SSCC 87 - Mac botnet, Global Payments, Flash Player updater, AES-NI and cloud encryption

Filed Under: Adobe Flash, Apple, Botnet, Data loss, Featured, Malware, Podcast, Vulnerability

Sophos Security Chet Chat logoDavid Schwartzberg is this week's guest on the Chet Chat. David is a Senior Security Engineer for Sophos and one of our experts on cryptography.

Much of the news this week was dominated by the massive Mac botnet that has been plaguing OS X users. The malware exploited an unpatched vulnerability in Oracle Java that has claimed more than 600,000 victims.

As a percentage nearly as many Mac users are infected with this malware as Windows users were with Conficker.

We also discussed the recent credit card breach at payment processor Global Payments. David shared his thoughts on how the use of techniques like tokenization can help prevent these types of data leaks.

I also took a moment to praise Adobe for its recent launch of an automatic updater for Adobe Flash Player. David pointed out the automatic updates aren't right for every situation, but we agreed that frequently targeted applications would likely benefit from this approach.

In 2010 Intel introduced hardware encryption support (AES-NI) in some of their CPUs and David talked about the performance advantages of using AES-NI for all encryption related activities.

David also talked about some of the cool new ways we are enabling safe usage of the cloud for data storage in SafeGuard Enterprise 6.

(5 April 2012, duration 20:44 minutes, size 11.8 MBytes)

You can also download this podcast directly in MP3 format: Sophos Security Chet Chat 87, subscribe on iTunes or our RSS feed. You can see all of the Sophos Podcasts by visiting our archive.

, , , , , , , , , , , , , , , ,

You might like

5 Responses to SSCC 87 - Mac botnet, Global Payments, Flash Player updater, AES-NI and cloud encryption

  1. Steve · 1278 days ago

    So is, or will the Sophos anti-virus be updated to remove the Flashback trojan?

    • Chester Wisniewski · 1278 days ago

      Yes, all versions of Sophos Anti-Virus detect and remove the Trojan.

  2. Ted · 1276 days ago

    Could this java vul be used in a third party ad server where the Mac community hangs out, IE mac geek sites and be used in a hidden i-frame and install and pwn under the radar? If yes, and if they laid out the attack different, it looks like they could of pwned millions. Comments please.

    • Chester Wisniewski · 1276 days ago

      Unfortunately, yes. Just like any other web vulnerability targeting Windows users the malicious code can be embedded/distributed through any method you can dream up.

  3. Nigel · 1275 days ago

    Alas, the auto-updater for Flash is not all sweetness and light. The recent Flash Player update page was accompanied by a scareware pitch:

    One wonders exactly how Adobe expects its already badly tarnished security record to benefit from such a shameful abuse of their users’ trust.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on as Chester, Chester Wisniewski on Google Plus or send him an email at