VB Migration

Tag: apple

  • VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

    Few readers of this blog will believe that there aren’t any security issues with Apple ‘s macOS operating system, a point made rather unsubtly by yesterday’s discovery of a flaw that lets anyone log into a computer running macOS High Sierra – as the root user, no less. Those who have been following Patrick Wardle’s…

  • VB2017 paper: Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server

    Few readers of this blog will believe that there aren’t any security issues with Apple ‘s macOS operating system, a point made rather unsubtly by yesterday’s discovery of a flaw that lets anyone log into a computer running macOS High Sierra – as the root user, no less. Those who have been following Patrick Wardle’s…

  • By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

    A little over a month ago, Apple ‘s iPhone celebrated its tenth birthday. The iPhone has been one of the biggest commercial success stories ever, but it has also been a great success from a security point of view: malware targeting its iOS operating system remains extremely rare. iPhone is 10 years old today. After…

  • By removing VPNs from its Chinese App Store, Apple turns its biggest security asset against its users

    A little over a month ago, Apple ‘s iPhone celebrated its tenth birthday. The iPhone has been one of the biggest commercial success stories ever, but it has also been a great success from a security point of view: malware targeting its iOS operating system remains extremely rare. iPhone is 10 years old today. After…

  • Paper: Dylib hijacking on OS X

    Patrick Wardle shows how OS X is also vulnerable to once common Windows attacks. A few years ago, DLL hijacking on Windows was really hot, despite the fact that the concept had been discussed by none other than the NSA as far back as 1998. Many applications load dynamic link libraries (DLLs) without specifying a…

  • VB2014 paper: Apple without a shell – iOS under targeted attack

    Developer Enterprise Program recently found to be used by WireLurker. Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added ‘Apple without a shell – iOS under targeted attack’, by FireEye researchers Tao Wei, Min Zheng, Hui Xue and Dawn Song.…

  • WireLurker malware infects iOS devices through OS X

    Non-jailbroken devices infected via enterprise provisioning program. Researchers at Palo Alto Networks have published a research paper ( PDF ) analysing the ‘WireLurker’ malware that runs on Mac OS X , and which is then used to further infect iOS devices connected to an infected machine. WireLurker is found to have infected 467 apps on…

  • VB2014 preview: Apple without a shell – iOS under targeted attack

    FireEye researchers show a large attack vector for Apple’s mobile operating system. In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at some of the research that will be presented at the event. Today, we look at the paper ‘ Apple without a shell – iOS under targeted…

  • VB2013 speaker spotlight

    We speak to VB2013 presenters Lysa Myers and David Harley about their research interests and what they aim to bring to the conference. The VB2013 conference takes place this autumn (2-4 October) in Berlin, with an exciting programme that covers many of today’s most pertinent security-related topics. In the build-up to the event we will…

  • Security fixes from Apple and Microsoft

    100 security fixes in latest OS X update; three MS security updates in this month’s patch release. The latest release of Mac operating system OS X ( Mac OS X v10.6.5 ) contains over 100 security updates, including fixes for vulnerabilities in Apache , the Flash Player plug-in, Image Capture and MySQL . A range…