Malware Isn’t Just For Windows Anymore – Fruitfly Is Hitting Macs Hard

This year’s cyber threat epidemic started with Windows, then spread over to Linux and third-party apps, and now is here for Macs. While the latest malware Fruitfly is targeting Mac computers, its malware library is also capable of running on Linux systems. 

Though it was recently found conducting surveillance attacks, it’s possible Fruitfly has been infecting Mac systems for over two years. It appears that the base code of Fruitfly is over a decade old, which begs the question: how can decade-old malware start breaching systems now? Haven’t our systems been updated over the last ten years?

It seems the Fruitfly developers have reused old code and modified it to give this malware extra power and capabilities. This cross-platform malware uses old APIs, but if there are any changes in the API, it will break the legitimate program to maintain reverse compatibility as long as possible. Fruitfly may have escaped detection for a long time because it appears that its creators have intentionally limited how many computers it targets. And since Mac systems don’t usually face as many threats as Windows, many administrators have been more lenient with patching their Macs, leaving them vulnerable to attacks such as Fruitfly.

You can identify Fruitfly infections by detecting suspicious network traffic. A file integrity monitor or log analyzer can help you identify an attack on your network, but a breach could be avoided altogether by keeping your systems up-to-date. Since most enterprises comprise different operating systems, it isn’t advisable to employ a separate patching tool for Windows, Mac, and Linux. The smarter alternative would be for an enterprise to employ a multi-platform patch management solution that helps update every computer from a single console. However, there are only a few solutions on the market that even support third-party patching, and even less that provide complete control over all enterprise devices, including mobile devices

These last few months have already given security professionals a lot to cover, and since cyber attacks are evolving at rapid rate, its high time enterprises maintain endpoint security by keeping their systems up-to-date. The best way to do this is to employ a patch management solution to stay safe from future ransomware and malware. One such solution is ManageEngine’s Desktop Central.

Desktop Central is integrated desktop and mobile device management software. This multi-platform solution helps automate your overall patch management process, and also has some other enhanced features to help secure your networkDownload ManageEngine Desktop Central Now and keep your Windows, Mac, Linux and all your third party applications completely safe and up-to-date. 

Follow me (@Hoorge) on Twitter and join Tech Konnect on Facebook and Twitter (@TechKonnect) to stay current on technology related matters.

Please like & share:

MDOP Group Policy Templates v2.7 Now Available

New Group Policy Templates, version 2.7 (.admx and .adml) for Microsoft Desktop Optimization Pack (MDOP) are now available from Microsoft to manage policies across the enterprise for the following MDOP technologies:

App-V 5.0
App-V 5.0 SP1
App-V 5.0 SP2
App-V 5.0 SP3
App-V 5.1
MBAM 1.0
MBAM 1.0 R1
MBAM 2.0
MBAM 2.0 SP1
MBAM 2.5
MBAM 2.5 SP1
UE-V 1.0
UE-V 1.0 SP1
UE-V 2.0
UE-V 2.1
UE-V 2.1 SP1

The download is available from the Official Microsoft Download Center.

Follow me (@Hoorge) on Twitter and join Tech Konnect on Facebook and Twitter (@TechKonnect) to stay current on technology related matters.

Please like & share:

Microsoft Security Updates Guide (Portal)

For the last 20 years, Microsoft has provided security bulletins as individual web pages which were available from the Microsoft Security Bulletin website, and January 10, 2017 was the last time this was made available. Going forward starting in February 2017, the new Security Update Guide portal will provide the security information via a dashboard. Knowledge Base (KB) number, CVE number, vulnerability, Windows version, or date of release can be searched on the online Security Update Guide (SUG) database.

According the the blogpost by the MSRC Team, using the new portal, you can:

  • Sort and filter security vulnerability and update content, for example, by CVE, KB number, product, or release date.
  • Filter out products that don’t apply to you, and drill down to more detailed security update information for products that do.
  • Leverage a new RESTful API to obtain Microsoft security update information. This eliminates the need for you to employ outdated methods like screen-scraping of security bulletin web pages to assemble working databases of necessary and actionable information.

If you have any feedback, you can send them to: portalfback@microsoft.com.

Follow me (@Hoorge) on Twitter and join Tech Konnect on Facebook and Twitter (@TechKonnect) to stay current on technology related matters.

Please like & share: