Security Alerts & News
by Tymoteusz A. Góral

History
#1088 New OSX/Keydnap malware is hungry for credentials
ESET analyzes multiple samples targeting OS X every day. Those samples are usually potentially unwanted applications that inject advertisements into browser displays while the victim is browsing the web.

For the last few weeks, we have been investigating an interesting case where the purpose of the malware is to steal the content of the keychain and maintain a permanent backdoor. This article will describe the components of this threat and what we know about it so far.

It is still not clear how victims are initially exposed to OSX/Keydnap. It could be through attachments in spam messages, downloads from untrusted websites or something else.

What we know is that a downloader component is distributed in a .zip file. The archive file contains a Mach-O executable file with an extension that looks benign, such as .txt or .jpg. However, the file extension actually contains a space character at the end, which means double-clicking the file in Finder will launch it in Terminal and not Preview or TextEdit.
Read more
#1093 DLink WiFi camera flaw extends to 120 products
#1092 10 million Android phones infected by all-powerful auto-rooting apps
#1091 CryptXXX ransomware updates ransom note, payment site
#1090 Android KeyStore encryption scheme broken, researchers say
#1089 Symantec: Latest Intelligence for June 2016
#1088 New OSX/Keydnap malware is hungry for credentials
#1087 After hiatus, in-the-wild Mac backdoors are suddenly back
#1086 European Union’s first cybersecurity law gets green light
#1085 Criminals winning 'cyber arms race' - UK National Crime Agency
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12