Security Alerts & News
by Tymoteusz A. Góral

History
#1329 Google hopes to sniff out OSX badware
Google's Macintosh Operations Team has quietly been working on a whitelisting application for OS X .

Code-named Santa, the software (currently described as pre-1.0) has an SQLite database holding a list of permitted and blocked applications; a userland daemon to check the database; a kernel extension to monitor for executions; as well as a GUI and an admin command line interface (CLI).

The Chocolate Factory has both individual and fleet users in mind, since Santa's designed to let a sysadmin centrally manage a single naughty-nice database.

To try and avoid an attacker substituting any of Santa's components, the three userland components (daemon, CLI and GUI) validate each other with XPC, checking that they're using identical signing certificates.
Read more
#1329 Google hopes to sniff out OSX badware
#1328 Unsecured DNSSEC easily weaponized, researchers warn
#1327 Locky targets hospitals In massive save of ransomware attacks
#1326 Millions of Steam game keys stolen after hacker breaches gaming site
#1325 "Smart" electrical socket leaks your email address, can launch DDoS attacks
#1324 Malware infected all Eddie Bauer stores in US, Canada
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12