Whitelisting Services Leave Macs Open to Malware and Viruses... No, Really!

Back in the day it was assumed that Mac computers were impenetrable to any virus or malicious code because there were few known instances where the systems were penetrated on a large scale (insert sarcastic meme here). However, we now know the real reason Macs were initially less susceptible to viruses and malware is because Mac had such a small percentage of the market share it simply wasn't financially beneficial to create worms and bugs to infect these systems. My how times have changed...



In the latest evolution of Mac malware susceptibility, today (June 12, 2018), researchers at cybersecurity firm Okta have made public their research supporting the findings that some malicious code has, in essence fooled security scanners, and instead been cleared by Apple as safe. The result: Anyone with the technical know-how can take malicious code and make it appear to be approved by Apple, essentially using security scanners to greenlight the bad code as safe.


This flaw was found in whitelisting services provided by major internet-based companies such as Yelp, Google and Facebook, and by cybersecurity companies such as Carbon Black, F-Secure, Chronicle, Objective-See and Objective Development. According to Okta, the scanning tools didn't catch malicious files with fudged credentials, which is being attributed to software developers not understanding Apple's guidance for running a whitelisting service on Macs.


Check out the full story over at CNET. While you're at it, take a look at other recent malware and viruses your Mac may have been infected with, compiled by the UK's Macworld.


#Cyber #Cybersecurity #Mac #Apple #Malware #Virus #KnowYourRysk #ReduceYourRysk

SUBSCRIBE TO OUR NEWSLETTER TODAY:

CALL US

Direct: (866) 797 5699

EMAIL US
OPENING HOURS

 24 Hours a Day / 7 Days a Week

OVER 30 YEARS OF EXPERIENCE...

...working with both private corporations and government agencies in the areas of cyber security, networking/infrastructure and systems and networks administration.

OUR SERVICES:

- Penetration Testing

- Remote Monitoring

- Security Engineering

- Security Integration

- Vulnerability Management

- Regulatory Compliance

- Incident Response

  • Facebook Social Icon
  • Twitter Social Icon
  • LinkedIn Social Icon

#KnowYourRysk

#ReduceYourRysk

© 2018 by The Rysk Group