There is a significant security flaw in Java and it is being exploited fast and furiously by cyber criminals. Sophos’ Naked Security blog has a fantastic post on the vulnerability and especially its effect on Oracle users. Their solution: Disable Java immediately. Check out the post here.
And why is Java so problematic you ask? Graham Cluley states the following:
“In fact, it has become increasinglycommon to see malware authors exploiting vulnerabilities in Java – as it is so commonly installed, and has been frequently found to be lacking when it comes to security.
Cybercriminals also love Java because it is multi-platform – capable of running on computers regardless of whether they are running Windows, Mac OS X or Linux. As a result it’s not unusual for us to see malicious hackers use Java as an integral part of their attack before serving up an OS-specific payload.”
For easy reference, here’s how to disable Java on the most popular web browsers.
Are you worried about losing your internet connection on Monday, July 9th? Hundreds of thousands of computers are potentially facing an “internet blackout” because of the DNS Changer virus. Watch this great video by Sophos to find out exactly what is going on and how to avoid any internet connectivity issues.
This is a repost of a blog entry initially reported by Sophos’ Graham Cluley at the award-winning Naked Security blog. Sophos is a Platinum Partner of RJS Smart Security.
The folks at AlienVault discovered an interesting new Mac malware attack this week.
A backdoor Trojan horse, which would allow a remote hacker to access your Mac computer without your knowledge and potentially snoop on your files and activity, has been discovered hidden inside a boobytrapped Word document.
The targeted attack relies upon a critical security vulnerability discovered in Microsoft Word back in 2009, which allowed remote code execution (MS09-027).
In a nutshell, if you open the boobytrapped Word document, a Trojan horse gets dropped onto your Mac opening a backdoor for remote hackers. Furthermore, a decoy document called file.doc is also dumped onto your drive.
The nature of the decoy document, which claims to be about Human Rights abuses in Tibet by the Chinese, is sure to raise some eyebrows.
Inevitably there will be speculation that this attack is related to ‘Ghostnet’, the alleged campaign by China to spy via the internet on pro-Tibet organisations, including the Tibetan government-in-exile and the private office of the Dalai Lama.
If that’s the case, then it would seem that ‘Ghostnet’ is now targeting Mac users inside organisations sympathetic to Tibet and banned Chinese groups.
And don’t be fooled into thinking that you are protected by Mac OS X itself, which will ask for an administrator’s username and password to install software. You won’t see any prompt for credentials when this malware installs, as it is a userland Trojan.
Neither the /tmp/ nor /$HOME/Library/LaunchAgents folders on Mac OS X require root privileges – meaning that software applications can run in userland with no difficulties, and even open up network sockets to transfer data.
Sophos anti-virus products detect the malformed Word documents asTroj/DocOSXDr-A and the Mac backdoor Trojan horse as OSX/Bckdr-RLG. The servers that the malware attempts to communicate with have been categorised by Sophos as malware repositories since at least 2009.
Once again, Mac users need to remember to not be complacent about the security of their computers. Although there is much less malware for Mac than there is for Windows, that is going to be no compensation if you happen to be targeted by an attack like this.
If you’re not already doing so, run anti-virus software on your Macs. If you’re a home user, there really is no excuse at all as we offer a free anti-virus for Mac consumers.
Filed under: Uncategorized
Free Security Comic Book!
Learn about our "Lean Security" methodology in comic book form!
Unlike you, attackers are not limited by resources, budgets, laws or ethics. They can launch any number
of attacks from anytime or anywhere. This means you have to maintain a strategic balance between defense and response. Learn More
Always stay a move ahead of your opponent.
If you are constantly focused on reacting, you are not taking the time to learn and adjust your security
strategy based on your experiences. Your attackers are constantly evolving, so you must, too … just a little faster. Learn More
Make better use of what you already have.
Before you invest in yet another expensive security project, fine-tune the security products you have in place.
Are your defense systems fully-patched? Have you turned on all the necessary bells and whistles that came with your original product? Learn More
The right security strategy for right now.
The days of defining and executing a rigid multi-year security plan are over. Since attackers are incentivized
for rapid change, you must also adapt to the always-evolving threat landscape. An inflexible security plan will create holes
quicker than you can fill them. Learn More
Part of your team, not instead of your team.
Without a highly-skilled and experienced staff of security experts, it is extremely difficult to remain unscathed
from the many possible attacks waged against your organization each day. Thus, it is sometimes necessary to leverage the knowledge
of others. Learn More
A smart investment for smart growth.
Once your internal operations are working well and you are effectively using what you have, it's time to grow.
But before you purchase another layer of protection, first identify what really matters to your business and create goals you
can measure to see if your next project will indeed be a success. Learn More
About RJS Security
RJS Software provides information management solutions that allow businesses
to improve productivity, make better decisions and save money. Our software helps organizations
streamline data collection, digitize and manage documents, automate work processes and optimize