[LINK] Spyware trojan hitching ride on third-party Mac screensavers

Stilgherrian stil at stilgherrian.com
Wed Jun 2 20:09:21 AEST 2010 

Gosh. I was just making the one specific observation that that socially-engineered attacks are now substantially more common than those targeting vulnerabilities. Anything else is trying to make too much of that little factoid, I reckon.

Stil


On 02/06/2010, at 7:40 PM, Kim Holburn wrote:
> 
> On 2010/Jun/02, at 5:50 PM, Stilgherrian wrote:
> 
>> On 02/06/2010, at 4:53 PM, Kim Holburn wrote:
>>> And they still have to get [Mac] users to install malware  
>>> themselves.  They
>>> are getting sneakier about it though.
>> 
>> This is now pretty much the case with Windows malware too. Most  
>> users have anti-virus software, and Vista and Windows 7 are more  
>> locked down that XP and its predecessors.
>> 
>> I was at Microsoft HQ in Redmond last week, speaking with a number  
>> of their security people. The figures they're seeing is that roughly  
>> 30% of infections are coming from drive-by downloads (things  
>> automatically installed via, say, rogue ActiveX controls embedded in  
>> a web page)
> 
> So they admit that 30% of infections are still are still from things  
> that shouldn't happen and which are directly the responsibility of  
> Redmond.  There is no way a browser should be allowing this sort of  
> activity.  After all this time, it's astonishing that it can still  
> happen at all.  It's still not right.
> 
>> and 70% are socially-engineered malware (i.e. requires user action  
>> to install).
> 
> What sort of user action?  Just clicking a button or having to enter  
> an admin password?
> 
> Wwhat is the percentage of zero-day exploits?  They don't appear to be  
> mentioned.
> 
> There is still the fact that there are many, many machines running  
> Windows unpatched, many pirated.  The decision to not allow pirated  
> windows machines to be patched means there is a huge base of  
> compromised machines, a situation itself which greatly increases the  
> danger for everyone else (who runs windows).
> 
> 
> -- 
> Kim Holburn
> IT Network & Security Consultant
> T: +61 2 61402408  M: +61 404072753
> mailto:kim at holburn.net  aim://kimholburn
> skype://kholburn - PGP Public Key on request
> 
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

More information about the Link mailing list