Endpoint
10/5/2012
07:38 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

BlumAlerts.com Launches Anti-Phishing Software To Protect Macs From Harmful Websites

Also protects from pharming

SAN FRANCISCO, Oct. 5, 2012 /PRNewswire/ -- Macs may be widely immune to malware and viruses, but this does not mean a Mac user can't be duped.

Mac users can be phished. Phishing is when a person visits a website and believing it to be legit and enters personal information. The website is actually a fake and set up specifically to get the user's personal information like credit cards, Social Security number, bank account information and online account details.

"There's an opinion that Mac OS cannot be infected with any spyware or virus since the system always asks for administrator privileges. Well that's true. But phishing is just as big a threat and a Mac doesn't have any way of defending against that," said Max Bugaenko, chief technical officer for BlumAlerts.com.

"So we developed BlumAlerts for Mac OS. This lets a user know if they are about to visit a website that has been linked to phishing."

The software can be downloaded from BlumAlerts.com. The website also has instructions for how to remove the software if the user later decides it is not needed.

"It works with all Mac OS and all Mac browsers," Mr. Bugaenko said. "It's not going to stop a user from visiting a suspicious website, but it will open an alert bubble when the algorithm finds anything suspicious."

Phishing may come from typing in an URL incorrectly or an email. It is far more common in email. A phisher sends out emails telling recipients their account is about to be suspended, terminated or the company needs to verify information. An unsuspecting user opens the email and clicks through to a phishing website.

After entering personal information, the site then usually directs the user to the real website, but by then it's too late. Personal information has been compromised.

BlumAlerts.com offers a lifetime license with a purchase of the full program.

That guarantees the user's software will stay updated by Blum Alerts. The software can also be downloaded and tested for free.

For more information visit BlumAlerts.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.