Generic Ransomware Detection Comes to OS X

This is an interesting response by Patrick Wardle to the threat of KeRanger and other OS X ransomware instances.  I am thrilled to see some movement made in the direction strengthening detection and remediation of OS X issues.

https://threatpost.com/generic-ransomware-detection-comes-to-os-x/117534/

Fully Functional Ransomware Targeting OS X Users

This was completely expected, but yet I am sure there are still many users out there that believe the OS X platform is impervious to virus and malware attacks.  Mac users have only slid under the radar because of a smaller, and therefore, less lucrative target environment for cyber criminals.  Ransomware is not as much about volume.  It is about users willing to pay for decryption keys.  These attacks will only increase over time.  Be prepared.

http://www.tripwire.com/state-of-security/latest-security-news/fully-functional-ransomware-targeting-os-x-users/

Apple’s ‘Targeted’ Gatekeeper Bypass Patch Leaves OS X Users Exposed

This article explains a continuing problem with OS X Gatekeeper, a feature in Apple’s OS designed to protect against the loading of malicious and unsigned application code.  Apple is claiming that patches to this point have been “targeted” and that a more comprehensive patch is coming, but I interpret that as “we haven’t figured out how to solve the problem, so we are going to dabble around the edges until a real solution is available.”

https://threatpost.com/apples-targeted-gatekeeper-bypass-patch-leaves-os-x-users-exposed/115887/

Researchers Discover New ‘WireLurker’ Malware Affecting Macs and iOS Devices in China

This is yet another frightening attack vector making the rounds.  It is particularly scary because most Mac users consider themselves impervious to virus and malware infection and rarely employ A/V solutions on their devices.  iOS users are also less diligent when it comes to monitoring their devices for suspicious software.  I am curious how vulnerable the Apple App Store commonly accessed in the US is to this attack.

http://www.macrumors.com/2014/11/05/wirelurker-malware-affecting-macs-ios-devices/