Famous Apple security expert Charlie Miller is preparing to announce 20+ new Zero Day security holes in Mac OS X at CanSecWest.  Charlie says “OS X has a large attack surface consisting of open source components, closed source third-party components and closed source Apple components; bugs in any of these types of components can lead to remote compromise.”   He further explains “Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town.”  As I have been saying for years, Apple users are currently safer only because hackers see a larger ROI (return on investment) attacking Microsoft Windows based machines.

I have been noticing Apple Mac users more frequently requesting and installing third party anti-virus protection software than in previous years.   More key players in the anti-virus industry are releasing their flagship security products for the Mac OS.   When the Mac OS becomes a key target to hackers the damage caused will be quite significant due to most Apple users not installing third party security software solutions and the general mindset that the Mac OS is secure from hackers and exploits.

Tags: apple, Exploits, hack, hacker, zero day

Author: Christopher

Three publicly available DNS exploits are available that exploit the recent DNS vulnerabilities brought to light by Dan Kaminsky.  These exploits have been downloaded over 15,000 times, although we have no idea how many of these downloads are being used maliciously.

Multiple major ISP still have not patched and remain vulnerable.   Even if your organization patches for this vulnerability, you business may still be at risk if your upstream provider has not.  If you have not checked your exposure from your organization and your service provide, I highly suggest you doing this now.

Tags: DNS Cache Poisoning, Exploits, In the wild, Vulnerablities

Author: Christopher