No. 1 Story
ACCC clears Optus to scrap HFC network and use NBN instead
The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read moreCheck that authentication dialog!
Stephen Withers
Wednesday, 11 February 2009 05:10
Page 2 of 2
This trick isn't merely of academic interest - Pesoli went down this track after discovering that the recent Iservice (iWork Service) malware calls on the authorisation mechanism.So what's Symantec's recommendation? Cynical readers may be surprised, but there's no mention of running security software and keeping it up to date.
Instead, "From now on, we advise that Mac OS X users don't rely simply on familiar icons or messages from the authentication dialog box, but take an extra little step in order to verify the execution path of the program that is asking for the password. Furthermore, if we are prompted for a password by any Apple/clean/trusted application when we're not really expecting it, checking for any suspicious running processes would certainly help."
Mac malware seems to be on the increase, but it seems to rely on social engineering rather than silently exploiting underlying vulnerabilities.
Pesoli has shown how easy it is for the bad guys to incorporate real authentication dialogs to trick the unwary into granting rights to malware, so his call for extra care seems well-founded.
Fortunately, authentication dialogs don't normally appear very often, so there's no excuse for not stopping and thinking before you click OK.
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
