The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

Triple-Track Conference - 15th & 16th October


Capture the Flag - 15th & 16th October

HackWEEKDAY - 15th & 16th October

CommSec Village - 15th & 16th October


New OS X malware uses Flashback Java vulnerabilities

Apparently the Java exploits used in the Flashback Trojan is catching on and researchers are starting to see malware that appear to be making use of the same route of attack. 

Researchers at Intego have stumbled across a new Trojan called Tibet.A, which downloads a Java applet when a victim first visits a malicious web page and attempts to install a backdoor on the target system. Targeting both OS X and Windows machines, the malware will determine the platform being attacked and will send the appropriate binaries across. As with the Flashback malware, the vulnerability only requires access to the user's account and no password is required to run or install; provided users are using older versions of Java and have Java enabled in their browsers.