Apple Hit By Hackers Who Targeted Facebook 148
snydeq writes "Apple was recently attacked by hackers who infected the Macintosh computers of some employees, the company said on Tuesday in an unprecedented disclosure that described the widest known cyber attacks against Apple-made computers to date, Reuters reports. 'The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch attacks against Facebook, which the social network disclosed on Friday. ... A person briefed on the investigation into the attacks said that hundreds of companies, including defense contractors, had been infected with the same malicious software, or malware. The attacks mark the highest-profile cyber attacks to date on businesses running Mac computers.'"
Re:That's Impossible! (Score:1, Insightful)
Introducing the new Viri virus scanner, for only $30 it will prevent all infections and coo to you while it does it!
Scan different
Re:Hackers reported that the malware "just worked. (Score:4, Insightful)
Security starts and ends with the user. If someone gets a virus, it is most likely that they do not care, are not paying attention, or are clicking on stupid links that go to stupid things that are not related to their work duties.
Corporations have yet to learn that training is required (less than 30 minutes to show someone the tricks to look out for), and an actual damage assessment and punishment system in relationship to breaches.
Sure IT may get an increase in calls at the start, but it is worth it in the long run.
You can sense the glee in the writeups... (Score:2, Insightful)
This is such a delicious day for the tech "press" because despite their constant barrage of warnings to the contrary, Apple viruses have been pretty much non-existent. Sure, OS X has had some vulnerabilities, but they were generally in various Unix packages and daemons, and those same problems generally affected Linux and BSDs and Solaris and so forth.
Anyway, my question: who the hell uses Java as a browser plugin anyway? On my rigs, it is disabled and has been for years. It's still installed (unlike Flash) because some desktop software needs it, but in the browser? Fuck that.
Re:That's Impossible! (Score:1, Insightful)
>Java
>secure
Choose one
Re:That's Impossible! (Score:5, Insightful)
Funny, if it's Windows that gets hit, the first thing said around here is that the OS should be secure enough to prevent such attacks.
And, unless the attack affects one user account only... They are right. That goes for Windows, MacOS, Linux, *BSD, and INSERT_ANY_OTHER_FSCKING_OS_HERE
Re:That's Impossible! (Score:2, Insightful)
Let's be honest here. Apple doesn't dislike Flash and Java because of security. They dislike them because people can use them to play games and use apps without Apple getting their 30% cut.
Re:Hackers reported that the malware "just worked. (Score:5, Insightful)
But...they were using Apples. Everyone knows that the Apple OSs can't be hacked. So it is perfectly OK to click on any link that strikes ones fancy. Isn't it?
You do realise that this was a bug in Oracle Java don't you? That's a cross platform vulnerability, the Mal/JavaJar-B trojan for example also affected Windows, Linux and Unix systems.
Re:That's Impossible! (Score:2, Insightful)
And, unless the attack affects one user account only...
If the goal is to penetrate a company's systems, one user account is all you need. From there you can get the credentials to get to the juicy stuff.
Multiuser OSes essentially only protect the system files. Guess what? Hackers don't care about your system files. They want your user data.
Re:Here's what Apple said on their website (Score:4, Insightful)
And Apple responds quickly to online threats and automatically delivers security updates directly to your Mac.
I'm sure you're trying to make a point with this post but the thing is that quote is accurate. Especially the last sentence. You see, Apple identified the security issue (third party Java plug ins) and have already released an update that deals with the problem. They didn't wait weeks (or months...) - they responded to the online threat quickly.
So, while I can guess what point you were trying to make with your post, I must say I don't think you quite succeeded...
Re:Hackers reported that the malware "just worked. (Score:2, Insightful)
Re:That's Impossible! (Score:2, Insightful)
On OS X, I can purchase/download a game from a third party maker, and be off and running.
For now.
Give it a few more releases (assuming Apple still thinks they're on top of the world then). They'll make it harder and harder to do just that, until finally you're jailbreaking your laptop to install programs. And you'll just treat that as standard operating procedure.