Kaspersky Lab states Flashback infections drop to under 30,000, warn of potential exploits en route

Posted by:
Date: Thursday, April 19th, 2012, 10:30
Category: News, security, Software

This too shall pass.

Per the cool cats at Ars Technica, Flashback infections have plummeted since Apple released a tool to stop the Trojan, but a security firm has cautioned that more malware could be on the horizon.

Researchers from Kaspersky Lab held a press conference Thursday morning in which they revealed that the number of machines infected by Flashback has dropped to just 30,000. That’s significantly down from the 600,000 Macs it was estimated to have infected at its peak, as well as the 140,000 Macs estimated to have been infected on Tuesday of this week.

Presence of the Trojan has been limited as Apple released a Java update to rid machines of Flashback. And for those that don’t have Java installed and could be harboring a dormant version of the malware, Apple also issued a separate removal tool.

But researchers at Kaspersky believe Flashback could just be the beginning. They believe that hackers will continue to target the Mac, as Apple has gained significant market share in recent years and continues to outgrow the rest of the PC market.

“Market share brings attacker motivation,” Kaspersky officials said. “Expect more drive-by downloads, more Mac OS X mass-malware. Expect cross-platform exploit kits with Mac-specific exploits.”

The Flashback Trojan was first discovered by another security firm, Intego, last September. The software attempts to trick users into installing it by appearing as Adobe’s Flash Player installer package.

Earlier this week, another Mac Trojan was discovered that takes advantage of an exploit in Microsoft Word to spread. Dubbed “LuckyCat,” it uses a Java exploit to infect a targeted machine, allowing a remote user to analyze and even steal data from the system.

Stay tuned for additional details as they become available.

Apple offering MobileMe users free Snow Leopard update to upgrade users to Lion

Posted by:
Date: Thursday, April 19th, 2012, 07:20
Category: iCloud, News

Offer them what they want and you might get a few new customers.

Per Macgasm, Apple is apparently sweetening the deal for MobileMe subscribers who still haven’t made the move to Mac OS X 10.6/10.7 and iCloud. As the last elements of MobileMe terminate on June 30 this year, the company is offering one of the upgrades free for the taking.

“Get your Mac ready for iCloud,” the MobileMe web page reads. “To take advantage of the great features of iCloud, your Mac must have OS X Lion installed. If you are running OS X Leopard, you will need to install Snow Leopard first and then purchase Lion from the Mac App Store.”

To ease in this transition, Apple is giving away free DVDs of Snow Leopard (a US$29 value) to MobileMe subscribers who log into their accounts and fill out the form found here. “After you have installed Snow Leopard on your Mac, run Software Update from the Apple menu to get the latest version of Snow Leopard 10.6.8,” step one of then process explains.

From here, users can pay US$29.99 for Mac OS X Lion from the Mac App Store, move their MobileMe account to iCloud and be done with it.

It generally doesn’t hurt to upgrade, so you might want to look into it, especially if there’s a freebie on the table.

Mac OS X Mountain Lion developer preview 3 notes hint at changes to come with Safari web browser

Posted by:
Date: Thursday, April 19th, 2012, 06:55
Category: News, Software

safarilogo.jpg

Following the release of OS X Mountain Lion Developer Preview 3, Apple has seeded Safari 5.2 Update 3 that carries a few new features and bug fixes.

Per AppleInsider, among the usual bug fixes, Safari 5.2 Update 3 comes with a new scalable vector graphics filter, redesigned Web Inspector and HTML5 media controllers. Also included are CSS filters, Web Audio API and HTML5 timed tracks.

From the release notes:

SVG Filters:
Using SVG Filters, you can combine several filter primitive elements and light source elements into a single sophisticated filter, which can then be applied to any SVG element.

HTML Assets:
- An HTML5 media controller can synchronize or otherwise coordinate the playback of multiple HTML5 media elements. For instance, you could use a media controller to overlay a sign language interpretation track over a video track, and keep the two in sync.

- A media controller has the same methods and events as an HTML media element. This means that, for example, when you call the pause() method on a controller, any
media that is slaved to that controller will be paused. Or, when a controller receives a canplaythrough event, all media slaved to that controller can be played through to the end without buffering.

- HTML5 timed text tracks enable captions, subtitles, descriptions, and chapters by letting you specify the timing of text that appears with an HTML5 video element.

CSS Filters:
- CSS filters let you apply pixel effects to any image or web page element with a single line of code. Available filter functions include sepia, hue-rotate, saturate, invert, opacity, brightness, contrast, blur, grayscale, and drop-shadow. Filters can be combined, and changes to the filter property can be animated with CSS transitions or animations.

Web Inspector:
- The Web Inspector has a streamlined new design that speeds up common development tasks. It features a new all new iconography, a navigation bar that lets you easily switch between different web page elements, a persistent JavaScript console, integrated timelines, and more. Additionally, JavaScript debugging is now enabled by default, and the page source view now opens in the Web Inspector automatically.

Web Audio API:
- The Web Audio API is a high-level JavaScript API for processing and synthesizing audio in web applications. While the HTML5 audio element allows for basic streaming and audio playback, the Web Audio API is powerful enough for more complex audio applications that require mixing, processing, or filtering audio data, such as a modern game audio engine or an interactive audio production application.

Stay tuned for additional details as they become available.