Threat Intelligence

12/12/2018
12:45 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Mac Malware Cracks WatchGuards Top 10 List

Hundreds of sites also still support insecure versions of the SSL encryption protocol, the security vendor reports.

Mac users may have known in their hearts that this was coming: For the first time, Mac-based malware appeared on WatchGuard's Top 10 list of the most common types of malware for Q3 2018. 

The latest "Internet Security Report" report, which analyzed the 100,000 most visited websites on Alexa.com, also found that 6.8% of those sites still support insecure versions of the SSL encryption protocol.

On the Mac front, users can no longer assume that the operating system offers more effective security, says Corey Nachreiner, WatchGuard's CTO. The Mac malware — which came in sixth on the security vendor's list — is primarily delivered via email and tries to trick victims into installing fake cleaning software.

"Mac users that haven't installed a security suite on the endpoint need to do so," Nachreiner says. "The days where Mac users can go to airports, coffee shops, and use home networks without added protections like a firewall and IP reputation services are over."

Marc Laliberte, senior security analyst at WatchGuard, says while it's true Apple designs security into the MacOS, the market dynamics have shifted.

"Hackers look for where they can get the most ROI, and for several years it was with Windows machines," Laliberte says. "Over the last five years, Mac laptops have become very popular, which is why we believe there is a surge in Mac malware."

Websites Need to Upgrade to TLS
As for the sites that still support insecure versions of the SSL, it's time for them to consider upgrading to TLS, Nachreiner says.

In fact, for organizations that don't collect sensitive information, it may make more sense to run an insecure site because running the website with https:// gives users the impression that the site is secure when it's not, he adds.

"The last thing you want to do is give people a false sense of security," Nachreiner says. "We recommend that organizations running websites with sensitive information use TLS 1.2 or TLS 1.3."

The WatchGuard report found that 5,383 websites in the top 100,000 websites visited on Alexa.com still accept SSL 2.0 and SSL 3.0 encryption. SSL 3.0 has been outdated since 2015, while SSL 2.0 was deprecated in 2011. The report also found that 20.9% of the top 100,000 websites do not use encryption at all.

Related Content:

 

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Government Shutdown Brings Certificate Lapse Woes
Curtis Franklin Jr., Senior Editor at Dark Reading,  1/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6455
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c.
CVE-2019-6456
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a.
CVE-2019-6457
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.
CVE-2019-6458
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a.
CVE-2019-6459
PUBLISHED: 2019-01-16
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a.