SSCC 87 - Mac botnet, Global Payments, Flash Player updater, AES-NI and cloud encryption

by Chester Wisniewski on April 7, 2012 | 5 Comments

Filed Under: Adobe Flash, Apple, Botnet, Data loss, Featured, Malware, Podcast, Vulnerability

Sophos Security Chet Chat logoDavid Schwartzberg is this week's guest on the Chet Chat. David is a Senior Security Engineer for Sophos and one of our experts on cryptography.

Much of the news this week was dominated by the massive Mac botnet that has been plaguing OS X users. The malware exploited an unpatched vulnerability in Oracle Java that has claimed more than 600,000 victims.

As a percentage nearly as many Mac users are infected with this malware as Windows users were with Conficker.

We also discussed the recent credit card breach at payment processor Global Payments. David shared his thoughts on how the use of techniques like tokenization can help prevent these types of data leaks.

I also took a moment to praise Adobe for its recent launch of an automatic updater for Adobe Flash Player. David pointed out the automatic updates aren't right for every situation, but we agreed that frequently targeted applications would likely benefit from this approach.

In 2010 Intel introduced hardware encryption support (AES-NI) in some of their CPUs and David talked about the performance advantages of using AES-NI for all encryption related activities.

David also talked about some of the cool new ways we are enabling safe usage of the cloud for data storage in SafeGuard Enterprise 6.

(5 April 2012, duration 20:44 minutes, size 11.8 MBytes)

You can also download this podcast directly in MP3 format: Sophos Security Chet Chat 87, subscribe on iTunes or our RSS feed. You can see all of the Sophos Podcasts by visiting our archive.

Tags: , , , , , , , , , , , , , , , ,

5 Responses to SSCC 87 - Mac botnet, Global Payments, Flash Player updater, AES-NI and cloud encryption

  1. Steve says:
    April 8, 2012 at 12:01 am

    So is, or will the Sophos anti-virus be updated to remove the Flashback trojan?

    Reply Report comment
  2. Ted says:
    April 9, 2012 at 8:51 pm

    Could this java vul be used in a third party ad server where the Mac community hangs out, IE mac geek sites and be used in a hidden i-frame and install and pwn under the radar? If yes, and if they laid out the attack different, it looks like they could of pwned millions. Comments please.

    Reply Report comment
    • Chester Wisniewski says:
      April 9, 2012 at 9:17 pm

      Unfortunately, yes. Just like any other web vulnerability targeting Windows users the malicious code can be embedded/distributed through any method you can dream up.

      Reply Report comment
  3. Nigel says:
    April 10, 2012 at 8:21 pm

    Alas, the auto-updater for Flash is not all sweetness and light. The recent Flash Player update page was accompanied by a scareware pitch:
    http://www.zdnet.com/blog/bott/adobes-latest-crit...

    One wonders exactly how Adobe expects its already badly tarnished security record to benefit from such a shameful abuse of their users’ trust.

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski or send him an email at chesterw@sophos.com.