informa
Announcements
Event
Emerging Cybersecurity Technologies: What You Need to Know - A Dark Reading March 23 Virtual Event | <GET YOUR PASS>
Report
Black Hat USA 2022 Attendee Report | Supply Chain & Cloud Security Risks Are Top of Mind | <READ IT NOW>
PreviousNext
Vulnerabilities/Threats
2 MIN READ
Commentary

Schwartz On Security: Slouching Toward Smartphone, Apple Armageddon

Every new year brings fresh warnings that the next smartphone botnet or Apple "I Love You" virus is imminent, while real attacks keep escalating.
Mathew J. Schwartz
Contributor
January 26, 2011
Ditto for Apple OS X attacks. Industry watchers -- and security vendors -- have been predicting the imminent demise of Mac's "security by obscurity" status. But as with smartphones, Apple Armageddon isn't imminent.

Case in point: In November 2010, Sophos reported that by far the largest amount of malware trawled by its free Mac antivirus software was Windows sludge. While Sophos saw a few Mac-oriented exploits, and some cross-platform attacks written in Java, it found no clear and present danger.

At some future point, smartphones and Apple OS X will likely "feel the love" from attackers. But organizations face more immediate risks. For example, despite last year's focus on Adobe patching its products against zero-day attacks, Landesman says companies were much more likely to be exploited by Java than a malicious PDF.

"In 2010, Java exploits were three-and-a-half times more prevalent than malicious PDFs, and the reason for that was simple: Everyone was focused on PDFs and taking precautions, whether that meant keeping security up to date, or Adobe issuing more security updates," Landesman says. "But users weren't focused at all on Java, which is more ubiquitous than Adobe Reader and Acrobat, and apparently this was not being patched or policed as well, and consequently it was the threat frontrunner for the year." As always, criminals prefer the easiest path to an exploit.

So, with the security of every mobile device operating system receiving intense scrutiny, and Mac watchers waiting for the day an Apple Rustock arrives, it's important to keep an eye on today's top threats, including Java.

Of course, Java also runs on mobile devices. Accordingly, will we see a large-scale Java smartphone attack? Wait for the 2012 predictions.

SEE ALSO:

Schwartz On Security: First, Know You've Been Breached

Schwartz On Security: Don't Get Hacked For the Holidays

Schwartz On Security: WikiLeaks Highlights Cost Of Security

Schwartz On Security: China's Internet Hijacking Misread

Schwartz On Security: Click 'Dislike' For Facebook Safety

Schwartz On Security: Reaching The M&A Tipping Point

Schwartz On Security: Remove Dangerous Sites From Internet

Schwartz On Security: Zombie Internet 'Kill Switch'

Schwartz On Security: Can Apple Minimalism Stop Botnets?

Vulnerabilities/ThreatsRiskMobile
More Insights
White Papers
More White Papers
Webinars
More Webinars
Reports
More Reports
Editors' Choice
Microsoft Outlook Vulnerability Could Be 2023's 'It' Bug
Nathan Eddy, Contributing Writer, Dark Reading
Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears
Robert Lemos, Contributing Writer, Dark Reading
Microsoft Zero-Day Bugs Allow Security Feature Bypass
Jai Vijayan, Contributing Writer, Dark Reading
How Patch Tuesday Keeps the Beat After 20 Years
Andrada Fiscutean, Contributing Writer, Dark Reading
Webinars
More Webinars
Reports
More Reports
White Papers
More White Papers
Events
More Events
More Insights
White Papers
More White Papers
Webinars
More Webinars
Reports
More Reports