New Mac Backdoor Olyx Found Bundled With Windows Malware

Security researchers have discovered a new piece of malware that targets Mac OS X users and installs a remote-control backdoor on compromised machines. The malware, called Olyx, was discovered in a package that also contained some Windows malware and researchers say that the Mac backdoor is remarkably similar to the Gh0st RAT that was used in the infamous Ghostnet attacks in 2009.


Randy Vickers, the director of the United States Computer Emergency Readiness Team (US Cert) abruptly abandoned his post on Friday when he tendered his resignation immediately.The resignation came via an email penned by acting assistant secretary for cybersecurity and communications, Bobbie Stempfley, and obtained by InformationWeek. The authenticity of that email has since been confirmed by a US CERT spokesperson, speaking on conditions of anonymity, according to Information Week.

Web applications are attacked every two minutes and at some times can experience upwards to 25,000 attacks an hour according to a report published by security firm Imperva today.As part of its continuing Hacker Intelligence initiative, Imperva’s Application Defense Center (ADC) released their Web Application Attack Report after analyzing six months of web traffic and more than 10 million attacks from December 2010 to May 2011. The study also followed onion router (TOR) traffic.

Apple has released another new version of its iOS operating system for iPhones and other devices that fixes a security vulnerability in the way that the software handled SSL certificates and validated their authenticity. An attacker exploiting the bug might be able to intercept SSL traffic, Apple warned.

Scareware gangs have been using pretty much the same tactics since the dawn of time. Or at least since 2005. They compromise Web sites, use them as jumping off points for pop-up boxes that aim to terrify the citizenry into thinking their PCs are infected and downloading fake security software. But now, at least some of the crews are shifting their techniques to a much more subtle trick that waits for the victims to try to watch a video and then pounces.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.