching for:

    Nobody landed on this page from a search engine, yet!

    Tags for this Thread

    Posting Permissions

    • You may post new threads
    • You may post replies
    • You may not post attachments
    • You may not edit your posts
    •