Mac


We aren’t talking about some potential future threat. Our FortiGuard Labs team just reported on a new ransomware variant targeting Mac devices. Which means it’s time to get serious about protecting these (Mac) devices. [Read More]
by RSS Aamir Lakhani  |  Jun 12, 2017  |  Filed in: Security Research
Just recently, we discovered a Ransomware-as-a-service (Raas) that uses a web portal hosted in TOR network which has become a trend nowadays. It is rather interesting to see cybercriminals attack a different operating system other than Windows. And this could be the first time to see Raas that target Mac OS. [Read More]
by RSS Rommel Joven and Wayne Chin Yick Low  |  Jun 09, 2017  |  Filed in: Security Research
In the blog we posted on March 22, FortiGuard Labs introduced a new Word Macro malware sample that targets both Apple Mac OS X and Microsoft Windows. After deeper investigation of this malware sample, we can confirm that after a successful infection the post-exploitation agent Meterpreter is run on the infected Mac OS X or Windows system. Meterpreter is part of the Metasploit framework. More information about Meterpreter can be found here. For this to work, the attacker’s server must be running Metasploit as the controller to control the... [Read More]
by RSS Chris Navarrete & Xiaopeng Zhang  |  Mar 29, 2017  |  Filed in: Security Research
On March 16, FortiGuard Labs captured a new Word file that spreads malware by executing malicious VBA (Visual Basic for Applications) code. The sample targeted both Apple Mac OS X and Microsoft Windows systems. We then analyzed the sample, and in this blog we are going to explain how it works, step by step. When the Word file is opened, it shows notifies victims to enable the Macro security option, which allows the malicious VBA code to be executed. Malicious Word File is Opened Figure 1. Asks victim to enable Macro security option Once... [Read More]
by RSS Xiaopeng Zhang & Chris Navarrete  |  Mar 22, 2017  |  Filed in: Security Research
One of the most frightening lessons IT people quickly learn is that large complex systems—software, hardware and certainly operating systems—always do things that no one knew they could do (or expect them to do). That's because these systems are created by multiple teams and each team member only bothers to document most (and certainly not all) of what their own module can do. Also, programmers often create backdoors during development to facilitate and accelerate inevitable fixes and repairs. Most, but not all, remember to remove... [Read More]
by RSS Evan Schuman  |  Jun 15, 2015  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  Nov 07, 2014  |  Filed in: Industry Trends
Organizations these days have their hands full with security and management challenges brought about by the Bring Your Own Device phenomenon. But why stop at devices? Good question. In fact, the same culture of innovation and self-reliance, spurred by BYOD, has increasingly translated to applications. And as such, users are pushing the trend to its limits by introducing their own applications into the workplace to meet their needs. The burgeoning Bring Your Own Application (BYOA) trend appears to be a natural and logical extension of BYOD--and... [Read More]
by RSS Stefanie Hoffman  |  Aug 31, 2012  |  Filed in: Industry Trends
Vulnerabilities and more vulnerabilities plagued the security landscape the week of April 30-May 5. Adobe patched a major Flash flaw, while security experts warned of gaping holes in PHP. Meanwhile, it appears that Intel is going to do something with its McAfee purchase after all. Here's a look at this week in security. Adobe Patches Critical Flaw: Adobe released a patch last week for a critical Flash vulnerability pivotal in targeted attacks that exploit a vulnerable version of Flash on Windows running the Internet Explorer Web browser. Altogether,... [Read More]
by RSS Stefanie Hoffman  |  May 08, 2012  |  Filed in: Industry Trends