The many announcements at Apple's 2014 Worldwide Developers Conference (WWDC) this week was welcome news to the throngs of Apple developers and enthusiasts. It was also welcome news for another group of people with less than clean motives: cybercriminals. Last week we got a concrete example of how some cybercriminals are now actively targeting Apple ID accounts. A thread in the Apple support forums was filled with users complaining that their devices had been locked, with a message from a certain "Oleg Pliss" demanding $100 to unlock ...

Recently, it was announced that such well-known names in the tech industry such as Facebook, Twitter, Microsoft, and Apple had all been affected by a watering hole attack. Employees at all of these affected firms had visited a popular iOS developer forum, which was compromised to serve a then-unknown Java exploit to its users. Unsurprisingly, Java has received the brunt of the blame for this incident. One headline story from The Verge even called for Java to "go away". Similar thoughts ...

Reports are circulating that a fake installer for Mac OS has surfaced, proving that Mac OS is still fair game when it comes to web threats. Our friends from Dr. Web have uncovered a fake installer for Mac OS X. Detected as OSX_ARCHSMS.A, users may encounter this threat by downloading from websites peddling supposed legitimate software. Once installed, it shows an image that looks like an installation wizard window. The curious aspect of this threat is that OSX_ARCHSMS.A asks users for their ...

 With Apple pushing out both a standalone removal tool for users and a combined Java update/removal tool, it’s safe to say that the current outbreak of Flashback malware is well on its way to being addressed. However – such a widespread incident (affecting at least 1% of all Macs in use today) is likely to have long-term repercussions on the threat landscape for Apple Mac computers. Macs: Innocent No More Macs have not been as big a target for cybercriminals for one ...

In our previous blog, we focused on the emergence of hybridized malware, in which malware arrives already infected by a file infector. In effect, there are two different malware families that will run on the infected system. In this scenario, attackers are able to maximize system compromise by deploying two different payloads in one execution, leaving a user's machine open to a slew of infection. This tactic recently re-surfaced during our monitoring of Tibetan-leveraging malware campaigns. It came in the form ...