Yes it’s out there, a new virus for Mac, what do you do now?

Once upon a time there was only Microsoft, with up to 95% of the operating and application market share they were the target, the great beast, the company to topple.   The reason they were so successful is not the reason for the post, just to say that  it happened and it was.   After a couple of years there was a change, this saw other software suppliers make inroads into the market.

So enter the malicious code industry, the target was the Microsoft platform, and everyone was the target because you were using the product.    The reason that most of the viruses, Trojans and worms were written for Microsoft is because they were the biggest and for years this has been the standard.   There was no reason to write a decent virus or worm for the Mac when there was only 1% utilisation, and this is one of the fundemental reasons why it wasn’t done.

Business and people change.    Apple has made some serious inroads into the way businesses use the Mac.   With Apple gaining more and more market share and populatrity we are now seeing the proliferation of Mac viruses and we are starting to see them in the wild – running lose on the Internet.

This is a big change, lucky for Mac users the experience that has been gained from fighting the normal Internet malicious code that targeted Microsoft is helping the AV companies produce products for the Mac.

In addition,  there are is now malicious  code for android and IOS, for most web browsers and in some cases you can download an infected application direct from the android store.    With the increase in the use of mobile devices and mobile banking this targeting is going to get worse.   All of the things that we, the IT security community, advise Microsoft users to do is what all users need to do to protect their hand held devices, their tablets and their Macs.

Update regularly, be vigilant, backup regularly and get a good AV.

Most of all use common sense when surfing the Internet.

It is now more important for all operating system to be updated regularly.   What do you think?

Starbucks, free wifi and the bigger security picture!

Recently I had a holiday in Malaysia, the holiday was great but I realised that there is a severe problem with security and the attitude of people in regards to security when we were sitting down for coffee in Starbucks.

Like the rest of the world the Starbuck franchise in Malasia has free wifi, free in such a way that you do not even need to know a username or password to use it.   Now for most people this is great and don’t get me wrong I sometimes use it with a lot of restriction on myself because I know the dangers that can come from it.

While we were having coffee and I was thinking about the problems associated with this level of access these 2 characters walked in and sat down.   I was only taking limited notice of them, but my focused changed when they started to pull out some interesting equipment.   Apart from the laptops, high end HP systems, something that would set me back $4 or 5 K, they also added a couple of USB devices and started to run them up.

I ignored them for about 20 minutes as we were in a family discussion about what and where to eat (very important in our family for some reason) but I glanced over at the screen and all I saw was a graph that looked very similar to wire shark, not only that but it was also logging everything that was going through the WiFi.   I normally use wire shark to track rouge access points within client networks and what I was looking at was similar.

This bought this idea to me

One of the easiest ways for someone to steal all of your corporate information, personal information and client information is for you not to be thinking clearly in this type of environment.   Those two characters would have picked up any information that was transmitted to any website, share-point environment, mail server or CRM that was not SSL protected.   That information is in plain text.  Easy to track and even easier to use.

All information concerning Facebook, LinkedIn, even twitter would have been captured, that included the username and password to get onto the sites.   That information although may not seem important could be used very efficiently as a social engineering play to gain more information and create an in depth profile of you.

Yes free WiFi is great but if you do not have one that is locked down with a pass code then be very carefully with where you are going on your device.