apple


On March 16, FortiGuard Labs captured a new Word file that spreads malware by executing malicious VBA (Visual Basic for Applications) code. The sample targeted both Apple Mac OS X and Microsoft Windows systems. We then analyzed the sample, and in this blog we are going to explain how it works, step by step. When the Word file is opened, it shows notifies victims to enable the Macro security option, which allows the malicious VBA code to be executed. Malicious Word File is Opened Figure 1. Asks victim to enable Macro security option Once... [Read More]
by RSS Xiaopeng Zhang & Chris Navarrete  |  Mar 22, 2017  |  Filed in: Security Research
Over the weekend, we encountered an interesting variation of a phishing email targeting Apple users. The email contained an alleged receipt for five movies purchased from the iTunes Store that was so detailed that the user who received it, and who knows better, still almost fell for the scam. Figure 1. Phishing Apple email Similar cases were reported in 2015 by users in the UK and Australia, except in those cases the fake receipt contained songs and books, respectively. Last year, similar emails targeting users in the US were also reported,... [Read More]
by RSS Lilia Elena Gonzalez Medina  |  Feb 23, 2017  |  Filed in: Security Research
FortiGuard researchers discovered a heap overflow vulnerability in Apple QuickTime that could lead to arbitrary code execution and severe system crashes on both Windows and OS X versions of the popular multimedia software. This vulnerability (CVE-2015-3668 isolated and identified by FortiGuard Labs) follows on the heels of CVE-2015-3667, (disclosed yesterday by Cisco and simultaneously discovered by FortiGuard Labs), leaves unpatched versions of Quicktime open to multiple exploits. Quicktime relies on special containers for movie data called... [Read More]
by RSS Aamir Lakhani  |  Jul 01, 2015  |  Filed in: Industry Trends & News
One of the most frightening lessons IT people quickly learn is that large complex systems—software, hardware and certainly operating systems—always do things that no one knew they could do (or expect them to do). That's because these systems are created by multiple teams and each team member only bothers to document most (and certainly not all) of what their own module can do. Also, programmers often create backdoors during development to facilitate and accelerate inevitable fixes and repairs. Most, but not all, remember to remove... [Read More]
by RSS Evan Schuman  |  Jun 15, 2015  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Nov 14, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Nov 07, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Oct 31, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Sep 19, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Sep 06, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Aug 23, 2014  |  Filed in: Industry Trends & News