“Dockster” trojan for the Mac goes into the wild, plays on the same Java vulnerability as “Flashback”

Posted by:
Date: Tuesday, December 4th, 2012, 08:57
Category: News, security, Software

Ok, this shouldn’t be happening again.

Per F-Secure, a new piece of malware that takes advantage of a well-documented Java vulnerability has been found on a website dedicated to the Dalai Lama, with the trojan able to install itself on an unwitting Mac user’s computer to capture keystrokes and other sensitive data.

Dubbed “Dockster,” the malware was first found by antivirus and security firm Intego to have been uploaded to the VirusTotal detection service on Nov. 30. At the time of its discovery, the remote address associated with trojan was not active, possibly indicating that the code’s creators were testing whether it would be detected, but as of this writing the malicious code is now “in the wild.”

Similar to the Flashback exploit from September 2011, Dockster leverages the same Java vulnerability to drop the backdoor onto a Mac, which then executes code to create an agent that feeds keylogs and other sensitive information to an off-site server.

In the case of Flashback, which was also discovered by Intego, a reported 600,000 Macs were affected before both Apple and Oracle released a Java patches to remove the malware and protect against future attacks.

Although the newly-found Dockster takes advantage of an already fixed weakness, users who haven’t yet updated their Macs or are running older software may still be at risk.

In which case, try to ensure that your friends and family with older, pre-OS X 10.6 software are up to date and be careful out there.

Apple releases third iOS 6.1 beta to developer community

Posted by:
Date: Tuesday, December 4th, 2012, 08:01
Category: iPad, iPhone, iPod, iPod Touch, News, Software

This could lead to some cool stuff.

Per AppleInsider, developers on Monday were provided with the third pre-release beta of iOS 6.1, Apple’s forthcoming software update for the iPhone, iPad and iPod touch.

The update is available through Software Update in the iOS Settings application. People familiar with the software said it is identified as build “10B5117b.” It arrives three weeks after the second beta was issued.

One person testing the software stated that users are now asked to enter security questions for iCloud once their device boots up. This feature was not in previous betas of iOS 6.1.

The iOS 6.1 beta is compatible with the fourth-, third- and second-generation iPad, iPad mini, iPhone 5, iPhone 4S, iPhone 4, iPhone 3GS, and the fifth- and fourth-generation iPod touch. Apple informed developers that the beta “contains bug fixes and improvements.”

Earlier betas of iOS 6.1 added the ability to purchase movie tickets through Fandango with Siri.

The first two betas of iOS 6.1 also featured an enhanced Map Kit framework that will allow developers to search for map-based addresses in points of interest. In one example provided to developers, users could search the term “coffee,” and the system would return the location of local coffee bars along with information about each one.

If you’ve managed to get your mitts on the new beta, please let us know what you make of it in the comments. Otherwise, stay tuned for additional details as they become available.

Dropbox updated to 1.6.3

Posted by:
Date: Tuesday, December 4th, 2012, 07:51
Category: News, Software

Hey, you can’t knock improvements on useful software.

Early Tuesday, Dropbox released version 1.6.3 of its cloud-based storage client for Mac OS X. The new version, a 23.1 megabyte download, which adds the following fixes and changes:

- Fixes rare issue with sync not working on 10.4.

- Other small fixes.

Dropbox 1.6.3 requires Mac OS X 10.4 or later to install and run.

If you’ve tried the new beta and have any feedback to offer, please let us know in the comments.