Apple Fixes Flaws, Updates Java 6 for OS X

Apple pushed out a Java update for its Snow Leopard, Lion and Mountain Lion systems Wednesday, fixing vulnerabilities Oracle tackled in last week’s emergency CVE-2012-4681 patch. Both Java for Mac OS X 10.6 Update 10 and Java for OS X 2012-005 update the Java SE 6 plugin and, in what might be a...

New Mac Trojan Dropper Creates Backdoor, Survives Reboots

There’s a new Mac Trojan dropper that uses a silent installation process and it also has the ability to establish backdoor access to infected machines. Security researchers at Intego found samples of the OSX/Crisis malware on the Virus Total website, but it has not yet been found in the wild...

New Malware Found Exploiting Mac OS X Snow Leopard

Many Mac users recently have found themselves stumbling out of the darkness, shielding their eyes from the spotlight that attackers and malware writers are now shining on them. Malware having been a rarity on OS X, it’s taking some time to adjust, but while that’s happening the attackers are busy...

Mac OS X XProtect Detection

The remote Mac OS X host includes XProtect, an antivirus / anti- malware application from Apple included with recent releases of Snow Leopard 10.6 and later. It is used to scan files that have been downloaded from the Internet by browsers and other tools. Note that this plugin only gathers...

UFO: Alien Invasion v2.2.1 IRC Client Remote Code Execution Snow Leopard

Exploit for macOS platform in category remote exploits ============================================================================== UFO: Alien Invasion v2.2.1 IRC Client Remote Code Execution Snow Leopard ROP ==============================================================================...

UFO - Alien Invasion 2.2.1 IRC Client Remote Code Execution

!/usr/bin/python UFO: Alien Invasion v2.2.1 IRC Client Remote Code Execution - MacOSX OS X Snow Leopard: d1dn0t OS X Leopard: dookie Windows PoC: Jason Geffner http://www.exploit-db.com/exploits/14013 import sys, socket, struct WRITEABLE = 0x8fe66448 STRCPY=0x8fe2db10 shellcode =...

EvoCam Web Server OSX ROP Remote Exploit (Snow Leopard)

No description provided by source. !/usr/bin/python EvoCam Web Server OSX 3.6.6 and 3.6.7 import socket import struct SHELL = "\xdb\xd2\x29\xc9\xb1\x27\xbf\xb1\xd5\xb6\xd3\xd9\x74\x24" "\xf4\x5a\x83\xea\xfc\x31\x7a\x14\x03\x7a\xa5\x37\x43\xe2"...

EvoCam Web Server OSX ROP Remote Exploit (Snow Leopard)

Exploit for macOS platform in category remote exploits ======================================================= EvoCam Web Server OSX ROP Remote Exploit Snow Leopard ======================================================= !/usr/bin/python EvoCam Web Server OSX 3.6.6 and 3.6.7 import socket import...

Multiple Media Player HTTP DataHandler Overflow (iTunes, Quicktime, etc)

Exploit for unknown platform in category dos / poc ======================================================================== Multiple Media Player HTTP DataHandler Overflow iTunes, Quicktime, etc ======================================================================== ScaryMovie Exploit Study By:...

I Have Only One Security Prediction for 2010

Instead of the usual top ten lists that are all-too-common with predictions for the new year, I have just one: 2010 will be the year of desktop applications handling untrusted data in sandboxed processes, and it will be about time. Since the release of Windows XP SP2, there have been significantl...

Mac OS X Mega-Update Fixes 33 Security Defects

Apple today shipped another Mac OS X mega-update with fixes for at least 33 serious security problems affecting Mac OS X users. The update includes patches for third party components like Adobe’s Flash Player plug-in, Clam AV, MySQL and PHP. A separate update was released for Snow Leopard to fix...

Snow Leopard Ships With Vulnerable Flash Player

Apple’s new operating system comes with an outdated version of Flash Player that exposes Mac users to hacker attacks. The initial release of Mac OS X 1..6 Snow Leopard includes Flash Player 10.0.23.1, which is very much out of date. The fully patched version of Flash Player for Mac is version...

Snow Leopard AV Only Scans For Two Trojans

The built-in malware protection in Apple’s Snow Leopard upgrade appears to be nothing more than a XProtect.plist file containing five signatures for two of the most popular Mac OS X trojans — OSX.RSPlug and OSX.Iservice. Read the full story zdnet.com...

Snow Leopard Gets an Anti-Virus Scanner

Apple’s commercials may give the impression that Macs are virus-free but the company isn’t taking any chances with the newest Mac OS X refresh. Apple has quietly added a new Snow Leopard feature to scan software downloads for malware, a no-brainer move that coincides with a noticeable spike in...

Snow Leopard Gets an Anti-Virus Scanner

Apple’s commercials may give the impression that Macs are virus-free but the company isn’t taking any chances with the newest Mac OS X refresh. Apple has quietly added a new Snow Leopard feature to scan software downloads for malware, a no-brainer move that coincides with a noticeable spike in...

Snow Leopard security is all relative

Little, if anything, gets Mac users more exercised than a mention of their favorite machine’s security problems. Despite the fact that security experts believe Macs to be much easier to exploit than Windows machines, Mac users simply trot out the old saw about there not being any virus attacks on...