apple


ToorCon 19 San Diego was held Monday August 28th to Sunday September 3rd, 2017 at The Westin San Diego. It included three parts. The first was training workshops focused on various aspects of computer security. These took place on Aug 28-31. The second was a Seminar held on Sep 1. The third part was the formal Conference that ran from Sep 1-3. I was honored to be able to present my research, Dig Deep into FlexiSpy for Android at ToorCon 19. FlexiSpy for Android is a spy app with full IM tracking, VoIP call recording, and live call interception.... [Read More]
by RSS Kai Lu  |  Sep 18, 2017  |  Filed in: Security Research
Bluetooth is one of the most widely deployed and used connectivity protocols in the world. Everything from electronic devices to smartphones uses it, as do a growing number of IoT devices. Now, a new Bluetooth exploit, known as BlueBorne, exploits a Bluetooth, making literally billions of devices potentially vulnerable to attack. BlueBorne is a hybrid Trojan-Worm malware that spreads thru the Bluetooth protocol. Because it includes worm-like properties, any infected system is also a potential carrier, and will actively search for vulnerable hosts.... [Read More]
by RSS Aamir Lakhani  |  Sep 14, 2017  |  Filed in: Security Research
In the blog we posted on March 22, FortiGuard Labs introduced a new Word Macro malware sample that targets both Apple Mac OS X and Microsoft Windows. After deeper investigation of this malware sample, we can confirm that after a successful infection the post-exploitation agent Meterpreter is run on the infected Mac OS X or Windows system. Meterpreter is part of the Metasploit framework. More information about Meterpreter can be found here. For this to work, the attacker’s server must be running Metasploit as the controller to control the... [Read More]
by RSS Chris Navarrete & Xiaopeng Zhang  |  Mar 29, 2017  |  Filed in: Security Research
On March 16, FortiGuard Labs captured a new Word file that spreads malware by executing malicious VBA (Visual Basic for Applications) code. The sample targeted both Apple Mac OS X and Microsoft Windows systems. We then analyzed the sample, and in this blog we are going to explain how it works, step by step. When the Word file is opened, it shows notifies victims to enable the Macro security option, which allows the malicious VBA code to be executed. Malicious Word File is Opened Figure 1. Asks victim to enable Macro security option Once... [Read More]
by RSS Xiaopeng Zhang & Chris Navarrete  |  Mar 22, 2017  |  Filed in: Security Research
Over the weekend, we encountered an interesting variation of a phishing email targeting Apple users. The email contained an alleged receipt for five movies purchased from the iTunes Store that was so detailed that the user who received it, and who knows better, still almost fell for the scam. Figure 1. Phishing Apple email Similar cases were reported in 2015 by users in the UK and Australia, except in those cases the fake receipt contained songs and books, respectively. Last year, similar emails targeting users in the US were also reported,... [Read More]
by RSS Lilia Elena Gonzalez Medina  |  Feb 23, 2017  |  Filed in: Security Research
FortiGuard researchers discovered a heap overflow vulnerability in Apple QuickTime that could lead to arbitrary code execution and severe system crashes on both Windows and OS X versions of the popular multimedia software. This vulnerability (CVE-2015-3668 isolated and identified by FortiGuard Labs) follows on the heels of CVE-2015-3667, (disclosed yesterday by Cisco and simultaneously discovered by FortiGuard Labs), leaves unpatched versions of Quicktime open to multiple exploits. Quicktime relies on special containers for movie data called... [Read More]
by RSS Aamir Lakhani  |  Jul 01, 2015  |  Filed in: Industry Trends
One of the most frightening lessons IT people quickly learn is that large complex systems—software, hardware and certainly operating systems—always do things that no one knew they could do (or expect them to do). That's because these systems are created by multiple teams and each team member only bothers to document most (and certainly not all) of what their own module can do. Also, programmers often create backdoors during development to facilitate and accelerate inevitable fixes and repairs. Most, but not all, remember to remove... [Read More]
by RSS Evan Schuman  |  Jun 15, 2015  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  Nov 14, 2014  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  Nov 07, 2014  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  Oct 31, 2014  |  Filed in: Industry Trends