jonegomes wrote:Actually yes linux is better than windows and I said I don’t get viruses because not a lot of people use Macs, Duh. I didn't say it wasn't possible. I just meant out of the year I have had Macs. I never got a virus and I DON’T have norton anti virus for Mac.
It is clear that the threats are growing for MacOS X because the platform is gaining interest in the area of malware writers and distributors.
A lot of people think they are safe by using MacOS X alone and up to a certain level it is true but they don’t see the whole picture. Most malware can only be executed on Windows platforms but we have to be alert.
I think it is a matter of time before we see the first real malware distributions targeting MacOS X users. If that happens, I expect a high level of infected machines because most MacOS X users don’t have any security software installed, yet.
The fact that there was no secure OS was again reiterated. This was proven by the presentation on “Runtime Kernel Patching on Mac OS X,” from which I gathered:
Runtime kernel patching has been around for almost 10 years and is a technique frequently used by various rootkits to subvert the kernels used in many modern OSs.
This technique does not require any type of kernel modules or extensions and will allow you to hide various things like processes, files, folders, and network connections by modifying the kernel’s memory directly. It will also allow you to place various backdoors in the kernel for privilege escalation
4. Apple QuickTime
Apple released versions 8.2 of iTunes and 7.6.2 of QuickTime this summer to address a series of vulnerabilities, mostly in QuickTime. The iTunes vulnerability was a stack overflow issue in parsing URLs that could lead to a DOS or arbitrary code execution. No fewer than ten QuickTime vulnerabilities have been identified in which viewing certain malicious content could crash the program or lead to arbitrary code execution. Most of these vulnerabilities affect both Windows and Mac versions.
About Packet Storm
Global Security Resource
Packet Storm offers an abundant resource of up-to-date and historical security tools, exploits, and advisories. We are a non-profit organization comprised of security professionals that are dedicated to providing the information necessary to secure networks on a global scale. We accomplish this goal by publishing new security information on a global network of websites.
On the Network Battlefield
The ancient Chinese millitary master Sun Tzu said: "I say: Know your enemy and know yourself; in a hundred battles, you will never be defeated. When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and of yourself, you are sure to be defeated in every battle." This maxim applies to the battlefield that is today's modern network, just as it has to all of the battlefields throughout humanity's long and strife ridden history.
Packet Storm provides network security professionals, researchers, and all other interested individuals with the ability to analyze and learn from the tools, processes and mindsets of their opponents, as well as offering the tools needed to build and test defenses against them.
Full Disclosure Charter
Full disclosure of security issues is the only effective way to both push the development of secure software and to ensure that issues are rapidly identified and resolved. To that end, Packet Storm is firmly committed to archiving and providing the most complete set of security tools and papers available to the technical community at large, irrespective of commercial, political, or any other bias.
Respecting the rights of legitimate researchers and national laws is paramount to providing a quality service, please review our copyright and privacy policies for more information.
Dedicated Project Staff
Packet Storm project staff is made up of a group of highly skilled and dedicated professionals, all direclty engaged in the technical computer and network security arenas. Their time is freely given with the aim of improving the overall state of security on the internet. They can be contacted at email:staff[at]packetstormsecurity.org.
Pretty much every Linux user thinks they're immune to viruses, but they're wrong. Just recently, malware was found hidden inside an innocuous-looking Gnome theme from a reputable site. Users who installed the theme also got several scripts installed as root that were designed to attack internet targets, but it could easily have been much worse.
You see, the problem with thinking that Linux is immune is that sooner or later, something like this happens
Users browsing this forum: tenfoot and 4 guests